back to article NSA dragnet mostly slurped innocents' traffic

NSA babbler Edward Snowden's latest drop alleges something that's been suspected ever since he went public during 2013: that spy agencies reach far beyond “persons-of-interest”, with data on ordinary internet users far outstripping that held over formal “targets”. According to The Washington Post, the latest set of documents – …

COMMENTS

This topic is closed for new posts.

Page:

Silver badge

Second leaker

Some people believe this was not part of the Snowden trove, but for various reasons believe it originated with a second leaker.

1
2

Re: Second leaker

No citation? No evidence? Just "Some people believe..."?

1
2
Silver badge

Re: Second leaker

Cory Doctorow and Bruce Schneier, to name a few. I figured most Reg readers would have already known this, I guess I give them too much credit.

https://www.schneier.com/blog/archives/2014/07/nsa_targets_pri.html

1
0
Anonymous Coward

Re: Second leaker

Some people believe the Apollo moon landings weren't faked too.

1
1
Silver badge

Right! that's enough!

Time for an intervention.

Someone get Matt Paxton over to the NSA, ASAP!

1
0
Bronze badge
Holmes

Arguments in defense of the NSA

(1) When you do the math, it turns out that keeping the data is free. You only incur a cost when you erase the information. Therefore the NSA is just trying to save money.

(2) As the marginal cost of storing data declines, the cost of keeping your personal information is approaching zero. However, the cost of evaluating information to insure that it does not have any value and will never have any value is quite large, obviously much larger than zero. Therefore, even if they never looked at the information, the NSA can't afford to assess it for deletion.

In conclusion, we are SO screwed.

8
1
Silver badge
Holmes

Re: Arguments in defense of the NSA

On the other hand, if they didn't collect the information of "innocents" in the first place, it would be even cheaper und they wouldn't face their current debacle.

In the past spy agencies had limited resources, so they had to be selective about targeting suspected bad guys, be they terrorists, other spies etc. The change in technology means that they don't have to be as selective, because they can pull in more information on more people.

On the other hand, does that give them the right to slurp ALL data on every user of a service, just in case it could some day be useful?

I think it is time to bring George out of retirement and send him back to the Circus to try and clean things up. Maybe the Americans should dig up Felix as well, I'm sure he would be turning in his grave... That said, I expect Hoover's coffin probably needs an extension and some Kleenex.

6
1

Re: Arguments in defense of the NSA

"In conclusion, we are SO screwed."

Not at all - if the NSA can't afford to assess it, then they'll never look at it and it will eventually cause the entire United States government to collapse due to the escalating electricity cost for the data center(s).

Well, I can dream, can't I?

0
1

Re: Arguments in defense of the NSA

"On the other hand, if they didn't collect the information of "innocents" in the first place, it would be even cheaper und they wouldn't face their current debacle."

If you look for a needle in a haystack most of what you look at will be hay.

I'm not saying its right to retain the data, but it is inevitable it will be collected.

1
0
Bronze badge
Big Brother

Too numb to care any longer ...

"... we are SO screwed."

Yes. But at the same time the American public is so enervated by endless revelations of privacy abuses that our screwing seems to be little more than a fait accompli.

3
0
Silver badge

Re: Too numb to care any longer ...

It isn't just 'Mericans.

As a non-American, non-fundamentalist, non-Muslim, non-terrorist, non-bomb maker, non-spy, just a general nobody, I feel affronted that they are slurping my data "just because they can"...

I wonder if the NSA filter strips off the "non"s above and when they will be knocking on my door...

3
1
Silver badge

Re: Too numb to care any longer ...

Actually, they won't have to strip off the 'non"s. They'll just assume that since you're denying everything and doing it publically, you have something to hide.

1
0
Bronze badge
Joke

That explains it

men showing off their physiques and images in which “women model lingerie, leaning suggestively into a webcam or striking risque poses in shorts and bikini tops”

The NSA is monitoring the Daily Mail!

8
1

Re: That explains it

"The NSA is monitoring the Daily Mail!"

