Not just telcos, THOUSANDS of companies share data with US spies The slides leaked by NSA whistleblower Edward Snowden named nine companies that allegedly share data with US intelligence agencies, but according to a new report, the actual number of firms that collaborate with US spies may be much larger. Try thousands of them. Citing anonymous sources, Bloomberg reports that information …
Truly shocking and frightening revelations these days... While many people (conspiracy theorists they were called; who's laughing now) suspected this, it's still hard to grasp that this really takes place, and has been for years.
And on the other hand you've got governments telling big players something about the difference of moral and legal when it comes to paying taxes. Hypocrisy all the way, and the entire electorate is being treated like a bunch of fools. Democracy turned upside down.
This is normal industrial espionage practices used by all large countries. That is what we pay our taxes for. If the spooks stuck to that I would have gladly given each of them a medal and a bonus.
The spooks leverage what they get to get the country economy ahead and the industry replies in kind. The relationship firmly sits on technological, economical, etc grounds and there is nothing new to it. Every company above a certain size has been engaged in it since the days of Roman Empire. Nothing new here, move along. There is little illegal to it as it does not violate every single privacy law under the sun.
This is markedly different from offering your customers data and traffic to spooks to mine on fishing expeditions as well as the dubious transatlantic rub-your-rub-mine relationship.
In traditional espionage you had your country defending you against external foes.
The only people surveyed suspects.
You did not have your country investigating your every move.
Now we're all suspects, we're all surveyed.
And the worst part, most of our data is not in our country -- it is in a foreign country -- the USA, a country whose courts tell businesses they cannot ask for search warrants when the security services ask for the private files of non-US residents, even when those requests are not for individual accounts.
And the data we provide in crash reports -- that data ends up back at the NSA to be used as clues into how to spy on Canadian, UK, ... governments, residents and companies.
Democracies and their economies are usually quite stable, because the rules reflect an open consensus and such a consensus rarely changes overnight. Somehow the US decided to change the rules and set up a big bureaucracy doing their job in secrecy. I don't think this is stable. Even if the US citizens decide that they are happy with the situation, it might badly damage their IT industry. How can people trust American companies now? Where do you see the future for Apple, Google, and Microsoft in the Chinese market, or even in Europe?
I for one am tempted to drop my Google phone because I don't feel comfortable with that information black-hole.
Assuming you live in the USA, if you leave the country then the USA won't need a search warrant to access the contents of any messages or data they can get their hands on there.
Hotmail, gmail, amazon and IBM clouds, iCloud, you name it.
And they won't need a warrant to try to break into your foreign computer.
I think you have to start assuming that all networking and communications kit made in the USA is compromised - servers, routers, operating systems, the whole lot - if you are using anything made in the US, even AV software on your PC at home, then the chances are that it has got a back-door built into it for the NSA. Of course, the various manufacturers will protest that "their" gear is not compromised but this incident simply reinforces that point that they are legally required to lie about the NSA access features that they may have built into the devices and software.
The Americans were protesting a while back that the Chinese should not be allowed to own US technology companies because of the "back-doors" that might we built into the gear - perhaps the NSA were more afraid that the Chinese would discover the backdoors that the NSA had already built into the kit?
Writing this, it all sounds like tin-hat paranoia but sadly this just illustrates the corrosive damage that secrecy does to any civilized society.
Democracies and their economies are usually quite stable, because the rules reflect an open consensus and such a consensus rarely changes overnight. Somehow the US decided to change the rules and set up a big bureaucracy doing their job in secrecy
Yup, "democracy" has become more of a marketing word in the US, like "freedom". When what happens in government doesn't reflect the laws or the wishes of the majority, you're no longer talking about a true democracy. They even tried to kill that idea in Switzerland by blackmailing that government into laws that had to be kept hidden from the population to gain approval - which, eventually (and fortunately) were stopped.
Every time a lawmaker comes to using words like "emergency" and the eternal lie "temporary" you KNOW they are trying to get you to agree to something that cannot handle close scrutiny. They are flags that there is more to the proposal than you see. Every time a lawmaker is trying to hide something from those who elected them without a decent time span in which that information will become visible, you know they have something to hide. A truly democratic government does no try to extricate itself from scrutiny unless they have something to hide.
