Re: [liberationtech] PRISM: NSA/FBI Internet data mining project

[Eugen Leitl]

- Forwarded message from Scott Weeks sur...@mauigateway.com -

Date: Mon, 10 Jun 2013 16:36:32 -0700
From: Scott Weeks sur...@mauigateway.com
To: na...@nanog.org
Subject: RE: PRISM: NSA/FBI Internet data mining project
Reply-To: sur...@mauigateway.com



Funny, sort of.  The guy was residing in Hawaii.  Apologies 
for the long URLs...

Report: NSA contract worker is surveillance source:
http://thegardenisland.com/news/state-and-regional/report-nsa-contract-worker-is-surveillance-source/article_2a88ec60-f99c-54a7-8c13-13f6852ccca6.html

Hawaii real estate agent: Snowden left on May 1:
http://thegardenisland.com/news/state-and-regional/hawaii-real-estate-agent-snowden-left-on-may/article_099ec0db-a823-56a0-8471-af8d7ef16e1b.html



funny as well!

NSA claims know-how to ensure no illegal spying:
http://thegardenisland.com/news/state-and-regional/nsa-claims-know-how-to-ensure-no-illegal-spying/article_ec623964-d23a-53c6-aeb0-14bf325a7f3c.html

scott


- End forwarded message -
-- 
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] PRISM: NSA/FBI Internet data mining project

[Nadim Kobeissi]

A new slide has just been leaked from the PRISM powerpoint. It's very 
interesting, check it out:
http://www.theverge.com/2013/6/8/4410358/leaked-slide-from-prism-presentation-supports-directly-collecting-data

NK

On 2013-06-07, at 4:01 PM, Kyle Maxwell ky...@xwell.org wrote:

 FWIW, Google has issued a similar blanket (and kinda funny) denial.
 
 http://googleblog.blogspot.com/2013/06/what.html
 
 On Fri, Jun 7, 2013 at 2:20 PM, Andy Isaacson a...@hexapodia.org wrote:
 Apologies for replying out of thread and the wide CC list.
 
 On Fri, Jun 07, 2013 at 06:41:32PM +0200, Eugen Leitl wrote:
 - Forwarded message from Matthew Petach mpet...@netflight.com -
 
 Date: Fri, 7 Jun 2013 09:32:53 -0700
 From: Matthew Petach mpet...@netflight.com
 Cc: NANOG na...@nanog.org
 Subject: Re: PRISM: NSA/FBI Internet data mining project
 
 Speaking just for myself, and if you quote me on this
 as speaking on anyone else's behalf, you're a complete
 fool, if the government was able to build infrastructure
 that could listen to all the traffic from a major provider
 for a fraction of what it costs them to handle that traffic
 in the first place, I'd be truly amazed--and I'd probably
 wonder why the company didn't outsource their infrastruture
 to the government, if they can build and run it so much
 more cheaply than the commercial providers.  ;P
 7 companies were listed; if we assume the
 burden was split roughly evenly between them, that's
 20M/7, about $2.85M per company per year to tap in,
 or about $238,000/month per company listed, to
 supposedly snoop on hundreds of gigs per second
 of data.  Two ways to handle it: tap in, and funnel
 copies of all traffic back to distant monitoring posts,
 or have local servers digesting and filtering, just
 extracting the few nuggets they want, and sending
 just those back.
 
 That's not what PRISM is claimed to do, in the WaPo/Gu slide deck.  The
 deck claims that PRISM provides a way for an analyst at NSA to request
 access to a specific target (gmail account, Skype account, Y! messenger,
 etc) and get a dump of data in that account, plus realtime access to the
 activity on the account.  The volume is quoted to be on the order of
 10k-100k of requests annually.  The implication is that data production
 is nearly immediate (measured in minutes or hours at most), not enough
 time for a rubber-stamp FISA warrant, implying a fully automated system.
 
 At these volumes we're talking one, or a few, boxes at each provider;
 plus the necessary backdoors in the provider's storage systems (easy,
 since the provider already has those backdoors in place for their own
 maintenance/legal/abuse systems); and trusted personnel on staff at the
 providers to build and maintain the systems.  Add a VPN link back to
 Fort Meade and you're done.
 