Someone has to...

0
0
Anonymous Coward

Or was it for political purposes?

If you have followed the IRS scandal and the missing e-mails due to a crashed hard drive, you have to wonder if the emails were being searched for political content.

Opponents of Obama would have the E-mails forwarded to the IRS for "checking" of their tax exempt status.

0
3
Silver badge

Re: Or was it for political purposes?

Yes. Using a covert, super enabled, state intelligence agency to investigate tax statuses is probably the first thing people think of once they are holding the reins of power. Of all the creative ways to abuse power, investigating civil infractions with a maximum penalty of $15,000 is definitely the ultimate reward: 'Ha! Choke on the Throbbing Manhood of vengeance you fool! Suck it all. The taste will be burned into your soul as you attend one 30 minute class on asking the IRS for assistance in populating forms. Watch your future slip away as your bank account is debited $125/month for the next decade. The echoes of your suffering will reverberate for ages and all will know the price of thwarting me'.

6
2
Silver badge
Facepalm

They didn't need to slurp data <I> en masse </I> for this

Quote: it's hardly surprising that the documents Snowden worked through with the Post included men showing off their physiques and images in which “women model lingerie, leaning suggestively into a webcam or striking risque poses in shorts and bikini tops

Hell... letting the NSA play on Facebook would have been cheaper and probably have let them have the same pics. Ok. Maybe not.. add Tumblr and Reddit...etc.... and only slurp Snapchat via the backdoor.

1
1
Anonymous Coward

6 degrees of separation...

... means that we are all Thought Criminals.

9
2
Bronze badge

Re: 6 degrees of separation...

I agree.

The NSA is playing meta data Roulette. They misunderstand this game of chance - Red, Black or Green, no Blue, Pink or Purple, a run of numbers don't mean shit.

Dans les champs de l'observation le hasard ne favorise que les esprits préparés.

(In the fields of observation chance favors only the prepared mind.)

Louis Pasteur

1
0
Gold badge
Gimp

"We never make mistakes"*

As Solzhenitsyn quoted of the KGB.

To a data fetishist there is no irrelevant data, merely data that has not been linked to someone who has done something we are interested in yet.

Once the cost per bit dropped low enough it was only a matter of time before some ethical vacuum would ask "why not?"

14
1
Silver badge
Unhappy

Isn't it ironic?

Extract from an e-mail from the Post article from someone in Afghanistan to his girlfriend (for want of a better word) in Australia...

“look in islam husband doesnt touch girl financial earnigs unless she agrees but as far as privacy goes there is no room….i need to have all ur details everything u do its what im supposed to know that will guide u whether its right or wrong got it

He was a fanatic. What does that make the NSA?

4
1

A small fly in the ointment

Memory is cheap, but the operational costs of storing all of that unevaluated data is high.

The presumption that the data cannot be deleted without evaluation implies that the NSA believe it MAY be relevant. That means that when they search the database for connections and patterns they would want to include this potentially relevant data.

All this is just so much digital noise in the system increasing the number of potential false warnings generated. These have to be sorted out by human analysts, a labor-intensive and expensive process. It is also time consuming, increasing the time it takes for a response.

This is why indiscriminate data collection is not just a threat to individual rights and freedoms. It is also counterproductive to the mission of the operation.

5
2
Bronze badge

Re: A small fly in the ointment

"All this is just so much digital noise in the system increasing the number of potential false warnings generated. These have to be sorted out by human analysts, a labor-intensive and expensive process. It is also time consuming, increasing the time it takes for a response."

and the typical response to this. as always, will be higher budgets to employ more people to sort through more rubbish.

2
0
Silver badge

Re: A small fly in the ointment

The costs of storing all that useless data is nonexistent. That's the biggest perk of being a government that has zero qualms making the taxpayer pay for their own cavity searches. It's really nothing to worry yourself over though. Since this is all related to 'National Security' the actual costs are recorded on the first invisible page of the GAO annual spending report. A lot of work goes into making sure intrusive government surveillance programs don't cause you any anxiety.

