+1 "told ya so" point for Mr Assange.
Gotta love the PCMCIA mentions; brings back memories.
I'm frankly still amazed at how many people here were just so flabbergasted. I thought it was public knowledge in this community.
It wasn't even an underground thing: the European Parliament had a report on it published in June 2001 [2].
[1] http://www.duncancampbell.org/menu/journalism/newstatesman/n...
[2] http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//...
Whether or not people believed in the extent of surveillance largely comes down to how cynical people were about the US government.
I remember having conversations with people all the time in the 80's and 90's who refused to believe it even when they were told about things that the US government openly admitted. A lot of people had a lot of trust in the US government. Partly I guess because before the fall of the Soviet Union, to a lot of people it was a black-and-white good vs evil thing. If the Soviet Union was evil, then the US had to be squeaky clean and flawless. It of course helped that most people had no access to the internet.
I'm not surprised it's taken this long, given how hard people try to hold on to their beliefs even in the face of evidence. The fact of the matter is that we had, and still have, very little evidence about this surveillance, which slows the process down even further.
EFF and Wired Magazine published a lot of anti-clipper backlash during that time.
http://en.wikipedia.org/wiki/File:Cyberright.png
https://w2.eff.org/Misc/Graphics/
http://en.wikipedia.org/wiki/Clipper_chip
>Backlash
>Organizations such as the Electronic Privacy Information Center and the Electronic Frontier Foundation challenged the Clipper chip proposal, saying that it would have the effect not only of subjecting citizens to increased and possibly illegal government surveillance, but that the strength of the Clipper chip's encryption could not be evaluated by the public, as its design was classified secret, and that therefore individuals and businesses might be hobbled with an insecure communications system. Further, it was pointed out that while American companies could be forced to use the Clipper chip in their encryption products, foreign companies could not, and presumably phones with strong data encryption would be manufactured abroad and spread throughout the world and into the United States, negating the point of the whole exercise, and, of course, materially damaging U.S. manufacturers en route. Then-Senators John Ashcroft and John Kerry were opponents of the Clipper chip proposal, arguing in favor of the individual's right to encrypt messages and export encryption software.
>The release and development of several strong cryptographic software packages such as Nautilus, PGP and PGPfone was in response to the government push for the Clipper chip. The thinking was that if strong cryptography was freely available on the internet as an alternative, the government would be unable to stop its use.
Here's a photo that Tom Jennings took of some graffiti I left in South Park (next to Wired's office) in San Francisco around 1994:
http://worldpowersystems.com/projects/wps.com.21Oct1996/anti...
http://www.austinlinks.com/Crypto/break-pgp.html
EDIT: see dchest's comment, it's seems it's a repost from the NorthStar's newsletter, so then it has sense to link even to the "joke" stuff just tho give the readers an overview. If you look how it lo
So in retrospect tools like Carnivore sound primitive... at the time it was a pretty sharp scalpel.
Room 641A and MySpace both launched in 2003. Facebook became popular between 2004 and 2008. There were a few others in there; but in general the government programs scale relative to the amount of data made available through the Internet. In 1996 there just wasn't that much.
I guess the answer is technically 'no', insofar that the NSA isn't doing anything like what the Chinese government is doing. I feel weird giving you these links, because frankly you should know more about this than I, but here you go anyway:
http://en.wikipedia.org/wiki/Golden_Shield_Project
http://newsfeed.time.com/2013/09/04/the-grass-mud-horse-dictionary-how-chinese-bloggers-evade-censorship/And a request to the site admins: could you rewrite all http links to wikipedia as https? This occurrence is common, and https-rewriting cannot be easily automated on all client browsers/platforms.
We also heard that the Chinese state was so disrespectful and unreasonable that it was hiring hackers (in the sense of people who break security) and hacking computers all over the world. This was also an example of its commitment to control and monitoring of communications, and its unwillingness to let people have freedom and autonomy.
Since then we learned that Western states are also committed to having the technical means to control and monitor the Internet, although the policies for which they apply these means have usually been different. (The Western states almost never want people to know that they're watching, and they tolerate speech that might threaten social harmony much better.)
Now that we're hearing about a wider range of states building up the tools to monitor and control Internet communications according to their various state policies, there will be an important challenge. Can we transfer the kind of outrage that we felt against the Chinese government to everyone else, or will state control of the Internet be normalized and accepted as inevitable? (The Chinese government often responded to criticism of its Internet control programs by arguing that all other governments did analogous things, maybe just in the context of somewhat different domestic legal systems, and that it was normal and inevitable for states to be able to know and control how people use computer networks.)