 That's obviously a much easier system (compared to your 200 GBps
 sniffer) to build at the $2M/yr budget, and given that $2M is just the
 government's part -- the company engineering time to do it is accounted
 separately -- it seems like a reasonable ballpark for an efficient
 government project.  (There are plenty such, and the existence of
 inefficient government projects doesn't change that fact.)
 
 It's even possible that executive/legal at the providers actually aren't
 aware that their systems are compromised in this manner.  NatSec claims
 will open many doors, especially with alumni of the DoD who have
 reentered the civilian workforce:
 https://financialcryptography.com/mt/archives/001431.html
 
 -andy
 --
 Too many emails? Unsubscribe, change to digest, or change password by 
 emailing moderator at compa...@stanford.edu or changing your settings at 
 https://mailman.stanford.edu/mailman/listinfo/liberationtech
 --
 Too many emails? Unsubscribe, change to digest, or change password by 
 emailing moderator at compa...@stanford.edu or changing your settings at 
 https://mailman.stanford.edu/mailman/listinfo/liberationtech

--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] PRISM: NSA/FBI Internet data mining project

[Eugen Leitl]

- Forwarded message from Leo Bicknell bickn...@ufp.org -

Date: Thu, 6 Jun 2013 20:28:18 -0500
From: Leo Bicknell bickn...@ufp.org
To: jim deleskie deles...@gmail.com
Cc: goe...@anime.net, NANOG na...@nanog.org
Subject: Re: PRISM: NSA/FBI Internet data mining project
X-Mailer: Apple Mail (2.1508)


On Jun 6, 2013, at 8:06 PM, jim deleskie deles...@gmail.com wrote:

 Knowing its going on, knowing nothing online is secret != OK with it, it
 mealy understand the way things are.

While there's a whole political aspect of electing people who pass better laws, 
NANOG is not a political action forum.

However many of the people on NANOG are in positions to affect positive change 
at their respective employers.

- Implement HTTPS for all services.
- Implement PGP for e-mail.
- Implement S/MIME for e-mail.
- Build cloud services that encrypt on the client machine, using a key that is 
only kept on the client machine.
- Create better UI frameworks for managing keys and identities.
- Align data retention policies with the law.
- Scrutinize and reject defective government legal requests.
- When allowed by law, charge law enforcement for access to data.
- Lobby for more sane laws applied to your area of business.

The high tech industry has often made the government's job easy, not by 
intention but by laziness.  Keeping your customer's data secure should be a 
proud marketing point.

-- 
   Leo Bicknell - bickn...@ufp.org - CCIE 3440
PGP keys at http://www.ufp.org/~bicknell/








- End forwarded message -
-- 
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] PRISM: NSA/FBI Internet data mining project

[Eugen Leitl]

- Forwarded message from Mark Seiden m...@seiden.com -

Date: Thu, 6 Jun 2013 22:57:07 -0700
From: Mark Seiden m...@seiden.com
To: jamie rishaw j...@arpa.com
Cc: goe...@anime.net, NANOG na...@nanog.org
Subject: Re: PRISM: NSA/FBI Internet data mining project
X-Mailer: Apple Mail (2.1508)

On Jun 6, 2013, at 10:25 PM, jamie rishaw j...@arpa.com wrote:

 tinfoilhat
 Just wait until we find out dark and lit private fiber is getting vampired.
 /tinfoilhat
 

well, that's exactly and the only thing what would not surprise me, given the 
eff suit 
and mark klein's testimony about room 421a full of narus taps.   mark klein is 
an
utterly convincing and credible guy on this subject of tapping transit traffic.

but the ability to assemble intelligence out of taps on providers' internal 
connections 
would require reverse engineering the ever changing protocols of all of those 
providers.  
and at least at one of the providers named, where i worked on security and 
abuse, 
it was hard for us, ourselves, to quickly mash up data from various internal 
services 
and lines of business that were almost completely siloed  -- 
data typically wasn't exposed widely and stayed  within a particular 
server or data center absent a logged in session by the user.  

were these guys scraping the screens of non-ssl sessions of interest in real 
time?
with asymmetric routing, it's hard to reassemble both sides of a conversation, 
say
in IM.  one side might come in via a vip and the other side go out through the 
default
route, shortest path. only *on* a specific internal server might you see the 
entire 
conversation.  typically only the engineers who worked on that application would
log on or even know what to look for.

and also, only $20m/year?  in my experience, the govt cannot do anything like 
this 
addressing even a single provider for that little money.

and pretty much denials all around.   so at the moment, i don't believe it.  

