Feeds

back to article NSA to world+dog: We're only watching 1.6% of internet, honest

The US's National Security Agency (NSA) has issued a document titled The National Security Agency: Missions, Authorities, Oversight and Partnerships (PDF) that explains some of its operations - and includes a claim it “... touches about 1.6 per cent... “ of daily internet traffic and “...only 0.025 per cent is actually selected …

COMMENTS

This topic is closed for new posts.

Page:

Anonymous Coward

I have no issue with the NSA monitoring traffic that the legal system has deemed they can capture. No secret courts are required. Courts can seal records and issue warrants without the recipient(s) knowing. Until the EFF, ACLU and the likes can perform their own review of the NSA program, how can you trust anything that the NSA has said or what they will say in the future? Much like the government couldn't prove backdoors in Huawei gear, but given that they used Huawei couldn't prove otherwise, maybe we should use the same system to the NSA and any government program? If the NSA has done nothing wrong, then they have nothing hide and should be welcome to an independent review that will clear them, right?

15
2
Anonymous Coward

While I am against things such as the UK's Snoopers Charter, or any system that monitors ALL internet traffic & communication, I am fully in favour of targeted intercepts, and if that means they need infrastructures in place to intercept, fine, as long as it takes a court order to do so, AND it is only used for serious crime i.e. Murder, People Trafficing, Drug Smuggling... Anyone using these powers to catch a minor criminal should be punished severely...

As soon as you take away judicial oversight of interception, you pave the way for 1984, where the thought police are abound... Although right now the thought police already are moving upon us, as soon as they criminalised pseudo-images, they became thought police...

10
0
Silver badge
Meh

Monitor 1.6% of the Internet but records everything.

'I have no issue with the NSA monitoring traffic that the legal system has deemed they can capture. No secret courts are required.'

I wouldn't trust the US 'legal system' as far as I could throw it.

15
0
Silver badge
Megaphone

Trust me, I have nothing to hide...

and that's why I only give you selected statistics and half-truths.

The whole existence of the NSA is based on the concept of undercover surveillance. Turns out the people are a bit scared about undercover surveillance and prefer an open, democratic society. No spin will resolve that muti-billion-dollar dilemma.

2
0
Silver badge
Stop

"the Internet carries 1,826 Petabytes of information per day."

Much of which is duplicated en masse due to being -say- on the BBC news site, much of which is porn, much of which is Beyonce videos on YouTube. By the time you cull out all of that heavy-bandwidth traffic and mass publications, I suspect that the entire world's email and messaging is somewhat close to that 1.6% figure.

So basically it's a mis-used statistic that's intended as a publicity sop.

15
0
Silver badge

"As soon as you take away judicial oversight of interception, you pave the way for 1984, where the thought police are abound.."

Given the state of much critical US infrastructure (eg, bridges), and bureaucracy for its own sake, the scenario which springs to mind is more like Brazil than 1984.

2
0

Finding the targets?

<quote>

I am fully in favour of targeted intercepts

</quote>

How do you find the targets to intercept?

1
2
Big Brother

Department of Information Retrieval

The interesting question for me is not what the NSA is *trying* to do, but what is in fact possible.

The chances that they or any other body can deliver value for money on this technologically ignorant and pork-laden political wild goose chase approaches 0.025% of 1.6%. There are no obvious incentives to apply an economic rationale. Even if there were, failure and success are both secret.

The NSA effort is politically inspired, but not politically accountable. It creates special interest groups that can use both secret failure and secret success to appropriate more resources.

It's sheer genius. It's the perfect scam. All that's missing is to charge the victims for their own interrogation.

Harry Buttle

0
0
Bronze badge

"We're only watching 1.6% of Internet, honest"

So presumably they just exclude all porn related traffic....

2
0
Facepalm

Re: Department of Information Retrieval

In 'victims' I include 'bad guys'.