It's an interesting comment though because it reminds us we tend to be more suspicious with other governments than ours. Most americans don't see NSA activities as an issue. After all, they're the "good guys".
> "Yes, China Is Spying On Skype Conversations" https://www.techdirt.com/articles/20081002/0903442435.shtml
For those concerned about the original poster, it's relatively clear she or he is no longer in China, based on use of the term, "Back in China"..
The one upside of this is that as technologists, this gives us the ammo we need to really work on crypto and proactive security from the beginning. Things that were previously thought of as tin-foil paranoia, such as ssl communications from data center to data center on leased fiber lines, are now par for the course after it was shown that Google traffic was being intercepted at crossing points. As a US citizen, I almost see it as a duty to work on proactively securing things where possible, not just to prevent my own government, but potentially less friendly governments or organizations from snooping.
Even if there is really a wolf. Especially if there's really a wolf — you don't want people to immediately write you off as a conspiracy theorist and alarmist. Even if you believe that you live in a true dystopian society, if your goal is to persuade people, you should try not to sound or look like character from The Lone Gunmen.
Sometimes I wonder how many conspiracy theorists are actually right, but when I begin to stuff like this, I can't bring myself to take it seriously, just because of pompous, self-righteous, anti-establishment way it is written.
Every manner of "conspiracy theorist" has been saying all kinds of similar things for years. Some of them obviously crazy, some of them with lots of rhetoric (but approximately correct), and some of them sounding otherwise quite reasonable. All of them were typically dismissed as "tinfoil hat nutters" by association.
There is the obvious lunatic. Talks about fluoride too much; thinks the gov't might seriously consider using false flag tactics to inflame public opinion and start a war (Operation Northwoods, Vietnam, and possibly every other war since Korea), or at least blame all the bad things on the commies (Operation Mongoose). Also mind control (MKULTRA).
Then the mostly reasonable guy who occasionally gets too excited about the camera on your cell phone, and pretty much every other surveillance camera. Talked about "Echelon" before Wikipedia existed. Was an avionics tech in the Air Force. Says the government has technology you wouldn't believe. He keeps too many emergency rations at his home for someone who isn't a Mormon.
And then the reasonably intelligent person with an over-active imagination. In a casual conversation once you learned that he thinks the Iran Contra affair was a real event in history (lol!), and that he is generally mistrusting of government; you quickly changed the subject. You also once noticed that he keeps a piece of tape over the camera on his laptop. You generally regard him as smart, just naive about the government, ironic that.
> Sometimes I wonder how many conspiracy theorists are actually right,
Given the current facts of the day, isn't it about time to take it upon yourself to investigate some of these claims instead of dismissing them by default?
> just because of pompous, self-righteous, anti-establishment way it is written.
But aren't you actually opposed to this particular establishment? And shouldn't you be? And doesn't your dismissal of the message due to the messenger's rhetorical style play well into the hand of that establishment?
When I see someone referencing 1984, I think of them as conspiracy theorist and don't take them seriously. I do it because I'm an idiot.
But I share this trait with a majority of population. We are born and die idiots. I can't defend the "position" of being an idiot; but that's who I am and I can't change it. Neither can millions of people.
So, if you want to persuade these millions, you have to take their (our) idiocy into account.
The Orwell and McCarthy references seem pretty accurate to me - one neatly encapsulates the degree of surveillance we now know is happening, and the other clearly indicates the dangers of it.
I wonder how you'd view this piece if you realised it wasn't written by Assange, rather just him re-posting an article from a magazine.
Priming's a bitch - and 1984's Big Brother is a perfectly apt analogue for the surveillance apparatus's influence on the control of the range of human thought - or do you disagree that limiting speech and culturally enforced self-censorship limits thoughts and ideas?
It's not that unlikely they could crack some instances of PGP some of the time. Today the NSA docs reference being able to crack things like OTR sometimes, though unlikely.
My conclusion from that disparity is that PGP is broken by a flank attack: Its usability is so bad that the encryption goes unused.
1. http://www.nytimes.com/2014/11/16/magazine/what-an-uncensore...
And just because there is no reliable evidence of systematic wrong-doings to further political agendas yet (re: the new surveillance machinery, of course), it doesn't mean it hasn't been done already. E.g. if you successfully blackmail people with data you gained from your surveillance system, it is unlikely the blackmailed person will speak up immediately or even later.
There already is plenty of evidence that the surveillance system was abused, although maybe not by the state itself, or at least not for nefarious purposes.