(and i hope it's not true, or i might have to leave this industry in utter 
disgust
because i didn't notice this going on in about 8 years at that provider and it 
was
utterly contrary to the expressed culture.   

take up beekeeping, or alcohol, or something.).

 
 
 -- 
 Jamie Rishaw // .com.arpa@j - reverse it. ish.
 arpa / arpa labs



- End forwarded message -
-- 
Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org
__
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] PRISM: NSA/FBI Internet data mining project

[Eugen Leitl]

- Forwarded message from Matthew Petach mpet...@netflight.com -

Date: Fri, 7 Jun 2013 09:32:53 -0700
From: Matthew Petach mpet...@netflight.com
Cc: NANOG na...@nanog.org
Subject: Re: PRISM: NSA/FBI Internet data mining project

On Thu, Jun 6, 2013 at 5:04 PM, Matthew Petach mpet...@netflight.comwrote:



 On Thu, Jun 6, 2013 at 4:35 PM, Jay Ashworth j...@baylink.com wrote:

 Has fingers directly in servers of top Internet content companies,
 dates to 2007.  Happily, none of the companies listed are transport
 networks:


 http://www.washingtonpost.com/investigations/us-intelligence-mining-data-from-nine-us-internet-companies-in-broad-secret-program/2013/06/06/3a0c0da8-cebf-11e2-8845-d970ccb04497_story.html

 Cheers,
 -- jra
 --
 Jay R. Ashworth  Baylink
 j...@baylink.com
 Designer The Things I Think   RFC
 2100
 Ashworth  Associates http://baylink.pitas.com 2000 Land
 Rover DII
 St Petersburg FL USA   #natog  +1 727
 647 1274



 I've always just assumed that if it's in electronic form,
 someone else is either reading it now, has already read
 it, or will read it as soon as I walk away from the screen.

 Much less stress in life that way.  ^_^

 Matt



When I posted this yesterday, I was speaking somewhat
tongue-in-cheek, because we hadn't yet made a formal
statement to the press.  Now that we've made our official
reply, I can echo it, and note that whatever fluffed up
powerpoint was passed around to the washington post,
it does not reflect reality.  There are no optical taps in
our datacenters funneling information out, there are no
sooper-seekret backdoors in the software that funnel
information to the government.  As our formal reply
stated: Yahoo does not provide the government with
direct access to its servers, systems, or network.
I believe the other major players supposedly listed
in the document have released similar statements,
all indicating a similar lack of super-cheap government
listening capabilities.

Speaking just for myself, and if you quote me on this
as speaking on anyone else's behalf, you're a complete
fool, if the government was able to build infrastructure
that could listen to all the traffic from a major provider
for a fraction of what it costs them to handle that traffic
in the first place, I'd be truly amazed--and I'd probably
wonder why the company didn't outsource their infrastruture
to the government, if they can build and run it so much
more cheaply than the commercial providers.  ;P
7 companies were listed; if we assume the
burden was split roughly evenly between them, that's
20M/7, about $2.85M per company per year to tap in,
or about $238,000/month per company listed, to
supposedly snoop on hundreds of gigs per second
of data.  Two ways to handle it: tap in, and funnel
copies of all traffic back to distant monitoring posts,
or have local servers digesting and filtering, just
extracting the few nuggets they want, and sending
just those back.

Let's take the first case; doing optical taps, or other
form of direct traffic mirroring, carrying it untouched
offsite to process; that's going to mean the ability to
siphon off hundreds of Gbps per datacenter and carry
it offsite for $238k/month; let's figure a major player
has data split across at least 3 datacenters, so about
$75K/month per datacenter to carry say 300Gbps of
traffic.  It's pretty clearly going to have to be DWDM
on dark fiber at that traffic volume; most recent
quotes I've seen for dark fiber put it at $325/mile
for already-laid-in-ground (new builds are considerably
more, of course).  If we figure the three datacenters
are split around just the US, on average you're going
to need to run about 1500 miles to reach their central
listening post; that's $49K/month just to carry the
bitstream, which leaves you just about $25K/month
to run the servers to digest that data; at 5c/kwhr, a
typical server pulling 300 watts is gonna cost you $11/month
to run; let's assume each server can process 2Gbps of
traffic, constantly; 150 servers for the stream of 300Gbps
means we're down to $22K for the rest of our support
costs; figure two sysadmins getting paid $10k/month
to run the servers (120k annual salary), and you've got
just $2k for GA overhead.