0
0

I wouldn't discount the porn or the Beyonce videos, only their duplicates. When any new video or image is uploaded, that is 'touched by the hand of NSA' but when it is downloaded, only the TCP headers (or 'metadata') are kept. Those are freebies and don't count towards the 'data' total. The 1,826 Petabytes of information consists largely of duplicate client requests for previously 'touched' data. The NSA likely only needs to 'touch' 29 Petabytes in order to capture everything - every header, every porn file, every mundane image upload on every image sharing site as well as the more savory web pages, emails, spam (just one copy of each) and all. The only duplicates that the NSA are collecting in their 29 Petabyte Total Internet Trawl are the files that they were unable to determine were duplicates at the time of interception.

Anything that the NSA don't have from the Internet remains uncollected only as the result of an error, and that will be fixed and collected at a later date.

0
0
Bronze badge

Re: Finding the targets?

Unpleasant it is, but NSA developed *one* way (there surely are others) of finding *some* targets. With all the indignant commentary, I have seen no suggestion of an alternative that allows both potential advance warning and going back for a short period after a missed event (NSA says 30 days, I think, for most retained data).

0
0
Anonymous Coward

1.6% of all Internet Data ~ 100% of all relevant Internet metadata.

It is total surveilance all right.

1
0
Bronze badge
Unhappy

Re: Brazil

You have no idea how much pulsating, living ductwork we have over here...

0
0

You can't prove a negative.

Anyway merely collecting IP headers of everything is about 1.6%

3
0
Anonymous Coward

You wouldn't even need to capture the headers. The courts have already ruled that the headers are fair game. Your ISP has full right to that information, the payload they do not. The reason why the NSA doesn't need to collect the headers, there is a far easier way; NetFlow/IPFIX. The ISP's already have tools to collect this and virtually all the devices they use, support it in hardware. You can have multiple destinations or they could have their collector also forward it to additional destinations. This would give the NSA all the data they need and not actually have to install a clot of collectors like they would to collect headers. That would require the sue of taps or SPAN/Monitor sessions on the ISP's gear. NetFlow/IPFIX is far cheaper and easier to implement. Many devices you just cannot send headers, so the collector would need to discard the rest of the packet.

1
1
Anonymous Coward

Hmm I have to investigate this... this might serve a purpose for me... not spying on anyone... just trying to characterize what apps are generating what type of traffic in a mobile network.

0
0
Bronze badge
Holmes

1.6% of what?

75% is probably YouTube, Netflicks et al. Then you have music streaming and Spam. That probably means 98% of the traffic isn't collected, because it isn't relevant.

That leaves you with legitimate e-mail, FaceSpace and other web sites at under 2%... Not sinister at all.

:-D

0
0
Anonymous Coward

"WE'RE ONLY WATCHING 1.6% OF INTERNET"

Classic NSA doublespeak. It'll later be revealed that by "watching", they really meant "not watching".

6
1
Bronze badge

so in a nutshell

if you use the internet for nothing but porn your probably safe from the NSA.

See, porn saves us again!!!!!!!!!!!!!

2
0
Anonymous Coward

Re: so in a nutshell

.. but not from the FBI

0
0
Silver badge
Gimp

Re: so in a nutshell

Or from the MOB. (flaming torches variety). As its well known that porno watcher = paedo. Cameron and the Daily Mail told me - it must be true.

6
0

1.6% could probably include all the email and…

…all of the web traffic excluding the images, videos, search results, CSS and Javascipts.

15
0
Bronze badge
Angel

Re: 1.6% could probably include all the email and…

Exactly! It is estimated at least 50% of internet traffic is streaming video - so remove that from traffic that there is no point in them monitoring - and now they are monitoring a LOT more of useful traffic.

2
0
Bronze badge

Re: 1.6% could probably include all the email and…

The figure that grabbed my attention isn't the 1.6% but the 0.025% which looks a lot more significant to me - that means that 1.56% of the traffic they receive is put through additional analysis. Filter out the video, spam, advertising, p2p, and porn and you must be up to 10% of everything else. In other words, anything remotely interesting. That could be you talking to your boyfriend about coming out as gay or your strategy in tendering for that multi-million pound contract against the US Megacorp.

