Re: [cryptography] Is the NSA now a civilian intelligence agency? (Was: Re: Snowden: Fabricating Digital Keys?)
On 2/07/13 03:33 AM, mtm wrote: as a spartan of sorts, and one thats shared laphroig with both a plank member of the nsa and the creator of fbi's hrt, id like to say these fellas are decent men and not petty. I know a few of the older ones as well. They are indeed decent men, and historically their creation gets cut a lot of slack by society. There are differences between the ones who founded the organisation, the machine they created, the people who make the decisions now, and what the customers demand of them. Most of the early guys involved had direct knowledge of a serious enemy and more understandable wars. Everyone knew who the enemy was. If you think of the last 2 decades or so, post-Berlin Wall, you can see a huge change in perspective. Today, you'd be hard pressed to even justify even starting the NSA if you had a discussion of who the enemy is; our geopolitical threat scenario is more like the 1920s. Also, as we learnt from recent banking history, it only takes a few deviations to drift into crisis when power is large and concentrated. iang On Jul 2, 2013 12:55 AM, Jeffrey Walton noloa...@gmail.com mailto:noloa...@gmail.com wrote: On Mon, Jul 1, 2013 at 6:47 PM, Nico Williams n...@cryptonector.com mailto:n...@cryptonector.com wrote: On Mon, Jul 1, 2013 at 4:57 PM, grarpamp grarp...@gmail.com mailto:grarp...@gmail.com wrote: And when LEA get caught doing this nothing terribly bad happens to LEA (no officers go to prison, for example). It is often in the interest/whim of the executive to decline to prosecute its own, even if only to save embarassment, so many of these cases will never see a jury. That's why you need citizen prosecutors who can bring cases before both grand and final jury. For example, how many times have you seen a LE vehicle failing to signal, speeding/reckless, with broken running lights, etc... now try to criminally (not administratively) prosecute that just as you might be prosecuted for same. I'd love to see proposals for how to criminal prosecutions by the public would work. Sparta, one of the first democracies, would put the public officials on trial at the end of their term. It was part of the process. I imagine their Spartan was sufficiently different so that folks like Ted Kennedy (liar, cheat, murderer) would not have been able to serve the class. Sorry for the OT chatter. Jeff ___ cryptography mailing list cryptography@randombit.net mailto:cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Is the NSA now a civilian intelligence agency? (Was: Re: Snowden: Fabricating Digital Keys?)
On Tue, Jul 2, 2013 at 2:07 AM, ianG i...@iang.org wrote: ... it only takes a few deviations to drift into crisis when power is large and concentrated. the behemoth that is the current intelligence apparatus(es) is most disturbing in this aspect; truly excessive concentration of power unethical to operate under the best intentions. Cast it into the fire! Destroy it! ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Is the NSA now a civilian intelligence agency? (Was: Re: Snowden: Fabricating Digital Keys?)
Hmmm. Thanks, Ethan! Maybe I'm wrong? Maybe the NSA was always allowed to pass criminal evidence across to the civilian police forces. It's a very strange world. iang On 1/07/13 06:12 AM, Ethan Heilman wrote: The way I read that (and combined with the overall disclosures that they are basically collecting everything they can get their hands on) the NSA has now been de-militarised, or civilianised if you prefer that term. In the sense that, information regarding criminal activity is now being shared with the FBI friends. Routinely, albeit secretly and deniably. The NSA became demilitarised that is, involved in civilian law enforcement, when it stopped being the AFSA (Armed Forces Security Agency) and the NSA was created in 1952. But even prior to that in it's earlier form as the AFSA, ASA, and etc, the NSA did some civil law enforcement work with the FBI. For example Project Shamrock which started in 1945 (seven years before the AFSA became the NSA) involved: Intercepted messages were disseminated to the FBI, CIA, Secret Service, Bureau of Narcotics and Dangerous Drugs (BNDD), and the Department of Defense. Earlier forms of the NSA were also involved in cryptanalysis of pirate radio stations and prohibition era booze barons. The case of their abuses was Project MINARET 1967-1975 which spied on US citizens that suspected of being dissidents or involved in drug smuggling. This information was passed on to the FBI and local law enforcement. Project MINARET that uses “watch lists” to electronically and physically spy on “subversive” activities by civil rights and antiwar leaders such as Dr. Martin Luther King, Jr, Jane Fonda, Malcolm X, Dr. Benjamin Spock, and Joan Baez—all members of Richard Nixon’s infamous “enemies list.” The NSA has been a civil law enforcement organisation in practice if not always in principal since before it's inception (its charter broadened its role beyond its previous role as a military support organisation). ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Is the NSA now a civilian intelligence agency? (Was: Re: Snowden: Fabricating Digital Keys?)