That's a heck of an efficient operation they'd have to be
running to listen in on all the traffic for the supposed
budget number claimed.

I'm late for work; I'll follow up with a runthrough of the
other model, doing on-site digestion and processing
later, but I think you can see the point--it's not realistic
to think they can handle the volumes of data being
claimed at the price numbers listed.  If they could,
the major providers would already be doing it for
much cheaper than they are today.  I mean, the
Utah datacenter they're building is costing them
$2B to build; does anyone really think if they're
overpaying that much for datacenter space, they
could really snoop on 

Re: [liberationtech] PRISM: NSA/FBI Internet data mining project

[michael gurstein]

So what if it was a one character typo? m substituted for b... happens
all the time in these kinds of presentations...

M

-Original Message-
From: liberationtech-boun...@lists.stanford.edu
[mailto:liberationtech-boun...@lists.stanford.edu] On Behalf Of Eugen Leitl
Sent: Friday, June 07, 2013 12:42 PM
To: Liberation Technologies; cypherpu...@al-qaeda.net; i...@postbiota.org;
zs-...@googlegroups.com
Subject: Re: [liberationtech] PRISM: NSA/FBI Internet data mining project

- Forwarded message from Matthew Petach mpet...@netflight.com -

Date: Fri, 7 Jun 2013 09:32:53 -0700
From: Matthew Petach mpet...@netflight.com
Cc: NANOG na...@nanog.org
Subject: Re: PRISM: NSA/FBI Internet data mining project

On Thu, Jun 6, 2013 at 5:04 PM, Matthew Petach mpet...@netflight.comwrote:



 On Thu, Jun 6, 2013 at 4:35 PM, Jay Ashworth j...@baylink.com wrote:

 Has fingers directly in servers of top Internet content companies, 
 dates to 2007.  Happily, none of the companies listed are transport
 networks:


 http://www.washingtonpost.com/investigations/us-intelligence-mining-d
 ata-from-nine-us-internet-companies-in-broad-secret-program/2013/06/0
 6/3a0c0da8-cebf-11e2-8845-d970ccb04497_story.html

 Cheers,
 -- jra
 --
 Jay R. Ashworth  Baylink
 j...@baylink.com
 Designer The Things I Think   RFC
 2100
 Ashworth  Associates http://baylink.pitas.com 2000 Land
 Rover DII
 St Petersburg FL USA   #natog  +1 727
 647 1274



 I've always just assumed that if it's in electronic form, someone else 
 is either reading it now, has already read it, or will read it as soon 
 as I walk away from the screen.

 Much less stress in life that way.  ^_^

 Matt



When I posted this yesterday, I was speaking somewhat tongue-in-cheek,
because we hadn't yet made a formal statement to the press.  Now that we've
made our official reply, I can echo it, and note that whatever fluffed up
powerpoint was passed around to the washington post, it does not reflect
reality.  There are no optical taps in our datacenters funneling information
out, there are no sooper-seekret backdoors in the software that funnel
information to the government.  As our formal reply
stated: Yahoo does not provide the government with direct access to its
servers, systems, or network.
I believe the other major players supposedly listed in the document have
released similar statements, all indicating a similar lack of super-cheap
government listening capabilities.

Speaking just for myself, and if you quote me on this as speaking on anyone
else's behalf, you're a complete fool, if the government was able to build
infrastructure that could listen to all the traffic from a major provider
for a fraction of what it costs them to handle that traffic in the first
place, I'd be truly amazed--and I'd probably wonder why the company didn't
outsource their infrastruture to the government, if they can build and run
it so much more cheaply than the commercial providers.  ;P
7 companies were listed; if we assume the burden was split roughly evenly
between them, that's 20M/7, about $2.85M per company per year to tap in, or
about $238,000/month per company listed, to supposedly snoop on hundreds of
gigs per second of data.  Two ways to handle it: tap in, and funnel copies
of all traffic back to distant monitoring posts, or have local servers
digesting and filtering, just extracting the few nuggets they want, and
sending just those back.