This isn't about terrorism or targeted surveillance of specific subjects of interest: their own figures and a little common sense show this is a blanket trawl of any juicy tidbits.

12
0
Gold badge
Big Brother

Re: 1.6% could probably include all the email and…

"This isn't about terrorism or targeted surveillance of specific subjects of interest: their own figures and a little common sense show this is a blanket trawl of any juicy tidbits."

Exactly

And remember the rest can always be archived for later "review" should you become a person they have become interested in.

3
0

Re: 1.6% could probably include all the email and…

"We made a mistake with the %, after accounting for gzip we meant 25% of all traffic!"

0
0
Bronze badge

Re: 1.6% could probably include all the email and…

They simply use Adblock Plus like everyone else.

0
0
Anonymous Coward

i haz filterz too

"NSA to world: we're only watching 1.6% of internet"

So you have a spam filter .. congratulations.

18
0
Bronze badge

1.6% and they want to cut jobs...ok.

2,000,000,000 billion internet users, and they are watching 1.6%...?

2,000,000,000 * .16 = 320,000,000

With 320mil possible reviews, is cutting jobs sane? If one person could invalidate/validate 100 a day per (and that's a lot), that would mean it would take 3,200,000 people to review them all in 1 day. Or 3,200 people in 1000 days.

I'm bringing up these goofy numbers because the review process is supposed to stop terrorism (supposedly). With these type of numbers, how could they ever stop an attack on time? If the NSA gets a lead on a terrorist attack, then the attack would basically have to take place 2+ years in the future for them to stop it, or else the lengthy review process won't stop the attack.

So are they sure they aren't doing something else with the data?

1
1
Bronze badge

Re: 1.6% and they want to cut jobs...ok.

BTW, yes I know I fucked up and used .16 instead of .016, just remove a zero from everything :-(

0
0
Silver badge
Boffin

Re: 1.6% and they want to cut jobs...ok.

1.6% *of traffic* - doesn't necessarily translate to 1.6% of users.

1
0
Black Helicopters

Re: 1.6% and they want to cut jobs...ok.

By "touching" they almost certainly mean automated scans for names, phrases, flagged addresses, and suspicious activity like exchanges of encrypted mails (WHAT ARE YOU HIDING, CITIZEN?). It's been common knowledge that this has been done since at least the 90's. That doesn't take any people at all, but is a big part of the reason the NSA has as big server parks as Google.

By "reviewing" they mean that the stuff the automated scans have flagged are checked by an analyst. Nearly all the flags will be clearly innocuous, and each of the several thousand analysts can probably process several flags per minute. A very *very* small percentage will receive closer investigation.

1
0
Bronze badge
Headmaster

Re: 1.6% and they want to cut jobs...ok.

@MyBackDoor "2,000,000,000 billion internet users"

Have cats,dogs and other animals started using the internet now to, or is it aliens?

Can't be humans, since there aren't 2,000,000,000,000,000,000 people in the world.

1
0
Anonymous Coward

Why bother?

Prior to Snowden spilling the beans the NSA lied to Congress about its activities, then further lied about the extent of surveillance until further releases caught them out again; the use of one-sided secret courts and gag orders pisses on just about every principle of accountability and oversight I've ever heard of.

You could pick any of a number of US denunciations of the Soviet Union and satellites from the 50's to the end of communism and they'd fit the NSA's core business nicely, yet we're supposed to trust them because this is some kind of 'good' spying on your own citizens.

Now, on an almost weekly basis we get an endless stream of hot air filled with facts and figures justifying this State Surveillance for how little is really done and many bad people its stopped - facts that cannot be checked or verified. Given the lack of real information offered, if it was all so bloody benign, why wasn't it simply revealed before?

I'd be amazed if there was anyone outside politics stupid enough not to see the NSA's fluffy facts and soft soap for what it is - the authors of the constitution saw these people coming, and they've been dead for two centuries. Rather than PR untruths, maybe they'd be better off spending the time penning their statements for the Truth and Reconciliation Commission I sincerely hope they'll be facing one day.

16
1
Bronze badge
FAIL

Re: Why bother?

An interesting comment I saw buried deep in an article, I think on the Washington Post, is that members of the Intelligence Oversight committees gave up trying to get the Patriot Act amended for one very simple reason: they couldn't discuss the reasons for wanting the amendment as it relied on compartmentalised information. It's very hard to make a coherent argument for changing a law when you can't tell the people who will vote on the proposal why the amendment is needed.

The committee members have to read their intelligence briefings in a secure room and can't take any of the data out of that room.

Since all the committee does is ask questions (as I understand it they have no real authority to change anything without a vote of the full house), which makes the entire oversight process a waste of time. The only real effect of the oversight committee is that the electorate probably think that the committee is there to stop abuse of power. i.e. yet more security theatre.

10
0
Bronze badge

Re: Why bother?

After reading the WP article I concluded that the Senators' and Representatives' comments, including Mr. Wyden's, were mostly self serving CYA. Almost all of them were lawyers and all have access to lawyers capable of analyzing the effect of law changes that were not at all secret since they became part of the USC. The oversight committee members are not required to vote out a bill they have reservations about any more than they were to approve and repeatedly fund the Iraq war.

Sen. Diane Feinstein may say thing that now are politically quite incorrect, but she is at least honest about this.

0
0
Silver badge

foreign entities

Means any company that might be tendering for a US contract, any that might compete with a US company or any that make sales in the US and the IRS might like to take a look at.

Imagine how useful it would be for the inland revenue to have all Starbucks internal discussions with their tax lawyers (well not at all of course because they are a US company and so the UK government will roll over like good little puppets.)

2
0
Bronze badge

Lies, damned lies, and statistics

Assumption: the NSA does most of it's gathering on data that transits US soil, since most data is sent via oceanic fibre it can't be sniffed off satellites or radio (yes, I'm deliberately discounting the assertion Snowden made that they've spliced beam splitters into Chinese fibres)

The obvious conclusion from that assumption is that they're probably very deliberately using a very large figure (total global Internet traffic) and figuring out what percentage of that is caught in their sniffers.

A more relevant statistic is probably the percentage of USA traffic that they capture. I suspect it's quite a bit higher than the 1.6% from their publication.

0
0
Silver badge
Meh

Re: Lies, damned lies, and statistics

If you read the NSA white paper, you will see that they mention 30 countries that they have information sharing with, so think in terms of pretty much everyone in NATO, plus Japan, Korea, the Phillipines, Singapore, Australia and New Zealand being part of the system.

And yes, given what has been declassified about Cold War taps placed on Russian undersea cables, expect that the NSA has splitters on most of cables that come into China from the Pacific.

0
0
Bronze badge

Re: Lies, damned lies, and statistics

Father Ted: “Well, we’re not all like that, Niamh. Say, if there’s two hundred million priests in the world, and five per cent of them are paedophiles, that’s still only ten million.”

0
0
Bronze badge
Big Brother

Under the boot

Looking at the boot notes here makes me think the NSA gave the response of an organization run by people who think it's beneath them to have to respond to rest of us "useless eaters".

1
0
Silver badge

What Spooky Type NSA In PhormdD Information Systems are not clearly telling you at present*

EMPowering Command and Remote Virtual Control of IT, without Leading Media Mogul Maintenance and Compliant Explicit and Implicit Complicit Participation, is the NEUKlearer Great IntelAIgents Game and Alternate Virtual Reality for Engaging SMARTR Futures and Derivative Markets Players. ........ and not at all a Trivial Heavenly Pursuit, for ITs Rewards are Bonded Boundless Bounty and an Absolute Dream of a Nightmare to Oppose and Seek to Destroy and Disrupt.

*And why would you think that they ever would need to share such intelligence services with you, should you find it so easy to disbelieve and dismiss the notion and its programming to allow ITs Beta Players free rein and dominion in all domains entered and accessed.

And what would think you could possibly do, which would have any discernible disruptive or positive effect upon pre-programmed outcome, if you were advised such is a SecuredD IntelAIgent Stealth and Advanced Active Astute Autonomy Program floated by GCHQ and CESG for Markets Capture and Capitalisation/Virtual Realisation and Monetisation ..... Price Fixing? And/Or would you fully expect it to be plausibly denied by systems heads/incumbent controllers/anonymous spokespersons fully briefed to speak on the cloudy matter and CHAOS** for their service ....... or if you prefer, fully debriefed to speak on the cloudy matter for CHAOS in their service.

Methinks though, whenever something is so powerful as to be invaluable, is that fixing markets price exercise really pointless and only necessary to stop the Markets Games from collapsing in on itself with mass realisation of its artificial core purpose and the abusive use for personal profiteering which its misuse by right ignorant and arrogant dodgy traders results in.

**Clouds Hosting Advanced Operating Systems

2
2
Silver badge

Re: What Spooky Type NSA In PhormdD Information Systems are not clearly telling you at present*

And what you may have to consider is the real truth as shared by Adam Curtis [of BBC documentary fame] ……

BUGGER… maybe the real state secret is that spies aren't very good at their jobs and don't know very much about the world
….. and how it is worked and IT works it. ……. http://www.bbc.co.uk/blogs/adamcurtis/posts/BUGGER

Which then would present one with, when one is exceptionally good at what one does and makes one a person of interest, an ab fab fabless opportunity to provide states with that which they need to counteract what they be missing.

2
1
Gold badge
Big Brother

Tranlation

"We'd like to spy on more of you more often, but we just don't have the facilities to do that in real time. Good thing we have lots of backup capacity so any of you step out of line we can just do a quick restore and see what you history says about you. Trust us, we're here for your safety."

Somehow I find my myself strangely unconvinced.

0
0

“NSA personnel are obliged to report when they believe NSA is not, or may not be, acting consistently with law, policy, or procedure.”

Of course they are, that makes it much easier to pick out the 'traitors' for waterboarding and life imprisonment.

2
2

But most Internet traffic by volume can be eliminated easily...

E.g. in Canada 1/3 of all evening Internet traffic is Netflix, which the NSA wouldn't care about. Ditto for most video streaming (oh user pulled a Justin Bieber video, who cares). So that 1.6% of traffic of everything is probably a significant chunk of the actual Internet traffic that is interesting (email, VOIP, instant messaging, etc.).

1
0
Anonymous Coward

I talked to a man who works for the NSA

he said ' this whole privacy thing is like a pendulum, it swings one way (TBL WWW 1989) then it swings another way (NSA/GCHQ 2013)"

The problem that I see - is that the pendulum of privacy is not guaranteed to ever swing back in the direction of 'free & private correspondence' - In Germany, who have their election in just a few weeks, they are already lining-up people to fire as 'responsible' for the BND/etc/NSA co-operation. (Steinmeier?)

in practise, all EU governments (interior ministries justice departments) signed up to the post-echelon PRISM system quite some time ago, If I can take all you honorable ( and the dishonorable lurkers) back to 1995

this was the writing on the wall

"Memorandum of Understanding on the Legal Interception of Telecommunications

The "Memorandum of understanding with third countries" (later described as the "Memorandum of Understanding on the Legal Interception of Telecommunications") was discussed at the EU K4 Committee in November 1994. The significance of the "Memorandum" is that it extends the agreement on the surveillance of telecommunications to non-EU countries who are being invited to adopt it - and with it the "International User Requirements".

The Memorandum of Understanding was signed by the 15 EU Member States on 23 November 1995 at the meeting of the EU Council of Justice and Home Affairs Ministers

The contact addresses for signatory countries and for further information, which confirms the EU-USA link, should be sent to:

"a) Director Federal Bureau of Investigation,

Attention: Information Resource Division,

10 Pennsylvania Avenue, N.W.,

Washington D.C. 20535

b) General Secretary of the Council of the European Union,

FAO The President,

Rue de la Loi 175,

B-1048 Brussels,

Belgium."