On Mon, Jul 1, 2013 at 3:37 AM, ianG i...@iang.org wrote: Hmmm. Thanks, Ethan! Maybe I'm wrong? Maybe the NSA was always allowed to pass criminal evidence across to the civilian police forces. It's a very strange world. No, the doctrine of the fruit of the poisoned tree makes it non-trivial to avoid the requirements of the 4th Amendment regarding search and seizure. The non-triviality is this: LEA must somehow hide the warrant-less wiretapping (search) and produce a plausible path (and chronology) for how they came to the probably cause that they eventually will bring to a judge. This is non-trivial, but not *that* hard either, and in some cases it may well be trivial. And when LEA get caught doing this nothing terribly bad happens to LEA (no officers go to prison, for example). But when the *NSA* does this the risk of method information leaking to the public is very large, which is one reason to prefer that PRISM-type projects, if they exist at all, be and remain forever secret -- their own secrecy is the best and strongest (though even then, not fail-safe) guaranty of non-use for criminal investigations. Ironic, no? We should almost wish we'd never found out. Nico -- ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Is the NSA now a civilian intelligence agency? (Was: Re: Snowden: Fabricating Digital Keys?)
And when LEA get caught doing this nothing terribly bad happens to LEA (no officers go to prison, for example). It is often in the interest/whim of the executive to decline to prosecute its own, even if only to save embarassment, so many of these cases will never see a jury. That's why you need citizen prosecutors who can bring cases before both grand and final jury. For example, how many times have you seen a LE vehicle failing to signal, speeding/reckless, with broken running lights, etc... now try to criminally (not administratively) prosecute that just as you might be prosecuted for same. their own secrecy is the best and strongest (though even then, not fail-safe) guaranty of non-use for criminal investigations. Didn't the requisite construction of plausible paths from tainted seed just get covered. So, No! The only guaranty against secret taint is transparency. Try removing the 'non-' next time. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Is the NSA now a civilian intelligence agency? (Was: Re: Snowden: Fabricating Digital Keys?)
On Mon, Jul 1, 2013 at 4:57 PM, grarpamp grarp...@gmail.com wrote: And when LEA get caught doing this nothing terribly bad happens to LEA (no officers go to prison, for example). It is often in the interest/whim of the executive to decline to prosecute its own, even if only to save embarassment, so many of these cases will never see a jury. That's why you need citizen prosecutors who can bring cases before both grand and final jury. For example, how many times have you seen a LE vehicle failing to signal, speeding/reckless, with broken running lights, etc... now try to criminally (not administratively) prosecute that just as you might be prosecuted for same. I'd love to see proposals for how to criminal prosecutions by the public would work. their own secrecy is the best and strongest (though even then, not fail-safe) guaranty of non-use for criminal investigations. Didn't the requisite construction of plausible paths from tainted seed just get covered. So, No! The only guaranty against secret taint is transparency. Try removing the 'non-' next time. Sometimes it's easy to cover up, sometimes it's not. If you look at how the Allies used their cryptanalytic breaks in WWII you'll see that they made sparing use of their sigint obtained that way -- they had to be very careful when to act and when not to act on it, and when they did they had to take extra steps to make the enemy to believe other avenues to be plausible. Transparency is nice, but the thing is: I don't think you can keep a PRISM-like system secure from being abused by analysts and sysadmins, much less by political appointees, and I think it's harder still to pull that off if its existence is public knowledge. Whereas the incentive to keep the secret from spilling is so strong that it should act as a moderator on its operators. That incentive is lost once the program is public, and then transparency isn't enough: there's always going to be ways to game the controls, and those controls will never be as strong as the need to keep the program secret had been. I could be wrong though. It might well be that in practice there's no difference between abuse potential when the program was secret vs. now that it's public, in which case it's clearly better that it be known to the public. But my instinct tells me otherwise, and that's not a defense of the program, just... paradoxical, ironic. Nico -- ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Is the NSA now a civilian intelligence agency? (Was: Re: Snowden: Fabricating Digital Keys?)