3
2

Re: A small fly in the ointment

Actually, no. You are assuming no technological advances in automatic correlation of data which is not true. In fact, I really wonder why this hasn't been all fed to an iteration of IBM's Watson. Or perhaps that's what the fires are about at the Utah data-center.

0
1

Re: A small fly in the ointment

"The presumption that the data cannot be deleted without evaluation implies that the NSA believe it MAY be relevant."

What is irrelevant today may not be so tomorrow.

Today I'm just a tax paying grunt worker whose data would be irrelevant. Tomorrow I might bump into the PMs wife in Waitrose and start slipping her a length while Dave is out at PMQs. So tomorrow, all my data may be relevant.

0
2

Re: A small fly in the ointment

@ Don Jefe

Who wrote "It's really nothing to worry yourself over though. Since this is all related to 'National Security' the actual costs are recorded on the first invisible page of the GAO annual spending report. A lot of work goes into making sure intrusive government surveillance programs don't cause you any anxiety."

A Washington Post's Investigative report "Top Secret America" provides some compelling support for Don Jefe's statement. The explosive growth in the number of functions for which the government now requires compartmented clearance runs counter to the most fundamental principles of information and operational security. Serious stuff, this.

2
0

Re: A small fly in the ointment

@jackofshadows

Technically, what Watson does in the way of data search and retrieval is very different in scope and intent from what so called "horizon scanning and risk assessment" systems are trying to do. The best and most accessible discussion of the problem of data classification (in the filtering sense) that I'm aware is in a couple of papers by Tom Fawcett, on something called ROC curves. ROC originally stood for "receiver operating characteristic", referring to the ability of a receiver to classify targets in noise. An analogous phenomenon occurs in pattern matching in digital data, where the term "relative operating characteristic" is used.

Googling ["Tom Fawcett" ROC analysis] (without the brackets) should produce relevant results in the first few hits.

Your comment on the advances in data correlation and retrieval is correct. However, much, if not most of that advance has been in hardware performance, and in improved algorithms to exploit those capabilities. The basic rules of probability and statistics haven't changed. That said, the reference to Watson is a very helpful addition to the discussion. While it may not address the general problem, it is probably ideally suited for looking for convenient facts about targeted individuals and deserves attention. .

Another observation from an old man, for what it's worth

3
0

Re: A small fly in the ointment

A wee small correction/clarification on the following from my earlier:

This is why indiscriminate data collection is not just a threat to individual rights and freedoms. It is also counterproductive to the mission of the operation.

This reflected the thought that nations may have legitimate national security requirements for intelligence gathering and surveillance operations, including properly limited targeted and legally sanctioned surveillance of electronic communications on the internet.

It has been bothering me since I posted that the italicized quote could be construed as an implied endorsement of operations currently being conducted. If so, the best response I can offer is the classic response of Baron von Trapp in the movie "The Sound of Music" to the Nazi Colonel's statement, "You flatter me!"

How clumsy of me.

1
0
Gold badge
Gimp

Re: A small fly in the ointment

"Today I'm just a tax paying grunt worker whose data would be irrelevant. Tomorrow I might bump into the PMs wife in Waitrose and start slipping her a length while Dave is out at PMQs. So tomorrow, all my data may be relevant."

The creed of every data fetishist in a nut(case)shell.

0
1
Silver badge
FAIL

Re: John Smith IQ of 19 Re: A small fly in the ointment

".....The creed of every data fetishist in a nut(case)shell." Which neatly ignores the very, very slim possibility of it happening. You sheeple are very quick to bleat "innocent until proven guilty" for your own, but as far as The Man is concerned, because you have been spoonfed the thought "it must be true!" You are basing your whole decision-making on wild speculation and paranoia because you want to baaaah-lieve.

0
0

Re: A small fly in the ointment

You may commit a crime tommorow.

Best arrest you today then.

0
0
Silver badge
Facepalm

Re: Boring Bernie Re: A small fly in the ointment

"You may commit a crime tommorow. Best arrest you today then." And this is happening where....? Oh, it's not. Carry on then.