Keep asking questions - now more than ever.
> the eternal lie "temporary"
The Romans had the right idea about temporary powers.
In times of crisis, they would choose a dictator. Said dictator had *absolute* power, including life or death.
The position lasted 6 months, after which the dictator would be tried for everything he had done.
Vic.
"I for one am tempted to drop my Google phone because I don't feel comfortable with that information black-hole."
Did you now know that Google vacuums as much data from you as possible, before buying that phone?
If you knew, then you apparently don't mind.
Then, you probably agreed to their license and usage terms.....
Democracies and their economies are usually quite stable... the US decided to...set up a big bureaucracy...
Actually, if history is anything to go by, democracies and their associated freedoms are somewhat less stable than you make out while bureaucracies tend to be more enduring (please don't shoot the messenger). This makes democracies things that require constant care and participation in order to remain healthy and to grow. Bureaucracies, on the other hand, can only be beneficial when subjected to constant scrutiny and an occasional pruning.
This post has been deleted by its author
"Fortunately for me. Not so for my child."
I chose not to have kids, and this was one of the reasons (the other one being 7bn is enough for this planet, surely?).
Also, if I have to go 'rogue' and become a terrorist freedom fighter then they won't be able to hold my kids to ransom
Guantanmo Bay, extraordinary renditions, renouncing the few Geneva Contentions they'd signed, lethal drone strikes ordered on the basis of metadata -- to be maintaining the status quo those would all have to be decades old practices.
This isn't about maintaining the status quo, unless the starting point whose status quo your maintaining was East Germany or Stalinist USSR.
Trust has to be earned. There is not an institution, organisation or commercial enterprise anywhere in existance on this planet that has earned my complete trust. In my lifetime a handful of people have earned my trust, a couple of them betrayed that trust.
When one loves someone and one believes that that person loves you back, yet they can fuck you over in a heartbeat, how the fuck can anyone with emotion and intelligence trust a faceless entity?
Some do consider me paranoid, I just shrug my shoulders and expect to be dead before society evolves into something where I need to take arms to protect my loved ones.... Fortunately for me. Not so for my child.
I had one of my fellow engineers tell me I was paranoid on the Microsoft security situation, only to find out I wasn't nearly paranoid enough after finding out they disclose the internally found security vulnerabilities to the NSA, and then leave them open for a while for intelligence gathering to occur. I hate it when reality proves the tinfoil hat types correct...
I've been asked to study for the last two years how to allow free & democratic communication in oppressive regimes. After looking at the way the massive and focused data-grab us been organized, my initial paper of hundreds of clever ways to communicate has been archived. I can't find any communication system that I trust with private information. Well, there's the vague possibility that a weekend in Germany, where there's still a remnant of some Data Privacy, could allow old-fashioned unfettered comms, otherwise journalism isn't an employment channel that I would suggest to today's youth. Protect , Sources? Sorry I don't mean to be disrespectful but those are now ancient concepts. Someone has become Spectrum Dominant in the new technologies. All (open sourced) documents until last week pointed to FBI/TrideaWorks as the push team - but with a single FISA court document released recently it seems that although it's the FBI that requests - it's the NSA named as receiver of our Data? Was this explicitly made clear in all the governmental MoU's that were passed without parliamentary scrutiny, effectively by fax, a decade ago?
It is like wife beating.
Sure you could beat your wife.
But you agree not to.
You agree not to physically or mentally beat, torture or imprison those weaker than yourself, even though you can.
Even 100 years ago our privacy always depended on government agreeing that there were certain things it would not do, even though it could do them.
What we have here is someone else's government, a government that admits no obligation to uphold "inalienable human rights" for any non-American (as if we're non-human), and that has quietly broken its agreement not to do things it could.
I can't find any communication system that I trust with private information.
Because you're looking at this from a purely technical angle, which is not sustainable. You start with a country where Data Protection still means something despite attacks by the US to get their way there too - that leaves you Switzerland and Canada. Next, you seek a provider who has no links into the US, because they can otherwise be blackmailed into collaboration ("work with us or you can close shop" - that's how they got to the banks). Then, and ONLY then do you check that the offer itself is technically sound.
Those solutions exist. They are not cheap exactly because the legal element is hard work, but they do exist.
You're bonkers if you believe Canada is a safe harbor. They are the our largest trade partner and the vast majority of their communications come into the US anyway. Add to that the fact a bunch of the 9/11 terrorists entered the US from Canada and you can be assured the Canadians are in bed with the US too. It's for our mutual national security you know...
"That is actually a myth that has been long-since been debunked."
Wow, you are correct. Apparently a lot of people don't know that either. Department of Homeland Security Secretary Janet Napolitano had to file a press release correcting her previous 2009 statements after the Canadian Ambasaador to the U.S. corrected her in the press. The subject, with the same mistaken elements, has also been brought up as recently as this week regarding the immigration overhaul bill currently under debate.
Learn something new all the time. Thanks for the info.
"That's what makes this issue of oversight so challenging," Jacob Olcott of Good Harbor Security Risk Management told Bloomberg. "You have a situation where the technology and technical policy is far outpacing the background and expertise of most elected members of Congress or their staffs
This post has been deleted by its author
Obviously what is legal or not is rather flexible where the state is concerned. Bit like it is illegal to murder someone, but it is perfectly fine for state (at least in US, in some of the states) to murd^H^H^H^Hexecute a person.
The law not being same for everyone makes a bit of a mockery of the law.
Also curious that doesn't offering information voluntarily, without requiring the warrant that should be required, open the companies to lawsuit (at least to civil one by their customers, if not a criminal one).
This post has been deleted by its author
Ii was one of many that was posting right here that the OS might be the vector through which NSA and their friends we're using for surveillance . To everyone that reads this post , we now have proof that the OS and it's security problems is such a vector. From that point to where Microsoft and others plant in willingly vectors through which this can be done by the agencies seem almost natural if not a fact.
One of our many concerns now , for everyone , not just You and I , but for the greater numbers which have not the talents we do , call it tech " savvyness " , is how to get out of this hellhole by prevention at the source.
Virus and trojan , " av software " as per such , we know now , gives us a false sense of security , those companies send all known vectors to the agencies first for their use. So we can forget that as a means of insuring us against the spooks . Vulns are left open willingly by MS for them to use There's not much left. Linux . Yeah .. for some perhaps but it's not for everyone. Comms are monitored through our connection systems , so it's pretty much too late on that front.
For any really private communications , i suggest using the good old dial up with a phone modem and super strong encryption in a direct client to client session. Wanna send Joe a file ? Encrypt the shit out of it , use dial up between computers .That will leave a trace in the telco system but the content will be gone. The rest .. it's too late to do anything about it . The web is dead as far as personal secure comms are concerned. Noone in it's right mind will ever feel safe and free from spying or hacking. Back to microdots glued at the back of a stamp ? That or millions marching on our Capitals and throwing out the governments for they are the Enemy of the People. That seems like a way better alternative , but replace them with what ? More of the same politicians that are stabbing us in the back ?
Wasn't there a certain inevitability about all this? I'm not excusing any cover up but we all knew from the very beginning that an increasingly digitally connected world would mean more and more of our holiday snaps, emails, rants and other digital missives would remain where we put them, on internet facing servers etc. Further to that we all seem happy with increasing amounts of our 'personal' data being trawled / shared by all manner of commercial establishments etc. Therefore I am not very surprised myself to find that security agencies want to take a peek at it all as well. We, perhaps blindly, make the choice to entangle our lives digitally, therefore that's now the best place to find out who we are and what we are up to. Because things in the real world can happen so fast, aided by light-speed communication, I can't see that relying on steaming open letters and hear-say would be a very good information channel when tracking down potential criminals or terrorists etc. Both the good guys and the bad guys increasingly rely on and use the internet and other accepted forms of digital communication.
The real shame is the lack of clarity and truth on the part of governments that this is indeed the case. Over the years there has been no end of sound advice aimed at children to keep themselves and their personal information safe from miscreants, so did we somehow feel that being adult meant that it was all right for us to ignore similar advice. Not really, perhaps, but it gets in the way when you which to digitally connect to the big wide world.
Inevitably I suspect that those security agencies involved will no doubt have realised that at some point details of their underhand peeking would come out and I have no doubt that they will have planned for this. In such a 'connected' world it would be difficult to image that any such activity, especially if it entailed employing out-sourced personnel, would remain secret for long. More so, perhaps, with the growing number of people prepared to blow whistles who are making the headlines.