On 2013-07-02 8:47 AM, Nico Williams wrote: On Mon, Jul 1, 2013 at 4:57 PM, grarpamp grarp...@gmail.com wrote: And when LEA get caught doing this nothing terribly bad happens to LEA (no officers go to prison, for example). It is often in the interest/whim of the executive to decline to prosecute its own, even if only to save embarassment, so many of these cases will never see a jury. That's why you need citizen prosecutors who can bring cases before both grand and final jury. For example, how many times have you seen a LE vehicle failing to signal, speeding/reckless, with broken running lights, etc... now try to criminally (not administratively) prosecute that just as you might be prosecuted for same. I'd love to see proposals for how to criminal prosecutions by the public would work. Until 1930 or so, in California, pretty much all criminal prosecutions were by the public. I would suppose the laws are still in place, just not applied. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Is the NSA now a civilian intelligence agency? (Was: Re: Snowden: Fabricating Digital Keys?)
On Mon, Jul 1, 2013 at 6:47 PM, Nico Williams n...@cryptonector.com wrote: On Mon, Jul 1, 2013 at 4:57 PM, grarpamp grarp...@gmail.com wrote: And when LEA get caught doing this nothing terribly bad happens to LEA (no officers go to prison, for example). It is often in the interest/whim of the executive to decline to prosecute its own, even if only to save embarassment, so many of these cases will never see a jury. That's why you need citizen prosecutors who can bring cases before both grand and final jury. For example, how many times have you seen a LE vehicle failing to signal, speeding/reckless, with broken running lights, etc... now try to criminally (not administratively) prosecute that just as you might be prosecuted for same. I'd love to see proposals for how to criminal prosecutions by the public would work. Sparta, one of the first democracies, would put the public officials on trial at the end of their term. It was part of the process. I imagine their Spartan was sufficiently different so that folks like Ted Kennedy (liar, cheat, murderer) would not have been able to serve the class. Sorry for the OT chatter. Jeff ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Is the NSA now a civilian intelligence agency? (Was: Re: Snowden: Fabricating Digital Keys?)
as a spartan of sorts, and one thats shared laphroig with both a plank member of the nsa and the creator of fbi's hrt, id like to say these fellas are decent men and not petty. On Jul 2, 2013 12:55 AM, Jeffrey Walton noloa...@gmail.com wrote: On Mon, Jul 1, 2013 at 6:47 PM, Nico Williams n...@cryptonector.com wrote: On Mon, Jul 1, 2013 at 4:57 PM, grarpamp grarp...@gmail.com wrote: And when LEA get caught doing this nothing terribly bad happens to LEA (no officers go to prison, for example). It is often in the interest/whim of the executive to decline to prosecute its own, even if only to save embarassment, so many of these cases will never see a jury. That's why you need citizen prosecutors who can bring cases before both grand and final jury. For example, how many times have you seen a LE vehicle failing to signal, speeding/reckless, with broken running lights, etc... now try to criminally (not administratively) prosecute that just as you might be prosecuted for same. I'd love to see proposals for how to criminal prosecutions by the public would work. Sparta, one of the first democracies, would put the public officials on trial at the end of their term. It was part of the process. I imagine their Spartan was sufficiently different so that folks like Ted Kennedy (liar, cheat, murderer) would not have been able to serve the class. Sorry for the OT chatter. Jeff ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Is the NSA now a civilian intelligence agency? (Was: Re: Snowden: Fabricating Digital Keys?)
On Mon, Jul 1, 2013 at 8:33 PM, mtm marctmil...@gmail.com wrote: as a spartan of sorts, and one thats shared laphroig with both a plank member of the nsa and the creator of fbi's hrt, id like to say these fellas are decent men and not petty. Then they would have nothing to fear if put on trial for potential crimes they've committed. (At least, that's what they tell us - if you don't do anything wrong, then you don't have anything to worry about). On Jul 2, 2013 12:55 AM, Jeffrey Walton noloa...@gmail.com wrote: On Mon, Jul 1, 2013 at 6:47 PM, Nico Williams n...@cryptonector.com wrote: On Mon, Jul 1, 2013 at 4:57 PM, grarpamp grarp...@gmail.com wrote: And when LEA get caught doing this nothing terribly bad happens to LEA (no officers go to prison, for example). It is often in the interest/whim of the executive to decline to prosecute its own, even if only to save embarassment, so many of these cases will never see a jury. That's why you need citizen prosecutors who can bring cases before both grand and final jury. For example, how many times have you seen a LE vehicle failing to signal, speeding/reckless, with broken running lights, etc... now try to criminally (not administratively) prosecute that just as you might be prosecuted for same. I'd love to see proposals for how to criminal prosecutions by the public would work. Sparta, one of the first democracies, would put the public officials on trial at the end of their term. It was part of the process. I imagine their Spartan was sufficiently different so that folks like Ted Kennedy (liar, cheat, murderer) would not have been able to serve the class. Sorry for the OT chatter. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Is the NSA now a civilian intelligence agency? (Was: Re: Snowden: Fabricating Digital Keys?)