0
0
Silver badge
Flame

And for every false positive ...

the chances of a false negative *increase*. Not only are these asshats breaking the law, and pissing all over our privacy. They're also making themselves *less* likely to be able to protect us.

6
0
Silver badge

Re: And for every false positive ...

That has bothered me intensely since the Snowden stuff began. Yes, the assault on civil liberties and the 'justified disregard for the law' by lawmakers is revolting. I'm not sure it's possible for them to fail any harder at their jobs. But Christ on a cracker, do they have to curb stomp every principle of information science too?

This is undergrad level stuff here, but the only part they seem to have gotten right is that the public would be upset if they knew the scope of this monument to poor education systems. Regardless of ones stance on the necessity and ethics of all this mess, I cannot see how a compelling argument can be made for ignoring the most basic of information management fundamentals.

Enormous sums of money have been spent (hilariously, lots of it in the form of government grants) to develop better methods and processes for information discrimination in real time data. Obtaining information has never been a problem (spies, public 'secret police' and that nice man from Stasi have been around since day 1 to deal with that). The problem has always been in identifying what information has value. Most of The Register's target audience would be working in coal mines if only the information you wanted organized itself before it got to you.

Half-assed work just pisses me off. If you're going to do something do it right or don't do it at all. That goes double if my tax dollars are being spent on it. Bunch of slackasses. As if it were needed, this is just more proof Douglas Adams was right: Anyone capable of getting into government should be automatically disqualified from government.

3
1
Gold badge
Unhappy

Re: And for every false positive ...

"the chances of a false negative *increase*. Not only are these asshats breaking the law, and pissing all over our privacy. They're also making themselves *less* likely to be able to protect us."

I like the phrase (not my own) that roughly goes "Looking for terrorists is like looking for a needle in a haystack. Undirected data slurping now gives you a field of haystacks to search."

IRL of course analogy is a bit dumb as you'd use a metal detector, but what if you're looking for a piece of dyed hay in those haystacks?

0
1
Silver badge
FAIL

Re: John Smith IQ of 19 Re: And for every false positive ...

Which ignores the fact this work by the NSA is finding terrorists.

0
0
Silver badge
Big Brother

OMGeeez!!! What a DISASTER!!! We're all DOOOOMED!!! Etc.

The BBC had an article not his last week (http://www.bbc.co.uk/news/world-us-canada-28182494), though it seems to have been moved off the'US & Canada' page for not being hysterically sensationalist enough. Never mind, El Reg can always be counted on to make any NSA-related molehill into a mountain.

Whilst El Reg tries to quickly gloss over the successful tracing and capture of two terrorists just from this one batch, the Beeb has a bit more detail on what was also found:

"......However the paper says that the intercepted files also contained "discoveries of considerable intelligence value". These included "fresh revelations about a secret overseas nuclear project, double-dealing by an ostensible ally, a military calamity that befell an unfriendly power, and the identities of aggressive intruders into US computer networks", it said....."

And then we get back to the perennial question the sheeple just never want to answer - what 'harm' was done? Did any of the innocent people accidentally caught up in the sweep even report any 'harm'. Of course not, because there was none. It was less inconvenient than a traffic stop, yet the shepherds need to make out it was some life-threatening 'invasion of privacy'. It seems the biggest invasion of privacy was actually by Snowjob and chums when they dumped this data out. Snowjob took data from a carefully safeguarded and regulated environment and gave it to journals to do with as they wish.

The sheeple may now participate in the usual flock population census by clicking the down vote button (don't worry, Big Brother is not actually recording your downvotes, no matter how much you want to baaaah-lieve they are).

3
16
Roo
Silver badge
FAIL

Re: OMGeeez!!! What a DISASTER!!! We're all DOOOOMED!!! Etc.

"Snowjob took data from a carefully safeguarded and regulated environment"

If the data was sufficiently safeguarded "Snowjob" (Matt Bryant's spelling) would never have been in a position to access the data, let alone leak it. The fact of the matter is that the NSA failed to safeguard the data.