Let's take the first case; doing optical taps, or other form of direct
traffic mirroring, carrying it untouched offsite to process; that's going to
mean the ability to siphon off hundreds of Gbps per datacenter and carry it
offsite for $238k/month; let's figure a major player has data split across
at least 3 datacenters, so about $75K/month per datacenter to carry say
300Gbps of traffic.  It's pretty clearly going to have to be DWDM on dark
fiber at that traffic volume; most recent quotes I've seen for dark fiber
put it at $325/mile for already-laid-in-ground (new builds are considerably
more, of course).  If we figure the three datacenters are split around just
the US, on average you're going to need to run about 1500 miles to reach
their central listening post; that's $49K/month just to carry the bitstream,
which leaves you just about $25K/month to run the servers to digest that
data; at 5c/kwhr, a typical server pulling 300 watts is gonna cost you
$11/month to run; let's assume each server can process 2Gbps of traffic,
constantly; 150 servers for the stream of 300Gbps means we're down to $22K
for the rest of our support costs; figure two sysadmins getting paid
$10k/month to run the servers (120k annual salary), and you've got just $2k
for GA overhead.

That's a heck of an efficient operation they'd have to be running to listen
in on all the traffic for the supposed budget number claimed.

I'm late for work; I'll follow up with a runthrough

Re: [liberationtech] PRISM: NSA/FBI Internet data mining project

[Michael Rogers]

 Speaking just for myself, and if you quote me on this as speaking on anyone 
 else's behalf, you're a complete fool, if the government was able to build 
 infrastructure that could listen to all the traffic from a major provider for 
 a fraction of what it costs them to handle that traffic in the first place, 
 I'd be truly amazed--and I'd probably wonder why the company didn't outsource 
 their infrastruture
to the government, if they can build and run it so much more cheaply than the 
commercial providers.  ;P

We already know the NSA gets a copy of the traffic by tapping the backbone, so 
all it needs from the service providers is the keys to decrypt the traffic.

Cheers,
Michael
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] PRISM: NSA/FBI Internet data mining project

[Andy Isaacson]

Apologies for replying out of thread and the wide CC list.

On Fri, Jun 07, 2013 at 06:41:32PM +0200, Eugen Leitl wrote:
 - Forwarded message from Matthew Petach mpet...@netflight.com -
 
 Date: Fri, 7 Jun 2013 09:32:53 -0700
 From: Matthew Petach mpet...@netflight.com
 Cc: NANOG na...@nanog.org
 Subject: Re: PRISM: NSA/FBI Internet data mining project
 
 Speaking just for myself, and if you quote me on this
 as speaking on anyone else's behalf, you're a complete
 fool, if the government was able to build infrastructure
 that could listen to all the traffic from a major provider
 for a fraction of what it costs them to handle that traffic
 in the first place, I'd be truly amazed--and I'd probably
 wonder why the company didn't outsource their infrastruture
 to the government, if they can build and run it so much
 more cheaply than the commercial providers.  ;P
 7 companies were listed; if we assume the
 burden was split roughly evenly between them, that's
 20M/7, about $2.85M per company per year to tap in,
 or about $238,000/month per company listed, to
 supposedly snoop on hundreds of gigs per second
 of data.  Two ways to handle it: tap in, and funnel
 copies of all traffic back to distant monitoring posts,
 or have local servers digesting and filtering, just
 extracting the few nuggets they want, and sending
 just those back.

That's not what PRISM is claimed to do, in the WaPo/Gu slide deck.  The
deck claims that PRISM provides a way for an analyst at NSA to request
access to a specific target (gmail account, Skype account, Y! messenger,
etc) and get a dump of data in that account, plus realtime access to the
activity on the account.  The volume is quoted to be on the order of
10k-100k of requests annually.  The implication is that data production
is nearly immediate (measured in minutes or hours at most), not enough
time for a rubber-stamp FISA warrant, implying a fully automated system.