Whereas the incentive to keep the secret from spilling is so strong that it should act as a moderator on its operators. ... against use outside of its original scope/parties. I can see that. Time and history tends to expose everything though. And in the present, not knowing what we don't know makes these models hard to evaluate. Sorry for the OT chatter. Similarly, guilty here as well. Off like a Spartan to Cali :) ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Is the NSA now a civilian intelligence agency? (Was: Re: Snowden: Fabricating Digital Keys?)
id like to say these fellas are decent men True for sure. Yet sometimes when you assemble large systems of even the best of men, those systems may drift from or not always retain the fine character of its components. A weakness of humanity perhaps. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Is the NSA now a civilian intelligence agency? (Was: Re: Snowden: Fabricating Digital Keys?)
enlisted guys and trigger job attys arent worried about being put on trial...as much as it pains me to say it.. if youre doing nothing wrong.. On Jul 2, 2013 1:42 AM, Jeffrey Walton noloa...@gmail.com wrote: On Mon, Jul 1, 2013 at 8:33 PM, mtm marctmil...@gmail.com wrote: as a spartan of sorts, and one thats shared laphroig with both a plank member of the nsa and the creator of fbi's hrt, id like to say these fellas are decent men and not petty. Then they would have nothing to fear if put on trial for potential crimes they've committed. (At least, that's what they tell us - if you don't do anything wrong, then you don't have anything to worry about). On Jul 2, 2013 12:55 AM, Jeffrey Walton noloa...@gmail.com wrote: On Mon, Jul 1, 2013 at 6:47 PM, Nico Williams n...@cryptonector.com wrote: On Mon, Jul 1, 2013 at 4:57 PM, grarpamp grarp...@gmail.com wrote: And when LEA get caught doing this nothing terribly bad happens to LEA (no officers go to prison, for example). It is often in the interest/whim of the executive to decline to prosecute its own, even if only to save embarassment, so many of these cases will never see a jury. That's why you need citizen prosecutors who can bring cases before both grand and final jury. For example, how many times have you seen a LE vehicle failing to signal, speeding/reckless, with broken running lights, etc... now try to criminally (not administratively) prosecute that just as you might be prosecuted for same. I'd love to see proposals for how to criminal prosecutions by the public would work. Sparta, one of the first democracies, would put the public officials on trial at the end of their term. It was part of the process. I imagine their Spartan was sufficiently different so that folks like Ted Kennedy (liar, cheat, murderer) would not have been able to serve the class. Sorry for the OT chatter. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
[cryptography] Is the NSA now a civilian intelligence agency? (Was: Re: Snowden: Fabricating Digital Keys?)