Hopefully the NSA are working on reducing the chances of collateral damage by narrowing their data capture & retention rather than doing fuck all and banking on Matt Bryant to deflect attention away from their inept information security practices.

6
2
Silver badge

Re: OMGeeez!!! What a DISASTER!!! We're all DOOOOMED!!! Etc.

You cannot possibly state that no harm was done. The hoovering and subsequent actions of the people with access to the information are all secret.

2
1
Silver badge

Re: OMGeeez!!! What a DISASTER!!! We're all DOOOOMED!!! Etc.

> Even data that the NSA has decided is irrelevant is retained by the agency

But I've been *ASSURED* that nobody is interested in us because we're just not important so *why* are they retaining this unimportant data?

Is this just the Precautionary Principle that "well you might be of interest to us later?" Perish the thought that there might be False Positives where some poor innocent sap gets caught up in the dragnet and then faces an accusation of a crime in a Kafka-esque secret court where he's not even allowed a proper defence because his legal team is not allow to actually examine the evidence against him.

Still, that's not harmful to Rights and Freedoms and Civil Liberties, is it?

6
1
Silver badge
Facepalm

Re: mooooooity Re: OMGeeez!!! What a DISASTER!!! We're all DOOOOMED!!! Etc.

"......The hoovering and subsequent actions of the people with access to the information are all secret." Not so. The journos that Snowjob has been feeding these docs to claim they have been able to unmask a number of them, so it should be easy enough for the same journos to go and ask the 'victims' if they have actually been the sufferers of any 'harm'.

On a side note, anyone silly enough to send nude pics or sexts or racy emails to a partner or the person they are cheating with, over a consumer network, and expect it not to ever be read, is - TBH - a cluetard. Our corporate firewall has a blacklist of thousands of sites where such pics and messages end up. The data gets there by three routes - jealous ex-partners sending old pics or ones they have intercepted off their cheating partners' phones/email; stolen by black hats and skiddies that have guessed or hacked the password for email, phone and/or social media accounts; and the admins that work for the network, ISP, hosting providers and social media companies. Oh, what, you thought the privacy agreement from your network provider and/or ISP and/or social media provider and/or hosting company was actually worth something? LOL! If your biggest worry is that the NSA might have a naughty pic of you then you're really not seeing the bigger picture.

1
12
Silver badge
FAIL

Re: Roominant Re: OMGeeez!!! What a DISASTER!!! We're all DOOOOMED!!! Etc.

".....If the data was sufficiently safeguarded "Snowjob" (Matt Bryant's spelling) would never have been in a position to access the data, let alone leak it....." Even Snowjob has had to admit he scarpered to China because the NSA did detect his unauthorised access and was closing in on him.

".....their inept information security practices." LOL! Don't worry, ickle Roominant, if there are pics of your tiny wheiner out there then they probably did not come from an NSA leak, more likely from skiddies and black hats.

1
12
Silver badge
Facepalm

Re: Marsbarbrain Re: OMGeeez!!! What a DISASTER!!! We're all DOOOOMED!!! Etc.

"....so *why* are they retaining this unimportant data?...." At a guess, for filter development. When developing such filters you want to be able to look at how much 'no-data' was returned and why, as well as the hit ratios. Why do you need to baaaah-lieve there is some dastardly reason for it being retained? It's not like it is going anywhere other than a secure cache.

0
10
Silver badge
FAIL

The laughable fundamental flaw with Matt Bryant's arguments...

I find it ironic (well, absolutely hilarious, actually) that Matt Bryant keeps calling us "sheeple" yet his arguments boil down to him actually saying that he *wants* us to be obedient sheeple, to not question, to accept the State snooping into our private business, to let them do whatever they want because they're the "shepherds" and they're doing it for our own good and to protect us from all those nasty wolves which are out there.

Well, thank you, Matt, but frankly I'm not falling for that nonsense and neither are most of the rest of us on here. So you feel free to keep baaa-lieving that it's all to make you safer and knuckle under to the power of the State and that you're not at any risk because you're not important enough for them to worry about and that it doesn't matter that your data and information is being stored and recorded and kept on file but some of us won't be sheep and won't simply, blindly accept this sort of thing, but will stand up for our Rights and Freedoms that people have fought wars to protect.

Oh and the final ironic flaw: Shepherds? Sheep? Lambs to the slaughter...?

ROFL!

12
1
Silver badge

Re: mooooooity OMGeeez!!! What a DISASTER!!! We're all DOOOOMED!!! Etc.

""......The hoovering and subsequent actions of the people with access to the information are all secret.""

"Not so. The journos that Snowjob has been feeding these docs to claim they have been able to unmask a number of them, so it should be easy enough for the same journos to go and ask the 'victims' if they have actually been the sufferers of any 'harm'."

You're not getting the point. The hoovering is secret. The people with access to the data are in secret jobs. Any actions they took (including passing nuggets of information to people who then made use of said nuggets to make decisions) wouldn't be widely publicised. Any 'victims' would know only that something went wrong. They would know only that they didn't get that job, for some reason; or that company X underbid them by precisely the right amount to score the contract; or that somebody suddenly decided that they didn't want a relationship. The victims would only know that the hammer had fallen; not who swung it or what caused it to start dropping.

You cannot possibly state that no harm was done without considerably more information. That's just as speculative as my contention that quite possibly harm was done. My point of view is based on what I know of human nature -backed up by scientific studies of how people behave when they think they are anonymous (or at least won't get caught)- and I would say that it is eminently possible -even likely- that information has been misused.

7
1
Silver badge

Re: mooooooity OMGeeez!!! What a DISASTER!!! We're all DOOOOMED!!! Etc.

Of course it's been misused, see LOVEINT.

But at least Tyrant hasn't trotted out his usual argument that nobody is interested in the sheeple. This time he's actually said that the sheeple are having their data slurped so a year later and some progress has been made.

3
1

This post has been deleted by a moderator

Silver badge
Happy

Re: mooooooity OMGeeez!!! What a DISASTER!!! We're all DOOOOMED!!! Etc.

".....You're not getting the point......" And here comes the predictable denial.

".....The hoovering is secret. The people with access to the data are in secret jobs. Any actions they took (including passing nuggets of information to people who then made use of said nuggets to make decisions) wouldn't be widely publicised....." Great, so you can agree that, if anything resulted from their data being intercepted, it would be a safe is bet that it would have to be The Man's fault.

"...,,Any 'victims' would know only that something went wrong....." Fine, so you show some evidence 'that something went wrong' for the people identified, then that would be 'harm'. Come on, you lot insist there is some Great Conspiracy, show some actual evidence of its dastardly actions. Oh, you can't, because the Great Conspiracy only exists in your minds and on wingnut websites.

I know it's going to upset you sheeple, that's partly why you're getting the heads-up, but we are galloping towards a regulated and policed Internet. Behind all the popularist politicians bleating about 'privacy' and enacting laws to keep data locally are official systems trying to catch up with the NSA. The only thing stopping such attempts today is the sheer volume of data and the budgetary limits, but it is quite possible that, within twenty years, you will have no chance of hiding anything on the Internet. If you don't like it then get off the Grid and let the rest of us use the bandwidth for something useful.

0
9
Silver badge
FAIL

Re: Dan 55 Re: mooooooity OMGeeez!!! What a DISASTER!!! We're all DOOOOMED!!! Etc.

"Of course it's been misused, see LOVEINT...." Wow, so your sole evidence of The Great Conspiracy To Oppress Us All is loveint? Major fail.

"....But at least Tyrant hasn't trotted out his usual argument that nobody is interested in the sheeple...." Not really sorry to break it to you but you are still of zero interest to anyone, you're just the 'no-data' retained for fine-tuning purposes, nothing more.

0
14

Page:

This topic is closed for new posts.

Forums