Think of NSA employees (not just one or two) spying on various people "for personal use", mostly love interests: http://blogs.wsj.com/washwire/2013/08/23/nsa-officers-someti...
Even before that, Echelon was abused to spy on (allied) nation states to gain economic advantages: http://www.heise.de/tp/artikel/6/6662/1.html ... and to spy on Princess Diana for whatever reason: http://www.washingtonpost.com/wp-srv/national/daily/dec98/di... (and being a German myself, the Merkel phone story made some huge waves over here)
US citizens are also affected, like the woman who researched pressure cookers online shortly before the Boston attack: http://www.theguardian.com/world/2013/aug/01/new-york-police... (Given the current MO of many LEA in the US, I wouldn't have been surprised if they showed up with a SWAT team instead, at least demolishing the door and shooting their dog, if any)
Then there is that Parallel Construction mess to hide the fact that evidence was first obtained using illegal, warrant-less eavesdropping: http://www.reuters.com/article/2013/08/05/us-dea-sod-idUSBRE... http://en.wikipedia.org/wiki/Parallel_construction
I'll stop listing examples of abuse and overreach now, but there are plenty more, of course.
I was involved with left wing groups in Norway in the early 90's, and pretty much everyone I knew who were a bit older than me either flat out knew, or had strong reasons to believe, they were under active, blatantly illegal, surveillance (the evidence finally came to the surface in the mid 90's after decades of insisting there was nothing going on). This included intimidation on open street (a former editor of the communist party newspaper told me how he regularly had intelligence officers walk up to him in public and recite portions of conversations he had had with his wife in their flat the previous day, in order to taunt him and make it clear to him he did not have any privacy; a trade union organiser I met whose commute had him walk past the Soviet embassy told me of how he had a too-obvious-not-to-be-intentional tail to and from work every day for years).
It pushed people away, and it made many of these groups act in ways that were detrimental to their ability to carry out their political works (e.g. keeping tight security around member lists; many member who would not talk about their involvement in public etc.). It had a massively negative effect on getting these small groups to cooperate, because cooperation involved meetings with untrusted people. Etc.
Overall, the mere perception of the existence of pervasive surveillance does massive damage to democracy.
Spying for economic advantage is not new, nor unique to the USA, and not in the least comparable to the examples I listed. It's not even in the same category.
People spying on their girlfriends or love interests happens a lot more outside the NSA than from within, and is not comparable.
A woman was "affected" by being approached and asked about doing research on pressure cookers after a pressure cooker bomb killed people? What does this have to do with NSA activity, and how is that comparable?
Parallel Construction also exists to protect secret informants for quite some time, and the justification is obvious: not everything law enforcement knows needs to be shared with the defense and their friends during a trial.
This is off of the original topic, but yes, warrantless searches are sometimes unconstitutional, and while the framing fathers had a lot of foresight, I don't think they could have foreseen the state of the world as it is now. Falling back on "300 years ago some really smart guys wrote this into law" is not a good justification for something being a bad thing. Some things in the constitution have been reinterpreted by courts and others have been nullified by amendments since then. Redefining "search" to be different from "retention" is not the most surprising interpretation of the law I've seen.
Please list an example that is comparable to the misdeeds Assange compares those of the NSA to.
> I don't want to see this country ever go across the bridge. I know the capability that is there to make tyranny total in America
Isn't he Australian ? I can understand if he was opposed to being spied on by US but if the democratically elected government of US chooses to spy on its own people, isn't it morally presumptuous for Assange to intervene ?
EDIT: Add link
EDIT 2: from link, because I didn't know this and I thought it was interesting:
> Due to its status as a secret treaty, its existence was not known to the Prime Minister of Australia until 1973, and it was not disclosed to the public until 2005. On 25 June 2010, for the first time in history, the full text of the agreement was publicly released by Britain and the United States, and can now be viewed online. Shortly after its release, the seven-page UKUSA Agreement was recognized by Time magazine as one of the Cold War's most important documents, with immense historical significance.
Link to original treaty text [2].
[1]: http://en.wikipedia.org/wiki/UKUSA_Agreement [2]: http://www.nationalarchives.gov.uk/ukusa/
Democracies have a better track record than most governments with respect to human rights, but they are not perfect. For the obvious example in the US, slavery was always immoral, and didn't suddenly become so when an elected official decided to outlaw it.
But anyone who read Bamford knew there was good circumstantial evidence that mass surveillance was occurring -- except back then, the bad word was "ECHELON", not "PRISM".
It's important to remember that while Snowden brought this to the masses (and to that we owe him a great debt), long before Snowden, we had Mark Klein, Binney, Cryptome, and James Bamford.
The NSA has been under strong suspicions for decades at this point. Back in the 80s, the exposes were about their mass surveillance of telephone calls. This was even in the popular press. There was a particular 60 Minutes episode that described a post worker shocked that she was intercepting a mom talking about her kid's soccer game in English.
Having lived through multiple very public NSA scandals over the decades, I think the only effective change will come from the grassroots: strong crypto, secure software, privacy focused. It sure as hell won't come from our lawmakers.
In 1997 I was working at a company where we built and delivered all software by SUn and many other companies.
We had a Cisco 3640 that I inherited when I got there and I needed to recover the password.
I hired a CCIE to come in and walk me through the recovery and rebuild of this and the other Cisco gear I had at the time.
During the hours that we spent rebuilding the network, we talked a lot about security in general, cisco in specific, and I recall him telling me then "Cisco is required by the NSA to provide them a backdoor into all our routers".
It's more likely the FBI would actually interface to it and give said data to the NSA. But your point stands.
The NSA doesn't seem to like to directly interact with ISPs and corporations, so they have the FBI act as their public face, so to speak.
I don't remember and can't find a citation as to when this became public knowledge but feel like it was not much later.
In face of future technology, it does not seem like strong crypto is the answer. Imagine, for instance, mass-scale audio surveillance, perhaps with lasers or microdrones or something. (I'm thinking decades out so I can handwave magical nanotech.) DNA sweeping to collect skin shedding or other stray cells to determine who was where (if face/body recog isn't enough).
We simply leak too much information everywhere to hope for technological solutions.
https://www.aclu.org/files/natsec/nsa/20130816/NSA%20IG%20Re...
Pages 29-34 provide detail on when the agency gained access to Internet content and metadata.
> Is the NSA really snooping on the Net? If they are, would that violate the agency's charter, which specifically prohibits it from spying within the US? "Well, Net traffic is routed from God knows where to God knows where around the world," says George Washington University Professor Lance Hoffman, a professor of Communications and Telecommunications Systems Policy at George Washington University. "So if the NSA is doing this, they could say they are not violating their charter not to spy in the US. That's the thing. Intelligent routers send stuff any which way."
Which claim is wrong?
In terms of your claim, it's worth looking at page 28, where it specifically states that "two of the most productive SIGINT collection partnerships that NSA has with the private sector are with COMPANY A and COMPANY B. These two relationships enable NSA to access large volumes of foreign-to-foreign communications transiting the United States through fiber-optic cables, gateway switches, and data networks. They also provide foreign intelligence authorized under the FISA. "
It is clear on page 29 that "COMPANY A and COMPANY B" approached the NSA after 9/11 to offer further assistance, but this contact was, according to the report, made via an existing NSA contact, and the new approach was regarding call records, not internet traffic.
It is not at all clear what portion of the interception described on page 28 and top of page 29 started before 9/11, but it is worth noting that this interception specifically occurs in the section about "history of NSA Partnerships with the Private Sector" and not under the subsequent "Partnerships after 11 September 2001" section.
You are right that the report appears to support your claim that the NSA scaled up after 9/11, but it in no way makes clear from what foundation the scaled up.
It doesn't say "the other ninetysome companies did not provide internet surveillance before 2001" or "things like hacking belgacom started after 2001" or "we started intercepting cisco shipments after 2001" or "none of the less useful internet surveillance partnerships started before 2001".
It doesn't list Assange as the author, he only sent it to the newsgroup.
To get the better idea of the time, remember that Google didn't exist then.
Nice. Microsoft has been collaborating with the NSA to make their spying easier for its own products and services for at least two decades now, something the Snowden docs confirmed in 2013 [1], but we didn't know it went back that far then.
But that was the old Microsoft (up until 1-2 years ago). The new Microsoft could never possibly.
[1] - http://www.theguardian.com/world/2013/jul/11/microsoft-nsa-c...
Who "we?" There was this export control back then, mandatory weak crypto, the Clipper chip initiative etc. If you wanted to say "a lot of people didn't care" well they don't care now too. Snowden raised the level of awareness for a moment, that's true...
Here's one article from 1995 about the process against Phil Zimmerman, the original author of PGP:
http://virtualschool.edu/mon/Crypto/LostInKafkaTerritory
Edit: The Clipper Chip, 1993:
edit: Title is better now; thanks.