On 29/06/13 13:23 PM, Jacob Appelbaum wrote: http://www.guardian.co.uk/world/2013/jun/17/edward-snowden-nsa-files-whistleblower One of the most interesting things to fall out of this entire ordeal is that we now have a new threat model that regular users will not merely dismiss as paranoid. They may want to believe it *isn't* true or that policy has changed to stop these things - there is a lot of wishful thinking to be sure. Still such users will not however believe reasonably that everyone in the world follows those policies, even if their own government may follow those policies. Yes, but I don't think the penny has yet dropped. One of the things that disturbed me was the several references of how they deal with the material collected. I don't think this is getting enough exposure, so I'm laying my thoughts out here. There is a lot of reference to analysts poking around and deciding if they want that material or not, as the sole apparent figleaf of a warrant. But there was also reference to *evidence of a crime* : http://www.cnsnews.com/news/article/intelligence-chief-defends-internet-spying-program —The dissemination of information incidentally intercepted about a U.S. person is prohibited unless it is necessary to understand foreign intelligence or assess its importance, *is evidence of a crime* , or indicates a threat of death or serious bodily harm. The way I read that (and combined with the overall disclosures that they are basically collecting everything they can get their hands on) the NSA has now been de-militarised, or civilianised if you prefer that term. In the sense that, information regarding criminal activity is now being shared with the FBI friends. Routinely, albeit secretly and deniably. This represents a much greater breach than anything else. We always knew that the NSA could accidentally harvest stuff, and we always knew that they could ask GCHQ to spy on Americans in exchange for another favour. As Snowden said somewhere, the American/foreigner thing is just a distracting tool used by the NSA to up-sell their goodness to congress. What made massive harvesting relatively safe was that they never shared it, regardless of what it was about, unless it was a serious national security issue. Now the NSA is sharing *criminal* information -- civilian information. To back this shift up, the information providers reveal: http://www.counterpunch.org/2013/06/20/spying-by-the-numbers/ Apple reported receiving 4,000 to 5,000 government requests for information on customers in just the last six months. From December 1, 2012 to May 31, 2013 Apple received law enforcement requests for customer data on 9-10,000 accounts or devices. Most of these requests are *from police for robberies, missing children* , etc. Facebook said something similar about missing children, I think. Elsewhere, someone sued the NSA to reveal information on his whereabouts to assist his defence against a crime [0]. So we have moved almost full circle from national security to local crimes. And nobody blinked! The NSA, FISA, administration, FBI, DoJ, media, google, facebook, apple... everyone really, have not thought this strange [1]. Indeed, reading the media reports, it's almost as if they are preparing the American public for a fait accompli. The only thing left is civil cases. But we've already seen a number of elements of that (e.g., l'affair Petraeus) and I suspect it is only a matter of time before (say) the SEC gets in on the game and uses civil discovery and civil cases against some scumbag boiler room operation [2]. To put this in context, the endgame in civil cases is divorce, which can already be dressed up as criminal if we add in some claims of assault, etc. Do Americans believe the local police and the FBI can show restraint given the availability of NSA and friends' intel? Use of secret letters? Do Americans consider that allowing their criminal and civil courts access to this stuff is a reasonable thing? Am I the only one to find the American psyche response to be rather weird? They seem to be focussing on the breaking of (constitutional) rules, and saying tut, tut, naughty NSA. Must phone my Congressman. But they -- Americans -- seem to be ignoring the real danger writ large to them, the very reason for those rules. iang ps; to drag this back to crypto, I think crypto can help, and it is encouraging to see that upswing. But the wider issue here is going to require a complete rethink of the threat model. [0] If Apple and Facebook and the rest are accepting secret national security letters for local crimes, he should get that info. Perhaps EFF should file a friends of the court brief arguing that we are now in a society where civilians are now entitled to the NSA's support. But I digress... [1] This is without even considering the twin corruptions of the policing forces, being (1) war on drugs,
Re: [cryptography] Is the NSA now a civilian intelligence agency? (Was: Re: Snowden: Fabricating Digital Keys?)
Fully agree. I suspect the released figures showing a spike in FBI wire-taps may be cover/laundry and indicative of receiving domestic targetted crime tips from NSA. Another vector: the UK GCHQ have reportedly on their list of authorized spying motivations economic well being. That translates to economic espionage. It seems to be strongly suspected by informed political commentators that the US (and secondarily echelon partners) are conducting economic espionage against Europe. It seems beyond the ken and political will of national security spies to restrict the information collected to narrow national security use. Once they slide it into law enforcement, if historically falls into increasingly more trivial or even arguable crimes. We also see hints such information is being abused for political reasons, eg the IRS audits. The other aspect of this is that I dont think Americans can expect even the most positive constitutional or legal re-evaluation and adjustment to actually fix the problem. It seems to me to be already established that ISPs can be required to keep records for some period. eg GSM location, and call information for years; email bodies for periods of time. Therefore it seems obvious to me that as soon as there is any legal threat to the NSA storing their own information, they'll just get some laws to require the ISPs to do it for them. Probably they can fix it with a few leases, and contracts and carry on as is. The people working on this stuff at the ISPs are going to already have the same security clearances as the NSA, and the NSA apparently already sub-contracted to the private sectore 70% of its budget. So how hard is it going to be for them to ask the ISPs and telcos to form a privately owned telecommunications consortium, that harvests and stores information. Apparently private sector sub-contracting already forms part of the legal shenanigans in the abuse of the FISA. Though I do think it is a politically useful exercise for people to press for legal changes, it seems that with the extent of lying and manipulation, information related power, and scale of economic lobbying; the mil-ind complex in the US has effectively become above the US law and constitution. So I think the only answer is lots of crypto. Per the cypherpunks credo: write code not laws. Adam On Sun, Jun 30, 2013 at 01:30:34PM +0300, ianG wrote: On 29/06/13 13:23 PM, Jacob Appelbaum wrote: http://www.guardian.co.uk/world/2013/jun/17/edward-snowden-nsa-files-whistleblower One of the most interesting things to fall out of this entire ordeal is that we now have a new threat model that regular users will not merely dismiss as paranoid. They may want to believe it *isn't* true or that policy has changed to stop these things - there is a lot of wishful thinking to be sure. Still such users will not however believe reasonably that everyone in the world follows those policies, even if their own government may follow those policies. Yes, but I don't think the penny has yet dropped. One of the things that disturbed me was the several references of how they deal with the material collected. I don't think this is getting enough exposure, so I'm laying my thoughts out here. There is a lot of reference to analysts poking around and deciding if they want that material or not, as the sole apparent figleaf of a warrant. But there was also reference to *evidence of a crime* : http://www.cnsnews.com/news/article/intelligence-chief-defends-internet-spying-program —The dissemination of information incidentally intercepted about a U.S. person is prohibited unless it is necessary to understand foreign intelligence or assess its importance, *is evidence of a crime* , or indicates a threat of death or serious bodily harm. The way I read that (and combined with the overall disclosures that they are basically collecting everything they can get their hands on) the NSA has now been de-militarised, or civilianised if you prefer that term. In the sense that, information regarding criminal activity is now being shared with the FBI friends. Routinely, albeit secretly and deniably. This represents a much greater breach than anything else. We always knew that the NSA could accidentally harvest stuff, and we always knew that they could ask GCHQ to spy on Americans in exchange for another favour. As Snowden said somewhere, the American/foreigner thing is just a distracting tool used by the NSA to up-sell their goodness to congress. What made massive harvesting relatively safe was that they never shared it, regardless of what it was about, unless it was a serious national security issue. Now the NSA is sharing *criminal* information -- civilian information. To back this shift up, the information providers reveal: http://www.counterpunch.org/2013/06/20/spying-by-the-numbers/ Apple reported receiving 4,000 to 5,000 government requests for information on customers in just the last six
Re: [cryptography] Is the NSA now a civilian intelligence agency? (Was: Re: Snowden: Fabricating Digital Keys?)
The way I read that (and combined with the overall disclosures that they are basically collecting everything they can get their hands on) the NSA has now been de-militarised, or civilianised if you prefer that term. In the sense that, information regarding criminal activity is now being shared with the FBI friends. Routinely, albeit secretly and deniably. The NSA became demilitarised that is, involved in civilian law enforcement, when it stopped being the AFSA (Armed Forces Security Agency) and the NSA was created in 1952. But even prior to that in it's earlier form as the AFSA, ASA, and etc, the NSA did some civil law enforcement work with the FBI. For example Project Shamrock which started in 1945 (seven years before the AFSA became the NSA) involved: Intercepted messages were disseminated to the FBI, CIA, Secret Service, Bureau of Narcotics and Dangerous Drugs (BNDD), and the Department of Defense. Earlier forms of the NSA were also involved in cryptanalysis of pirate radio stations and prohibition era booze barons. The case of their abuses was Project MINARET 1967-1975 which spied on US citizens that suspected of being dissidents or involved in drug smuggling. This information was passed on to the FBI and local law enforcement. Project MINARET that uses “watch lists” to electronically and physically spy on “subversive” activities by civil rights and antiwar leaders such as Dr. Martin Luther King, Jr, Jane Fonda, Malcolm X, Dr. Benjamin Spock, and Joan Baez—all members of Richard Nixon’s infamous “enemies list.” The NSA has been a civil law enforcement organisation in practice if not always in principal since before it's inception (its charter broadened its role beyond its previous role as a military support organisation). On Sun, Jun 30, 2013 at 6:30 AM, ianG i...