The number of signatories to the "Memorandum" was open-ended, any country can join providing the existing member states agree. It invites "participants" because "the possibilities for intercepting telecommunications are becoming increasingly threatened" and there is a need to introduce "international interception standards" and "norms for the telecommunications industry for carrying out interception orders" in order to "fight organised crime and for the protection of national security."

The strategy appears to be to first get the "Western world" (EU, US plus allies) to agree "norms" and "procedures" and then to sell these products to Third World countries - who even if they do not agree to "interception orders" will find their telecommunications monitored by ECHELON the minute it hit the airwaves.

Source: "Memorandum of Understanding concerning the lawful interception of telecommunications", ENFOPOL 112, 10037/95, Limite, Brussels, 25.11.95<

"not a significant document"<<<<<<<-----------------------WOW!

- the Home Secretary

The Chair of the Select Committee on the European Communities in the House of Lords, Lord Tordoff, took up the "Memorandum" with the Home Secretary, Michael Howard, in an exchange of letters on the Committee's access to documents for scrutiny.

On the subject of the "Memorandum of Understanding on the Legal Interception of Telecommunications" Mr Howard told Lord Tordoff:

"The Memorandum of Understanding is a set of practical guidelines to third countries on the lawful interception of telecommunications. It is not a significant document and does not, therefore, appear to meet the criteria for Parliamentary scrutiny of Title VI documents."

It is quite clear from this Briefing that the "Memorandum" is not an insignificant document concerning as it does a EU-US plan for global telecommunications surveillance.

The "Memorandum" itself is just two pages. It is the full text of the "Resolution" attached to it which demonstrates its full meaning.

However, not only did Mr Howard not think the "Memorandum" was "a significant document" he also apparently believes the attached Resolution also insignificant as he allegedly did not submit it to the House of Lords Committee for scrutiny prior to its adoption in January 1995 or thereafter.

Source: Correspondence with Ministers, 9th Session 1995-96, HL 74, pages 26-29.

Letter to international standards bodies

In December 1995 COREPER agreed a letter to be sent out to "international standardisation bodies in the field of telecommunications" (IEC, ISO and ITU) also ETSI. The letter said:

"Modern telecommunications systems present the risk of not permitting the lawful interception of telecommunications if they have not been adapted, at the standardisation and design stage, to allow such interception."

These bodies are "invited" to take account of the requirements of the Council Resolution of 17 January 1995 and told that Member States would be applying "these requirements to network operators and providers of services".

The December 1995 letter to international standards bodies and the publication of the main Resolution in November 1996 in the Official Journal announced to manufacturers of equipment and service providers that they will be expected to meet the "Requirements" allowing surveillance for any new contracts within the EU and via the "Memorandum" that these standards would also apply to any countries signing up to it - for example, the USA.

Source: "Draft letter to be sent to the international standardisation bodies concerning the Council Resolution of 17 January 1995 on the lawful interception of communications", Council General Secretariat to COREPER/COUNCIL, ENFOPOL 166, 12798/95, Limite, 14.12.95."

sorry for that long chunk of 'not significant documents' thanks to Statewatch & cryptome for hosting some of the sources - the MOU & attachments “ENFOPOL 112 file number 10037/95” has not yet been found online.

of course, all the above 'subversion' of the internet was done in the best possible taste, only the FBI is mentioned - but Snowden showed that the 'FBI' data goes straight to 'NSA' - and then perhaps some of it is returned to the 'FBI' for the purposes that it was nominally acquired for?

3
0
Bronze badge

They missed a bit

“This self-reporting is part of the culture and fabric of NSA,” the document continues. “If NSA is not acting in accordance with law, policy, or procedure, NSA will report through its internal and external intelligence oversight channels, conduct reviews to understand the root cause, and make appropriate adjustments to constantly improve.”

They should have finished with the word 'honest'. We all know that makes them sounds more believable.... honest

2
0

Page:

This topic is closed for new posts.