At these volumes we're talking one, or a few, boxes at each provider;
plus the necessary backdoors in the provider's storage systems (easy,
since the provider already has those backdoors in place for their own
maintenance/legal/abuse systems); and trusted personnel on staff at the
providers to build and maintain the systems.  Add a VPN link back to
Fort Meade and you're done.

That's obviously a much easier system (compared to your 200 GBps
sniffer) to build at the $2M/yr budget, and given that $2M is just the
government's part -- the company engineering time to do it is accounted
separately -- it seems like a reasonable ballpark for an efficient
government project.  (There are plenty such, and the existence of
inefficient government projects doesn't change that fact.)

It's even possible that executive/legal at the providers actually aren't
aware that their systems are compromised in this manner.  NatSec claims
will open many doors, especially with alumni of the DoD who have
reentered the civilian workforce:
https://financialcryptography.com/mt/archives/001431.html

-andy
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] PRISM: NSA/FBI Internet data mining project

[Kyle Maxwell]

FWIW, Google has issued a similar blanket (and kinda funny) denial.

http://googleblog.blogspot.com/2013/06/what.html

On Fri, Jun 7, 2013 at 2:20 PM, Andy Isaacson a...@hexapodia.org wrote:
 Apologies for replying out of thread and the wide CC list.

 On Fri, Jun 07, 2013 at 06:41:32PM +0200, Eugen Leitl wrote:
 - Forwarded message from Matthew Petach mpet...@netflight.com -

 Date: Fri, 7 Jun 2013 09:32:53 -0700
 From: Matthew Petach mpet...@netflight.com
 Cc: NANOG na...@nanog.org
 Subject: Re: PRISM: NSA/FBI Internet data mining project

 Speaking just for myself, and if you quote me on this
 as speaking on anyone else's behalf, you're a complete
 fool, if the government was able to build infrastructure
 that could listen to all the traffic from a major provider
 for a fraction of what it costs them to handle that traffic
 in the first place, I'd be truly amazed--and I'd probably
 wonder why the company didn't outsource their infrastruture
 to the government, if they can build and run it so much
 more cheaply than the commercial providers.  ;P
 7 companies were listed; if we assume the
 burden was split roughly evenly between them, that's
 20M/7, about $2.85M per company per year to tap in,
 or about $238,000/month per company listed, to
 supposedly snoop on hundreds of gigs per second
 of data.  Two ways to handle it: tap in, and funnel
 copies of all traffic back to distant monitoring posts,
 or have local servers digesting and filtering, just
 extracting the few nuggets they want, and sending
 just those back.

 That's not what PRISM is claimed to do, in the WaPo/Gu slide deck.  The
 deck claims that PRISM provides a way for an analyst at NSA to request
 access to a specific target (gmail account, Skype account, Y! messenger,
 etc) and get a dump of data in that account, plus realtime access to the
 activity on the account.  The volume is quoted to be on the order of
 10k-100k of requests annually.  The implication is that data production
 is nearly immediate (measured in minutes or hours at most), not enough
 time for a rubber-stamp FISA warrant, implying a fully automated system.

 At these volumes we're talking one, or a few, boxes at each provider;
 plus the necessary backdoors in the provider's storage systems (easy,
 since the provider already has those backdoors in place for their own
 maintenance/legal/abuse systems); and trusted personnel on staff at the
 providers to build and maintain the systems.  Add a VPN link back to
 Fort Meade and you're done.

 That's obviously a much easier system (compared to your 200 GBps
 sniffer) to build at the $2M/yr budget, and given that $2M is just the
 government's part -- the company engineering time to do it is accounted
 separately -- it seems like a reasonable ballpark for an efficient
 government project.  (There are plenty such, and the existence of
 inefficient government projects doesn't change that fact.)

 It's even possible that executive/legal at the providers actually aren't
 aware that their systems are compromised in this manner.  NatSec claims
 will open many doors, especially with alumni of the DoD who have
 reentered the civilian workforce:
 https://financialcryptography.com/mt/archives/001431.html

 -andy
 --
 Too many emails? Unsubscribe, change to digest, or change password by 
 emailing moderator at compa...@stanford.edu or changing your settings at 
 https://mailman.stanford.edu/mailman/listinfo/liberationtech
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech