Thread: Privacy Alert! Big Brother is watching and listening, UPDATED

Inside the "Electronic Omnivore": NSA Spying on U.N., Climate Summit, Text Messaging Worldwide 2/2

http://www.youtube.com/watch?v=wVEc1...be%3Cbr%20/%3E

Guardian editor Alan Rusbridger to be questioned by MPs over NSA leaks

9 Nov 2013: Rusbridger to appear before home affairs select committee after claims that revelations were damaging national security

Feinstein's NSA bill shows she doesn't have a clue about intelligence reform


Michelle Richardson: Senator Feinstein's bill is a big step backwards for privacy. In contrast, the USA Freedom Act would stop intelligence abuses

• "NSA affair shows the law should be the master of technology "
  
  Kan Macdonald

The Only People The NSA Can't Spy On Is Its Own Employees

from the irony-or-just-incredibly-ugly? dept

The NSA is everywhere, hauling in everything. Recent leaks point out how the agency is collecting data on millions of phone calls across Europe, along with snagging SMS messages, email and internet traffic. This is on top of everything it's doing in the US with its many programs, which cover everything from phone metadata to a large percentage of internet traffic (once streaming services like YouTube and Netflix are removed from the equation).

But for all its spying power and prowess, the NSA still can't manage to keep an eye on its own backyard. A number of factors contributed to Snowden heading east with thousands of sensitive files, not the least of which was a complete lack of internal controls. The NSA honestly seems to have no idea what most of its contractors are doing. Rather than institute any more internal controls (or ones that work), the agency is leaning towards simply laying off 90% of its contractors. That may mitigate potential problems, but it stills leaves its internal systems exposed to "insider threats."

It seems that nothing goes unnoticed by its external "eyes," but those focused inward are limited in number and in vision. As was pointed out earlier, the NSA may be able to haul in millions of emails and sift through them for "relevant" information, but when asked to search its own internal email system, it draws a blank.

Additionally, as Mike covered last Friday, attempts at installing software for detecting internal threats have been thwarted by a vague "lack of bandwidth." This software, made by Raytheon, still isn't in place despite being ordered into use in 2010, shortly after Manning's leaks to Wikileaks surfaced. This lack of threat detection software made it much easier for Snowden to gather what he did -- an event the NSA had no contingency plan in place to deal with, much less head off.

As Mike said, it's unclear what this "lack of bandwidth" phrase is referring to. It could mean the software demands too many network resources to do its job. Or it could mean there aren't enough manhours to devote to installing and implementing the software. It could also simply mean the agency would rather not install the software and has come up with a plausible reason why it "can't."

Mark Hosenball, writing for Reuters, indicates it's a network issue.

Officials responsible for tightening data security say insider threat-detection software, which logs events such as unusually large downloads of material or attempts at unauthorized access, is expensive to adopt.

It also takes up considerable computing and communications bandwidth, degrading the performance of systems on which it is installed, they said.

By not installing this software (something the Dept. of Defense itself hasn't done yet), the NSA is in risk of violating the law governing insider threat detection. According to Hosenball, this software requirement was written into law in 2011, and agencies affected had until the end of October 2013 to have it in place. Obviously, the NSA won't be meeting this dealine. It has until October 2014 to have it both in place and fully operational, but it may have trouble even hitting that extended deadline.

One official said intelligence agencies had already asked Congress to extend the deadline beyond October 2014 but that legislators had so far refused.

Installing new software that plays nice with existing government software can be a lengthy nightmare, but this difficulty is hardly the only factor affecting its incredibly slow adoption. As Marcy Wheeler points out, the agency may not want to make the bandwidth tradeoff needed to deploy this threat detection software.

If the Intelligence Committees were unable to get the IC to take this mandate seriously after the Chelsea Manning leaks, I don’t see any reason they’ll show more focus on doing so after Edward Snowden. They seem either unable to back off their spying bandwidth draw far enough to implement the security to avoid another giant leak, or unwilling to subject their workers (or themselves?) to this kind of scrutiny.

If any combination of the above is true, it makes truly disturbing statement about the agency's mentality. For one, the NSA has resisted any sort of meaningful oversight. It may have no desire to subject its internal employees to additional scrutiny -- even if it means more "damaging" leaks -- simply because it would rather not generate any evidence of wrongdoing that could be used to threaten its ongoing programs.

It's also disturbing that the agency would seemingly make the tradeoff of internal security for uninterrupted and unimpaired collection activity. The agency and its supporters constantly claim there's a "balance" between security and liberty that must be considered. But its failure to implement a program that looks for potential leakers compromises the agency's security (and, consequently, the nation's, if its supporters are to be believed) in order to harvest even more data -- collections that haven't conclusively shown they're keeping the nation safer. The agency would rather deal with embarrassing leaks (or worse, the sale of information to enemy nations) rather than curtail its collection programs or subject its own staff to the same level of scrutiny the rest of the nation experiences.

http://www.techdirt.com/articles/20131028/12334825041/

Officials: Snowden Has A ‘Doomsday’ Cache Of Information That He Has Not Yet Leaked

November 27, 2013 by Sam Rolley

FILE

Edward Snowden downloaded between 50,000 and 200,000 classified documents from the NSA and the agency’s British equivalent, GCHQ.

Government officials are still working to quiet public discontent over whistle-blower Edward Snowden’s leaks, which brought to light the National Security Agency’s malfeasance over the summer. But officials in the United States and Britain say that the job of dealing with the Snowden leaks is far from over, as the whistle-blower is likely sitting on a “doomsday” collection of highly classified NSA information.
According to Reuters, the heavily encrypted cache of information, which Snowden is believed to have stored on a data cloud, contains information generated by the NSA and other agencies. The information is thought to include details about U.S. and allied intelligence personnel and seven current and former U.S. officials, among other things.
One unidentified source said that Snowden’s stockpile of information served as a sort of “security policy” against arrest or physical harm for the leaker.
According to NSA head Gen. Keith Alexander, Snowden downloaded between 50,000 and 200,000 classified documents from the NSA and the agency’s British equivalent, GCHQ. It is estimated that Snowden has released only about 500 documents to date.
In June, Glenn Greenwald, one of the reporters Snowden initially leaked the documents to, said that he believes the whistle-blower has much more information to reveal. Greenwald also warned government officials who may try to murder or imprison Snowden to prevent further leaks that the whistle-blower has “taken extreme precautions to make sure many different people around the world have these archives to insure the stories will inevitably be published.”

Filed Under: Conservative Politics, Liberty News, Staff Reports

http://personalliberty.com/2013/11/2...ot-yet-leaked/

One unidentified source said that Snowden’s stockpile of information served as a sort of “security policy” against arrest or physical harm for the leaker.
According to NSA head Gen. Keith Alexander, Snowden downloaded between 50,000 and 200,000 classified documents from the NSA and the agency’s British equivalent, GCHQ. It is estimated that Snowden has released only about 500 documents to date.

Makes sense.....it will be interesting to see how this shakes out...

NSA Tracks 5 Billion Cell Phone Locations Every Day

The National Security Agency gathers location data on hundreds of millions of people every day, reports the Washington Post in likely the biggest Snowden-related leak to date. If you've been in a foreign country, the NSA has likely tracked you. And even if you haven't traveled abroad, there's a chance you're being tracked.

Find out how the NSA does it here.