Are not these revelations then a good thing, to be welcomed, and do they not mean that at last we are starting to talk about our connected, digital, lives and what they mean to us all as individuals, security agencies, groups and miscreants. We therefore also have to accept that the lack of inherent security in all things digital will mean that others can gain access to our little bits of data as they fly down the wires and across the disk platters.
Many I suspect would boil down what I have said above into the phrase 'If you have nothing to hide, you have nothing to fear', and that is kind of where I am going, but, I remain convinced that the most important thing to come out of this is the chance to discuss where we go from here. What forms of oversight, control and independent analysis do we want to see governing this kind of surveillance, because it's not going to go away very soon is it.
The internet is a reflection of all things good and bad about being human, but, it also has the potential to break down cultural barriers that have kept us apart, as a unit, for millennia. I welcome that 'sharing' of experience and knowledge, even if it comes at a somewhat detrimental price to our overall digital liberty.
We may certainly argue that we need to wrest back control of our personal devices and stop-up the back doors of data flow that track all most everything we use those devices for, but, whilst we continue to use digital data traffic the ease with which that traffic can be monitored must be accepted.
So let's see if we can find an acceptable solution to this inevitable problem shall we, after all, the speed of such digital communication also enhances the speed with which whistles can be blown.
Is that if they step down from a war footing, the federal government has to devolve most powers back down to the individual states.
Having embarked on a 50-year power grab justified by WW2 and then cold war, they've been left flailing around for "enemies" ever since 1990 in a desperate attempt to avoid that stepdown.
A desperate government is a dangerous government.
What they fear more than terrorists, or bombs is loss of budget that results from the light of day. The US military in general with a budget many times it's nearest 'enemy' needs to be pruned and managed. The apparently well funded intelligence community also needs to lose much of it's budget. If by estimates we spend 30 - 60 B to quell on average 2 incidents a year we are badly overcharged on our 'terrorism' insurance. I'm thinking that saving Billions and reapplying the funds into polishing the ogre image the US has earned, social improvements to turn down the heat of discontent, and demilitarizing the police would help.
Some states are trying desperately to create a Christian fascist institution to rival the Taliban in thuggery. Other states are teetering on bankruptcy and can ill afford not receiving that federal check. The states are clearly entities different from the federal beast but that doesn't automatically make them capable of self control or working in the public interest. As unlikely as it seems, Congress needs to be fixed. Given the number of Senators falling over themselves to support secrecy and status quo I'm thinking the spy industry is not sweating.
The militarization of the police is a very real problem. Besides the full on BDU's and weapons the average cop uses these days, they have been screwing with 'civilians' with psychological prompts. There used to be a reason cop cars were mostly white, they were the 'good guys'. The SWAT vehicles were black and black meant bad news for someone. Now the cars in many places are all black and what used to say 'To Protect and Serve' now says 'Ensuring Safety' or 'Justice for All' or some other meaningless, but somehow dark, statement.
It takes multiple cops for each traffic stop, the whole time you're surrounded by a bunch of young thugs just gagging to do something, anything to show you how tough they are. I do believe police should be paid more, a lot more, but we should also raise the barriers to entry and keep the bullies and lowbrows off the streets. Bring back the old gentlemen police that weren't scared of everything and had at least some level of common sense.
One of the costs of the leaks will be trust in the US government & technology companies, both from the American public & foreign governments. I can see places like Iran & China pointing to this as another excuse to build their own national intranets & software (if they aren't already doing that). I can foresee a balkanisation of the internet. Google want to launch balloons to areas which lack the internet, but I can see some governments shooting down the project because of suspicion. It could mean a chance for tech companies to emerge that aren't hand-in-hand with the US government. In the last 3 years we've had Bradley Manning & now Edward Snowden, members of the Google & Facebook generation. I think the people in charge still have a them & US Cold War mentality. So change could happen.
Tech companies are not alone in the requirement to share. When I see my dentist, eye doctor, family doctor, dermatologist, etc. they all have a disclosure form which states to whom they are required to release information. Among the organizations are the Secret Service "and other government agencies" acting in the best interest of security of the country.
The "HIPPA" disclosure form I recently had to sign at my eye doctor specifically stated the doctor's office could disclose information for protection of the President. Note I am not in any manner special, this is just boiler-plate disclosure form which everyone signs as a matter of course.
See the section on "essential government functions" here:
http://www.gobookee.net/get_book.php?u=aHR0cDovL3d3dy5oaHMuZ292L29jci9wcml2YWN5L2hpcGFhL3VuZGVyc3RhbmRpbmcvc3VtbWFyeS9wcml2YWN5c3VtbWFyeS5wZGYKU1VNTUFSWSBPRiBUSEUgSElQQUEgUFJJVkFDWSBSVUxFIC0gVW5pdGVkIFN0YXRlcyBEZXBhcnRtZW50IC4uLg==
Money talks. Sure, you can't totally control where businesses store your personal info, but you still have considerable leverage through deciding which firms you trust, whether you really need/want to put sensitive information out there, whether you want to make the effort to educate others, whether you buy/use a given service.
The problem is this has been known about for a while, and not enough people are exercising their power of choice.
As a defense contractor for over 20 years we have understood the necessity of eliminating US components (particularly "home computer" software like MS) from our systems for quite some time. Maybe the penny will start to drop now - you simply CANNOT trust American companies; but that has been the case for a long time.
I recognize the defecienies of Windows but attempting to entangle top down government policies and operating system selection is a silly and terribly misguided thing. Your choice of (incorrectly applied) idiom and spelling also indicate your origin as the US which is incredibly invested in MS products, both internally and for export, which isn't going to change anytime soon, but you already that know as a defense contractor who delivers based on client RFQ specs. Right?
People in the government do not have a magic wand that turns the illegal into the legal.
Re: "In many cases, the report claims, companies voluntarily hand over information that intelligence agencies might otherwise need a court order to obtain."
If it needed a court order in the first place, it is not within the power of a federal bureaucrat to waive that requirement.
Re: "That exec will typically be given documents granting him or her immunity from all civil prosecutions related to the information sharing. ... Similarly ... major US internet providers ... have received letters from the US attorney general indemnifying them from lawsuits under US wiretap laws."
If a rogue civil servant sells the Statue of Liberty, that does not mean the Statue of Liberty has actually been sold. It is not going anywhere. They do not have the power to sell the Statute of Liberty. Similarly, the people purporting to grant immunity do not have the power to do so. They do not even have the power to grant indemnity. The U.S. public have not given their federal government Carte Blanche to do whatever they wish. There is not, to my knowledge, any civil servant with the power to accept open ended liability on behalf of the people of the United States of America.
Re: "... often the strict legality of such information sharing is unclear."
Ignorantia legis neminem excusat -- ignorance of the law excuses no one. Especially in a case like this, the people violating the boundaries of the law are culpable.
The murky events of September 11, 2001 have been used to justify all manner of egregious breaches on the part of civil servants. It is time to reign them in.
John Mcaffee's breakdown was due to heavy use of experimental homemade drugs. He didn't need any more backdrop than that to flip out. I'm sure he ran into some screwy situations down there, as any rich gringo would, but his experiences were certainly amplified and made more difficult due to the fact he was tripping his balls off. Nothing ever goes as planned when bribing corrupt officials in a 3rd world country when bombed out of your mind.
In the old days, we were ruled by noblemen who restricted everything we did, and allowed themselves to do anything they wanted to us. They didn't even let us learn how to read or write. In modern times we have come to believe that people with power never infringe upon our rights. And yet this isn't necessarily so. It just looks like it. Why should things be so different than in the past? When I went to a month-long holiday camp at age 10, after some people apparently wrote disparagingly about the holiday camp to their parents, begging them to come and fetch them and not force them to spend another day there (quite understandably, I assure you), we were all gathered together and told that our mail was being opened and that any letter containing anything that was not positive about the camp or its leaders would be intercepted and the writer punished. That was France, in the late 70s. So people shouldn't be too shocked when they find out that government agencies are doing such benign things as reading their e-mail messages. There is a reason why governments worldwide are so keen to provide high-speed broadband to their whole countries, encourage the spread of smartphones and generally port social interaction to an electronic medium. It makes supervision and control much easier.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
