I think it very unlikely that the NSA would think that they can use information gained through a court order for 'swapsies' with other intel agencies as they have been found to have done giving raw intercepts to Israel.
Getting a court order to get intercept keys for a machine in a foreign jurisdiction is much harder than in-jurisdiction. The objective here is to prevent traffic analysis. Difficult to to that if you only have the keys for the routers in your own jurisdiction. On Thu, Nov 7, 2013 at 6:55 AM, Benjamin Kaduk <[email protected]> wrote: > On Wed, 6 Nov 2013, Dean Willis wrote: > > On Nov 5, 2013 7:17 PM, "Nicholas Weaver" <[email protected]> >> wrote: >> >>> >>> >>> On Nov 5, 2013, at 5:12 PM, Dean Willis <[email protected]> >>> wrote: >>> >>>> >>>> Wrong. See, the GCHQ has been surveilling US citizens using taps, and >>>> >>> the NSA has been surveilling UK citizens using taps. Both are allowed to >> use covert mechanisms to surveil foreigners. Then they trade data sets >> with >> each other. >> >>> >>>> This is state surveillance, but since it’s quite reasonably “illegal”, >>>> >>> it also requires secrecy. Securing the transit links such that a “legal >> order” is required would significantly impact the interception. >> >>> >>> Except that its clear that they already HAVE gotten "legal" orders for >>> >> such surveillance. E.g. AT&T secret room, GCHQ's deal with Level 3, >> etc... >> >>> >>> >> There are basically two classes of surveillance that require distinct >> analysis: >> >> 1) Surveillance that requires collaboration by service providers, >> generally >> through a "legal" framework of compulsion or a less qualified process of >> human subversion. Overt, mostly. Typically used within the legal domain of >> a state actor or enterprise. >> >> 2) Surveillance that can occur without the knowledge or support of the >> provider. Illegal within the US, typically launched from outside the >> domain >> of a state actor or enterprise. >> > > Phill made the point during his talk at the BoF yesterday, that (roughly > speaking), we should consider cases where our actions cause attacks to move > from class (2) to class (1) to be victories. This is (to me), broadly > speaking, true, in that it gives the collective us more knowledge about > what is going on. > > However, I fear that the knowledge we gain may be more limited that we > would like. In particular, I fear that NSLs or similar things will come > with gag orders so strong that the company's counsel will not be able to > use knowledge of them to alter company policy, or even that the gag will > prevent the engineer being served from contacting the company's counsel. > There are probably technical measures which could help a little, such as > requiring multiple persons to authenticate certain classes of operations, > though I suspect those are out of scope for IETF protocol work. > > -Ben Kaduk > > (I have received between -1000 and 0 NSLs in the past 30 years.) -- Website: http://hallambaker.com/
_______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