@iang.org wrote: On 29/06/13 13:23 PM, Jacob Appelbaum wrote: http://www.guardian.co.uk/**world/2013/jun/17/edward-**snowden-nsa-files- **whistleblowerhttp://www.guardian.co.uk/world/2013/jun/17/edward-snowden-nsa-files-whistleblower One of the most interesting things to fall out of this entire ordeal is that we now have a new threat model that regular users will not merely dismiss as paranoid. They may want to believe it *isn't* true or that policy has changed to stop these things - there is a lot of wishful thinking to be sure. Still such users will not however believe reasonably that everyone in the world follows those policies, even if their own government may follow those policies. Yes, but I don't think the penny has yet dropped. One of the things that disturbed me was the several references of how they deal with the material collected. I don't think this is getting enough exposure, so I'm laying my thoughts out here. There is a lot of reference to analysts poking around and deciding if they want that material or not, as the sole apparent figleaf of a warrant. But there was also reference to *evidence of a crime* : http://www.cnsnews.com/news/**article/intelligence-chief-** defends-internet-spying-**programhttp://www.cnsnews.com/news/article/intelligence-chief-defends-internet-spying-program —The dissemination of information incidentally intercepted about a U.S. person is prohibited unless it is necessary to understand foreign intelligence or assess its importance, *is evidence of a crime* , or indicates a threat of death or serious bodily harm. The way I read that (and combined with the overall disclosures that they are basically collecting everything they can get their hands on) the NSA has now been de-militarised, or civilianised if you prefer that term. In the sense that, information regarding criminal activity is now being shared with the FBI friends. Routinely, albeit secretly and deniably. This represents a much greater breach than anything else. We always knew that the NSA could accidentally harvest stuff, and we always knew that they could ask GCHQ to spy on Americans in exchange for another favour. As Snowden said somewhere, the American/foreigner thing is just a distracting tool used by the NSA to up-sell their goodness to congress. What made massive harvesting relatively safe was that they never shared it, regardless of what it was about, unless it was a serious national security issue. Now the NSA is sharing *criminal* information -- civilian information. To back this shift up, the information providers reveal: http://www.counterpunch.org/**2013/06/20/spying-by-the-**numbers/http://www.counterpunch.org/2013/06/20/spying-by-the-numbers/ Apple reported receiving 4,000 to 5,000 government requests for information on customers in just the last six months. From December 1, 2012 to May 31, 2013 Apple received law enforcement requests for customer data on 9-10,000 accounts or devices. Most of these requests are *from police for robberies, missing children* , etc. Facebook said something similar about missing children, I think. Elsewhere,
Re: [cryptography] Is the NSA now a civilian intelligence agency? (Was: Re: Snowden: Fabricating Digital Keys?)
Ethan Heilman: The way I read that (and combined with the overall disclosures that they are basically collecting everything they can get their hands on) the NSA has now been de-militarised, or civilianised if you prefer that term. In the sense that, information regarding criminal activity is now being shared with the FBI friends. Routinely, albeit secretly and deniably. The NSA became demilitarised that is, involved in civilian law enforcement, when it stopped being the AFSA (Armed Forces Security Agency) and the NSA was created in 1952. But even prior to that in it's earlier form as the AFSA, ASA, and etc, the NSA did some civil law enforcement work with the FBI. For example Project Shamrock which started in 1945 (seven years before the AFSA became the NSA) involved: Intercepted messages were disseminated to the FBI, CIA, Secret Service, Bureau of Narcotics and Dangerous Drugs (BNDD), and the Department of Defense. Earlier forms of the NSA were also involved in cryptanalysis of pirate radio stations and prohibition era booze barons. The case of their abuses was Project MINARET 1967-1975 which spied on US citizens that suspected of being dissidents or involved in drug smuggling. This information was passed on to the FBI and local law enforcement. Project MINARET that uses “watch lists” to electronically and physically spy on “subversive” activities by civil rights and antiwar leaders such as Dr. Martin Luther King, Jr, Jane Fonda, Malcolm X, Dr. Benjamin Spock, and Joan Baez—all members of Richard Nixon’s infamous “enemies list.” The NSA has been a civil law enforcement organisation in practice if not always in principal since before it's inception (its charter broadened its role beyond its previous role as a military support organisation). Call them what they are: a domestic political secret police with international capabilities That the collaborate with the FBI and CIA is especially terrible - the others have little to next to no clue about cryptography, exploitation or well - traffic analysis of computer networks. All the best, Jacob ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography