Australia Admits to sigint 216
Eater writes "Doubts about Echelon dispelled. "
Hrm... On one level it frightens me to know that this is going on, but on another level I am comforted by the fact that people already suspected it anyway.
It was kinda like stuffing the wrong card in a computer, when you're stickin' those artificial stimulants in your arm. -- Dion, noted computer scientist
Re:Dictionary Computer (Score:2)
You don't think SETI@home is really searching for extra terrestrials, do you?
Two words to remember: Operation Tailwind (Score:1)
Re:I ain't scared (Score:1)
Sure, you can try to fool the program that is scanning for keywords. But this program is only the first step in the filtering. And it is probably not the only thing that can trigger a more detailled analysis of your conversations or e-mail messages.
So if you are not extremely careful about what you write, you might forget some keyword once (remember that we do not know which keywords they are looking for, and there may be much more than the obvious ones). And if some agent spots that message and decides to have a closer look at all your other messages, then you might be caught.
Personally, I do not care too much about what they do for hunting terrorists, because I am not making bombs or selling illegal drugs in my spare time and I do not think that I would get caught for any illegal activities (although I can never be too sure about that). And hopefully, none of these smart spies would have an interest in displaying some bits of my private life in public. But the gathering of commercial intelligence is an interesting issue...
Not just a TERRORISM detector ... (Score:1)
But what interests me more is exactly what *ELSE* these spooks consider worth looking for? Terrorism is just a platform to use to sell more weapons, that's all...
So what else are they looking at?
Industrial information? Economic information? Details about UFO sightings? Reports of Lost-technology from ancient civilizations being found in the Australian desert? Someone trying to get the word out that they've found the aliens' fusion reactor, it runs on water, anyone can make one out of an old Coke can, and therefore should be freely available to every human being? The real truth about the Pyramids of Giza?
Seems to me that this Dictionary file should warrant a very large bounty. If ever there is a fun and rewarding cracker project, it would be to get copies of those Dictionary databases
The world needs to know what these spooks are looking for
Computers simply aren't that bright (Score:1)
To use the rot13 example, no computer is going to "think" of checking for that on its own. Someone has to add that to the system. And I can also use "rot12","rot11", etc. I can use pig latin. I can use number-based codes. I can type words backwords. The point is that there are dozens, hundreds, even thousands of such tricks. Combined with the sheer volume of messages that get sent every day, checking every message for all possible hidden codes becomes an impossible task.
There are other problems as well. One is that it is often impossible to track down the "true" owner of a given email address. And even cracking weak crypto messages takes time. And since you can't read a message until after it is cracked, there is no way of knowing which messages will be worth cracking. Furthermore we can easily flood it with nonsense, bogging it down even more.
The point is that computers are DUMB, and no algorithm will effectively sort out the messages that are relevant. The only way to do this would be to have a human check each one, but that is simply not possible considering the volume involved. In short, wide-scale surveilance of an entire nation is not possible with any consistency.
Re:Rather Disturbing Signature (Score:1)
>But remember, if your mind is _too_ open, then everything falls out. (Or any trash can fall in).
Or other people may get in and look around. That'd be more "on topic" :)
Re:What do you dorks have to hide? (Score:1)
It isn't a matter of privacy that pisses me and many others off, it's the lack thereof that the NSA provides so nicely for us. Wether I'm going to outline a new plan for cold fusion or tell someone of a new 100 acre plot on Ultima Online, I sent it to whomever I'm speaking to and not nsa.gov for the simple reason the government doesn't need to know. You're too trusting in the government wanting and being able to protect you. If you think the NSA has you in mind when they start reading emails you're sorely mistaken, they want to protect their assets and give themselves more power over the people with no power.
Support your local anarchist.
NOT domestic, International (Score:1)
Of course, there are also all the foreign satellite ground stations, the special military-run listening posts and sigint satellites output to monitor. But from talking to people who have worked in or with this "industry", I believe they manage to process a lot of very useful information.
One more thing: Why do you think the government is fighting so hard to prevent encryption from entering common use?
Translation: (Score:1)
If interception of my mail by the government can help prevent one tragedy like the Word Trade Center bombing or the bombing of a US Embassy abroad, then sign me up, damnit!
"I don't care whose civil rights we trample on, the ends justify the means."
BTW, email and phone conversations are not "mass media". Television and radio are, but are not under discussion.
--
"Please remember that how you say something is often more important than what you say." - Rob Malda
Re:Not a question of if but how much (Score:3)
At least two ways around it. The first way: stop sending email. Bad idea. The second way: PGP. Good Idea. Especially a copy (like GnuPG) where you can RTFS and self-verify that there is no back door.
I don't particularly use personal PGP today because it is a hassle, and because I tend not to send email that I mind being overread. At work (where serious paydata flows over the wires), PGP is a must.
The more they monitor, the more we must encrypt. We have the tools. With the GPL'd GnuPG, we have them copylefted, so that they cannot take them away. They can only make them illegal.
And if they did that, they would have to imprison a lot of pissed-off hackers who would encrypt stuff anyway. Considering the tremendous geek debt we're in, that's likely to hit the economy hard. Fortunately, Congress tends to avoid things that hit them in the wallet--as long as they understand that it will.
Very good point (although slightly offtopic) (Score:1)
Oh yes, I don't doubt that "they" can *find out* anything about you.
But that's very different from actively spying on every person (even every criminal) in the world. Gathering latent data after the fact is a LOT easier than collecting and analyzing it real-time.
--
"Please remember that how you say something is often more important than what you say." - Rob Malda
Re:Didn't you see Patriot Games? (Score:1)
Well we had to have SOMETHING for the unemployed Russian spy satellite operators to do
Wakeup, time to get real scared! (Score:3)
As someone who knows chips...
I'd have to say that it's entirely possible. The actual computational speed of one "dictionary" checking node dosen't need to be all that fast. They just need to have millions of them. If you organized the system to have parts that do specific tasks, like message reconstruction, message dispatch, message ananlysis. It becomes no problem to construct a highly scaleable system that can process millions of bytes of text a second. Sure it's specialized hardware, but it can be built from commonly available chips with little or no problem.
As an example, a checking node could be made with a few simple components. CPU, Boot ROM, DRAM memory bank, Ethernet NIC, a few indicator LEDs, power connecter, NIC connecter and PCB. That would easily fit on a PCB 6"x6" and be rack mountable, or better yet, fit as manny as possible on one PCB that is as large as you can make reasonable, say 18"x18" for 9 per board. Crank out these boards by the thousands. Don't worry if your older boards are obsoleated by newer tech, just redesign around the newer tech, and make another batch of a few tens of thousands.
Now lets go to specialized hardware. Lets make a chip that checks a stream of bytes against a list of words. Lets make it so it can check 1024 words up to 32 bytes long. Well within fab techniques 15 years ago. Place it in an 8 pin surface mount package package for size. On powerup it waits till it's addressed to load a block of words. Then it waits for the message byte streams. When it matches a word it sends out an interupt, and the message is flagged for latter analysis. Being dedicated logic, they likely could process data well in excess of 1 MByte a second. 3600 of these chips could be placed on an 18"x18" PCB with driver and control logic. This gives us 3686400 check words per PCB. More than enough for all languages and future expansions. On each board is a processor that receives messages to be checked, then passes them by the checking hardware, noting which ones get flagged for a match. Now scale this to thousands of boards. At 25 boards per card cage, 4 card cages per rack case. That's only 10 refrigerator sized cases to check 1GByte a second against 3686400 words, Now reconfigure the hardware a bit to make it 100x more parallel in the checking, and we have 100GBytes per second against 36864 words. Now make this a room sized endevor, and you can easily get well into the terabytes a second scanning rate. The really scarry thing is this is with tech available in the late 80s. It should be easily able to be scaled by a couple of orders of magnitude by now.
It's all a matter of getting the right hardware in the right volume.
Re:Big Brother is Watching (someone had to say it (Score:1)
Heh. That's just what they want you to think...
Re:Legal under American law? (Score:1)
"The number of suckers born each minute doubles every 18 months."
-jafac's law
Re:I think that IS the point... (Score:1)
I hate to break it to you but this is exactally what happens. Do you really think that there are only one or two terrorists that try something in a year's time. The vast majority you never hear about because they mysteriously "disappear" before anything happens.
Do you remember the outrage following the Oklahoma and Trade Center bombings. To the effect that the US Gov't should have "known" and "done something". Well Echelon is the system.
The scary part is their Security through Obscurity. They could start, if they haven't already, going around and doing terrible things and no one would know about it.
Re:Security through obscurity (Score:1)
The moral of this story: if everyone encrypts, then we're pretty much safe:>
Re:Rather Disturbing (Score:3)
More importantly, though, if you've been assuming that all your emails and other net traffic (or even your phone conversations) are blissfully private, then I'm sorry, but that's just plain stupid. Governments are the least of your worries (hell, my _father_ could tap your phone if he wanted to). If you want something to be secure, don't broadcast it unencrypted in the open. This should be obvious to anybody in this day and age.
So you're going to run off and write your "senators, congressmen, lords, whatever".. Hey, maybe you'll even be successful beyond anybody's (realistic) hopes and dreams and get all the politicians of the world to condemn this sort of monitoring and abolish it forever. Do you really think that any governments are actually going to stop doing it? It'll just go deeper underground and be a real secret, which means there will be even less monitoring, and absolutely no control over any of it.
Just look at the information which prompted this discussion in the first place: An official acknowledgement of (at least some of) what's going on by government officials. Countless people in the world are more aware/confident/knowledgeable of what's really going on because the Australian government was willing to inform their public about things like this. Would they have been willing to do that if they'd been previously forced to condemn this sort of thing and promise it wouldn't ever happen? I don't think so. We'd be sitting here discussing some new Linux feature instead.
Things like this are better in the open.
Re:actually its pretty good Sigint (Score:1)
Not in sensitive government or military communications. I don't know about corporate communications, but I had the impression that they're getting smarter.
>> And lastly, there is pattern recognition. Having been in sigint, you should know that who is talking to whom is almost as good as what they are saying.
Absolutely. Traffic analysis is useful, too; just the percentage of data passing through the pacific backbone encrypted is valuable information. But that could be garnered using more mundane means than eavesdropping on satellites.
My point was that Echelon has an unguaranteed tap into a bandwidth that is both enormous and almost completely non-relevant. All the legitimate sigint that can be done in this matter could be done better using other approaches. And so it is valid to begin worrying about the illegitimate uses for Echelon.
Re:Security through obscurity (Score:1)
So even if you make a modification that makes your crypto less secure, it is still going to fool the _computers_, and that's all you really need unless you're a big-time terrorist or something.
Re:I ain't scared (Score:4)
While I'm sure there is some keyword searching being done, I'd be shocked if more thought didn't go into the system.
Surely there's some initial filtering done based on the identity of the sender and receiver-- messages sent between two people with FBI files probably get more scrutiny. Messages that cross national boundaries would also be more suspect, as would be messages the computer couldn't understand.
Assuming a reasonable set of criteria to prioritize messages, reasonable computing power could be brought to bare on "interesting" messages, easily defeating rot13. I'm sure they'd break 40-bit encryption regularly for really interesting messages. At this point, one could also do some interesting things analyzing the words used to try to identify coded messages. Someone from Montana who regularly describes building "watermelon" would likely raise some red flags here.
Of course, with 50 years to develop the system, it's surely smarter than anything we could envision in a few hours...
Re:we's ain't escared (Score:1)
Clown da guvment.
Re:Speaking of BS... (Score:1)
So because of some special circumstances in the apartment building where you lived, you generalized to ALL phone calls by EVERYONE.
We are talking about organized, worldwide, detailed espionage, you are talking about "I happened to overhear someone say".
--
"Please remember that how you say something is often more important than what you say." - Rob Malda
Bad Sigint, if that. (Score:4)
That being said, I can easily believe that it exists. Slip-ups do happen, and I can see a government betting a few billion dollars on the off chance of finding one. But the most frightening aspect is that the Echelon system is just better suited towards everyday unencrypted communication between private individuals...and thus, whether chartered or not, that's likely how it will be used. Thank you, Orwell.
Re:Speaking of BS... (Score:2)
One capacitor. 250 volts or better, non-polarized, 0.1 to 0.5 uF (this is going by memory, but that will probably work). Put it in series with the red wire on a phone. Connect it to the target pair, pick up the phone, and listen.
Bruce
Legal under American law? (Score:2)
Has anyone considered bringing an action in federal court against the relevant federal agencies seeking a declaratory judgment that such monitoring constitutes an illegal search in violation of the Fourth Amendment?
Does anyone know of some legal reason why such an action could not be brought?
Re:There's a simple solution... (Score:1)
Re:There's a simple solution... (Score:1)
Their mission (if "they" have one) is to MONITOR SIGNALZ...if you noise up the Net, they simply add adaptive filtering ORDERS OF MAGNITUDE better than anything you skript kiddiez can come up with! Then they use the filters to zero in on the suddenly very much lessened "intelligence" and true signals that are there.
Remember, we're wher we are today in the computer world BECAUSE of these folks. The "high powered, over-clocked, flame spewing, megazoid, 550Mhz, 256Mb" box on your desk with the 21" monitor is just one of the tiniest of tiny crumbs from their table...paid for by your tax dollarz, so you can sleep soundly every night.
Quit worrying about "big Bro" and get a life!
More rumors for the mill..... (Score:1)
I realize this is all third hand but the additional details did give the stories an air of creedance (I have forgotten many of the additional details so I won't attempt to guess at what they were). The only thing we can hope for is that there is so much info that the surveillance agencies are on overload.
Re:Doesn't this defeat the point? (Score:1)
doesn't this mean that they'll start using encrypted emails or something?
Absolutely! They will use the crypto devices and software that has been tampered with by U.S. and other intelligence agencies. There have been reports to that effect.
A useful link (Score:1)
I think the real thing that pisses people off with the UKUSA agreement is that it is used by governments to spy on their own poeple. For example, in the UK it is illegal for the authorities to monitor communicatios without direct permission of the Home Secretary. So they get the US NSA to do it for them. Similarly in the US, the NSA cannot legally monitor domestic communications between American organisations - so they get a bunch of British GCHQ spooks based in Fort Meade, MD to do their dirty work for them.
Basically, having foreign military on your sovereign territory sucks and is open to abuse. I have no idea why Europeans (and North Americans) have stood for it for so long.
Nick
classified objectives (Score:2)
I don't know what worries me more, the fact that they're spying on us, or that the fact that the list of criteria that they're searching for in their Dictionary is kept classified, so we can't even find out what they're looking for, or where all this information goes to and who's looking at it.
Remember: You're not paranoid if they really are out to get you.
Re:Where to get the background info. (Score:2)
I was reading through the info on that site, and the fact that it quotes Texe Marrs [texemarrs.com] as a reliable source basically blew its credibility.
Re:Of two minds (Score:2)
What frightens me about Echelon is that it appears to be shared data consortium, if you believe the conspiracy theorists. Thus, data collected by Australia/Canada/US/UK are available to them all. I know that I've done things that, though perfectly legal in the US, break the laws of the UK. Next time I go overseas, do I have to worry about overzealous law enforcement meeting me at british customs?
Overzealous law enforcement is a danger here at home, too, if you break any of the unenforced-but-still-in-effect laws. (Sodomy, for example.) I just have to trust that my government doesn't lose its mind and start pursuing such minor crimes. But there's no way I should have to trust other governments as well.
Re:democracy (Score:1)
Re:There's a simple solution... (Score:1)
> prison for just these words, even if you used them in your Email. One guy did it few years ago, was traced and
>where he is now?
"Kill the watermelon"?
Rather Disturbing (Score:2)
sKroz
Re:What OS are they using? (Score:1)
Hmmmm... Perhaps because greed is _not_ good. (Score:1)
Hello? Dishonest, immoral, and wrong (leaving legality out of it, since justice doesn't seem to exist at that level) is dishonest, immoral, and wrong. It doesn't matter who's doing it to who. It's wrong. There's no way to justify it. What part of this aren't you getting?
Re:Bad Sigint, if that. (Score:1)
First, an amazing amount of material travels in the clear that really shouldn't, especially corporate information. Even in government, I suspect a lot of information leaks in the clear, especially when a Dc-to-Virginia e-mail message may be routed by way of Chicago, San Diego and Dallas ( don't laugh, I've seen worse routes ).
Second, traffic analysis. How much can you put together by looking only at who talks to who and how often? Lots, and you don't need to decrypt a single message to get that.
Re:Sugar Grove, WV.: Spheres or Depressions? (Score:1)
Re:Bad Sigint, if that. (Score:1)
There is a huge amount of traffic that is not encrypted. At least in the U.S. government, the installation of encryption equipment is usually only done when it is absolutely necessary, such as when handling classified information. It is very expensive to provide the people and infrastructure needed to support NSA approved encryption devices. Most managers have a long list of things that they would rather spend the money on.
Corporations aren't much better, although VPNs and SSL web servers seem to be getting more popular. I've been told that many banks do not use encryption, even on the lines to ATM machines. The thinking is that the probability and cost of a security breach isn't high enough to justify the expense of securing their communications. A security breach that costs the customer's money isn't a problem, it doesn't count if someone else pays for it.
Re:Everybody and their brother is tapping your pho (Score:1)
As to clicks, that would depend on how the tap was implemented.
I think you are being too generic.
Key Escrow (Score:2)
how can it be stopped ? (Score:1)
How abuse of power are prevented, every state agency makes errors. What if nobody can control it ? Seen Ennemy of the State, it looks too realistic to me.
Encryption, in its current form won't solve anything. NSA as the largest number of mathematician working on prime number (at a secret location, on falsified ID...). They may have already found the key.
Elected president and others democratic representant are informed by these agency, they just can't make their own opinion about it.
If we were in a Civilization Call to Power game, I'm sure the current government of US would be Corporate Republic, and Echelon would be "The Agency" wonder.
-reality isn't as boring as we are told to see-
Jean.
UKUSA != Echelon (Score:1)
The difference is significant. It's almost certain that they have the capability to monitor all communications that bounce through a satellite. Whether they have the resources to do this is another issue entirely. They might, but honestly, can you really picture rooms full of top-secret cleared agents listening (mostly) to thousands of people calling their relatives long distance?
Re:why vote, there all politicians ! (Score:1)
Re:I ain't scared (Score:5)
When they took the 2nd amendment, I was quiet because I didn't own a gun.
When they took the 4th amendment, I was quiet because I didn't deal drugs.
When they took the 5th amendment, I was quiet because I was innocent.
Now they've taken the 1st amendment, and I can't say anything at all.
(With apologies to whoever wrote that that I didn't credit).
You should care how they hunt down terrorists, as those same tactics may be used against you some day. Remember 1984? Well, we may not be there yet, but slowly and surely we're heading there. For every law passed that takes freedom from us for doing something that hurts no one else, the hope of staying free dies a little more. Personally, if this type of thing keeps up (the Australian government doing this will encourage the US government to also) I'm going to gather a bunch of people together and we'll go find an island and start our own country.
Re:Dictionary Computer (Score:1)
The processing power required to search for some words in a data stream is reasonable and certainly affordable for NSA and the like.
Let's assume that they have a farm of computers scanning for words in huge amounts of clear text messages (encrypted messages are a separate case). You could compare the tasks performed by these computers to the ones done by routers and switches:
If some telecom operators and ISPs can afford to deploy Gigabit or Terabit switches in their backbone network, think about what the spooks can do with their budget. Scanning a few Terabytes of (clear text) data is actually quite easy to do with modern technology.
Scanning encrypted data (including steganograpy) is of course harder to do, by several orders of magnitude. But they probably only attempt to decrypt the "interesting" messages (depending on the sender, receiver or carrier). Also, the simple fact of detecting that you are exchanging encrypted messages with someone is already interesting for the spooks. And if you exclude steganography, detecting encrypted messages in a data stream is as easy as scanning for words, which is reasonably easy to do, as explained above.
Re:I ain't scared (Score:1)
(spook)
Soviet FSF PLO KGB Khaddafi colonel ammunition smuggle $400 million in
gold bullion Mossad domestic disruption arrangements Ft. Bragg NSA
supercomputer
Re:The Circles, A simple array of antennae (Score:1)
Yeah, but this is much more fun for all of us technothriller types (with reguards to Mr. Clancy)
Not scared, but resigned... (Score:2)
One machiavellian scheme gets exposed, and soon a new "black" project is started - these things don't die, they just morph - the trick is to live under the rader and stay out of the way when the fecal matter hits the spinning blades
Shandon
Just a guess... (Score:1)
Re:Legal under American law? (Score:1)
But, then again, I also favor someone suing the cities which are suing gun manufacturers. I think the cities' actions consitute a conspiracy to deny citizens' civil and constitutional rights.
So, basically, I'm one of those unapologetic Libertarians, so I don't count. :-)
Folks, this is precisely the kind of stuff the U.S. Constitution was written to prevent. If we don't stop it now, we lose what little freedom we have left.
--
Get your fresh, hot kernels right here [kernel.org]!
World domination: coming soon to a computer near you!
Ah yes, the "wake up" argument (Score:1)
There's no need to provide proof or even be rational. Just tell your victim to "wake up". Also mention how you "don't doubt" it's happening. I hearby dub this the "Fox Fallacy" named in honor of Fox Mulder.
The capabilities implied by these claims are orders of magnitude beyond any technology I've ever heard of, if not outright mathematically impossible.
The onus is on you to prove Echelon exists, not on me to prove it doesn't.
--
"Please remember that how you say something is often more important than what you say." - Rob Malda
Re:I ain't scared (Score:1)
"1984" is not very far from the truth actually, if you think of it and read the book the right way.
Re:Where to get the background info. (Score:1)
It's apparently out of print, so you may have to search a library or an older (paranoid) friend's house for it.
I lent my copy out in 1992 and haven't seen it since.
Re: Echelon, etc. (Score:1)
stop living in the land of the faries! at the moment in the NSA is using 'Echelon' facilities to monitor australians and new zealanders phone, email and possibly others without consent. this isn't just some tom clancy novel. gathered intel is being used for questionable motives.
Re:The Circles, A simple array of antennae (Score:2)
I ain't scared (Score:3)
Since no human could go through all this manually, it has to be a computer program scanning for keywords. Which means the system is useless:
I'm sure you can all think up lots more interesting ways to bypass any such system without ever using PGP (the problem with PGP being that it's easy for the scanning program to recognize it as being encrypted.)
Oh, and lets all put the keywords in our emails:
Bomb, Gun, Cocain, Heroin - hi, mr. spy, I'm a terrorist!
-- http://www.wholepop.com/ [wholepop.com]
Whole Pop Magazine Online - Pop Culture
Actually.... (Score:1)
Patronizing know-it-all, non-concerned attitude... (Score:1)
Where I live (Sweden) I'm sure that something similar to this is being developed, discussed etc in high government, and the EU is probably accelerating stuff like this forward - but I refuse to accept the direction this world, and all it's so called "technological wonders" have taken us in - I want to come as far as possible away from 1984 - but can this be done without losing all these modern conveniences?
I think so, and I can't understand what goes on these minds that develop and promote this technology - or rather the ones that put it to this kind of use. Would someone I know accept to in their employment implement this? Or is it that I live in a totally naive country where privacy and total freedom expression is still held in high regard?!
Let's hope not... but then again, what couldn't come out of the grand land of the "free".
There you have your so called freedom.
All these people claiming to know all about it, and seemingly accepting it - I feels sorry for you, having come to accept and, maybe now living, in such a reality. Maybe I do too... if so, I'm scared.
"what the hell is the matter with the people
on this planet? have all gone insane?
the stigma of industrial progress killing us
over and over again" (bad religion)
Re:Of two minds (Score:2)
The NSA relies a great deal on how little is known about them (you should see the speculations people get into about them -- evrything from their changes in the S-boxes of DES to their initial resistance then sudden silence about PGP). NSA is a very smart bunch of people with a lot of computing power and a lot of know-how, but they can't do the impossible.
Most of us have the best defence of all: We're boring.
Re:I ain't scared (Score:2)
meta-x spook
:-)
I don't trust Duncan Cambell (Score:4)
He wrote a piece for a UK newspaper saying that the ISP Association (ISPA) and the police were holding secret meetings to allow the police to inspect the logs of all UK Net users activity (news pages read/written, Web pages browsed etc). The ISPs were supposedly agreeing to keep logs specially for police use and allow them free access.
Demon (a UK ISP) responded that these meetings were not secret (any one could attend at £60/day), and were primarily concerned with formalising the limits of what the police could ask for, and the evidence that had to be submitted to the ISPs along with the request. A request would have to include prima-facie evidence of a crime, plus supporting details of when and where the electronic side took place. These details would have to match the ISPs logs before any information would be released. The police had asked for wider access, but the ISPs turned them down, citing UK privacy law which makes the ISPs liable for releasing private information to the police without good reason. Many of the police requests (e.g. web browsing logs) were technically infeasible anyway.
Now its possible that Duncan Cambell was right and Demon are spinning a line here. But Demon were the pioneers in the ISP business, and have firmly resisted attempts at censorship (e.g. blocking the porn groups) in the past. And the legal argument about liability checks out. So I'm strongly inclined to trust Demon on this one.
Now DC has moved on to bigger things. He claims there is a whole big sigint organisation dedicated to listening to you. In the referenced article he takes a few quotes from an Australian politician as evidence that he is right. But go back and look at that article. Note what was quoted, and what was written by DC. Big difference.
And the report for the European parliment was ... also written by Duncan Cambell.
Meanwhile a new law to require european ISPs to provide the police with a dedicated line into their systems was passed earlier this week, rammed through the EU Parliament after 10 minutes debate. Fortunately its not binding (the EU Parliament has comparitively little power), but its still worrying. Where is Duncan Cambell when you need him? Quoting Australian politicians in an attempt to play Fox Mulder!
Paul.
Call me naive (Score:2)
That would kick ass.
Canadian Info (Score:2)
Re:Of two minds (Score:2)
(Aside: I can't believe how teenagers are wanting to own cell phones! Aside from the fact that these are duffable whenever they are on, I think it won't be long before they know where they are and will be queriable. "Going to the movies, eh, junior?")
Governments already have some of these capabilities. I don't presently fear this (here in the United States). Just look at how much the police know about many crimes, most of which goes unused by rules of evidence. I will only start to fear when the courts stop letting people off on "technicalities" (which is code for legal rights, dangnab it!).
I don't like that privacy is gone, but I like even less that the only people who can invade it are governments, banks, and creditors! And only banks and creditors are allowed to act on the information.
So, my view is that given the technological inevitablity of total access, we should make the whole range of such devices fully legal for ALL to use.
Why should the fact that I am being listened to stop me from talking (understanding that I live in a country which protects speech rights and not a country where free-thinkers are "people who need psychiatric treatment"; And yes, of course I worry about McCarthyism, and J.Edgar Hoover and a buch of other potential abuses, but which is worse, a world where only government can spy on people, or a world where everybody can spy on everyone, including citizens on the government)?
When we are able to stand outside the Senate offices and see, perhaps, that Senator Exon takes his famous "blue book" with him to lavatory, perhaps we will become a more open, honest society.
When I say our defence is that we're boring, I don't mean that we are poor coversationalists. I mean that we are self-serving knuckle-dragging apes who are all ashamed of the same stupid things that everyone does and nobody admits to. We are interested in peering into other people's private lives because we cannot easily do so. I'm suggesting that the best way to restore privacy is to lose it completely and wait for boredom to set in. It will, I promise you. Because we are petty, grubby little animals all, and that gets boring.
Welcome to the real world, pal (Score:2)
If you find the situation personally objectionable, use strong crypto. That's what it is for.
Kaa
I think that IS the point... (Score:2)
Frankly, if it destroys the system, I'm all for it. To be honest, I never trusted the government, but I never thought it had gotten so bad that a revolution was necessary. I'm still no revolutionate, but now I am no longer so certain that this government isn't bad enough that one is uncalled for. This is simply going too far. But at least now we know the real reason why the governments don't like crypto. It won't hamper future snooping; it'll kill current snooping.
However, you've got to admit that UKUSA is doing a pretty damn poor job of spying as it is; you'd think that if they were doing anything halfway decent then all terrorists and such would mysteriously "disappear" before the crime was actually comitted.
I hope that the UN takes UKUSA to task and raises hell about this, perhaps even to the point of punitive action (as if the UN's punitive actions have ever had the desired effect, if any at all). Then again, the UN's probably in on Echelon too.
Re:I ain't scared (Score:2)
If everyone who uses e-mail used PGP on everything, you would overload their machines quickly. That is why it is important to use PGP (or GPG) on all of your mail. Make sure your friends are well-versed in using it.
Big Brother is Watching (someone had to say it :-) (Score:3)
I had my doubts about the existence of Echelon before this. Like, how could such a massive thing really be kept under wraps by agencies as idiotic as our 'intelligence agencies' seem to be. And, how could they process the massive amount of information gathered.
Well, this is pretty convincing. I wonder what made them want to go public? I find it hard to believe anyone in the 'intelligence' game could have anything like a conscience. Maybe they were tired of being junior members.
I am going to write my congress-person, senator, & my local paper. This is outrageous, our governments blatently spying on their own citizens, most likely slipping certain tasty tidbits to favored companies (the bastards probably own stock in). It is unconstitutional, immoral, and sadly, completely what most of us expect from our governments these days
I urge everyone to help get the word out about this. We all know people who love to pass things on via email (hi Mom) so tell 'em. Then call and write your representatives. This has to stop.
Re:I still don't believe it (Score:2)
Although the analogy is funny, it is not correct. You will probably never see a criminal wandering into jail, but it is very likely that you are using unprotected communication channels most of the time: fixed or mobile phone, connection to the Internet, etc. If any link between the sender and receiver can be easily tapped, the whole conversation is not private anymore. Do you know which links your phone company is using, and how secure they are? Do you know if they are using buried or aerial cables, microwave links, satellite relays, and so on?
So even if the spies do not have access to the switches of the telecom operators (which are the easiest and best source of information - but would not be unnoticed), they can already gather a lot of information by eavesdropping on a few selected links.
It depends on the purpose of the system. If Echelon (or whatever exists) is designed to identify suspicious communications and analyze them further, then the simple act of using encryption can already put that criminal group on the suspicious list. If some people are known to exchange encrypted messages regularly and none of them are involved in electronic commerce or banking transactions, then the spies could have a closer look at them. Of course this depends on other factors such as the location of the parties, the frequency of these exchanges, and so on...
If you are trying to hide something, then the best thing to do is to act like if you had nothing to hide. So if I were a member of a criminal group, I would try to avoid encryption because it would draw the attention on me (steganography is a different matter, as I explained in another message.)
But a system like Echelon can be built with today's technology and can be used to scan an enormous amount of information. As someone else explained in another thread, even the technology from more than 10 years ago would be sufficient to scan a fair amount of today's communications. Not all communications, but enough for all practical purposes.
Note that I am not sure if such a system is really existing today, and used to the extent described in various articles about Echelon. (And frankly, I don't really care.) But I think that I know enough about computers and telecommunications to be convinced that such a system can be build, and would not even be extremely expensive.
Re:I ain't scared (Score:3)
Off the top of my head, I cannot think of any perfectly secure method of communicating with anybody (unless you have the option of direct spoken communication in a secure environment). Good and long chains of anonymizing remailers that sport means for thwarting traffic analysis are an option --- always assuming that the encryption scheme and your keys have not been compromised. _Good_ steganographic methods combined with _strong_ encryption are another option; but this has the drawback that it is still vulnerable to traffic analysis.
For the majority of people, none of the above is of major importance. The downside is, that only very few people will go to the trouble of using good secure channels. This makes it easier to concentrate efforts on monitoring these people. It also doesn't help that there is very little public awareness of the risks involved with communicating proprietary information (e.g. company trade secrets) over insecure public communication networks.
So yes, there is a good reason why many people are paranoid.
Re:There's a simple solution... (Score:2)
Yeah, but if we really wanted to fight this kind of spying it would be very easy if people cooperated. Drowning the signal in a sea of noise would be trivial given some basic assistive technology (mailer demons that send and receive randomly generated "noisy" messages designed to trip up spy computers... everyone just starts up the demons and suddenly the whole world communication infrastructure is flooded with decoys)
Re:Big Brother is Watching (someone had to say it (Score:2)
Your newspaper, senator, congressman doesn't care. The whole reason this is allowed in the first place is that no one cares. Anyone in support of the project in some way benefits from it so they aren't going to stop it. Anyone opposed to it is regarded as a conspiracy theorist and dismissed just as easily. And people who don't care ignorethe conspiracy theorists and usually listen to the supporters because they dislike conspiracy theorists.
Support your local anarchist.
Re:Of two minds (Score:2)
Except for the several wars the US has waged upon Vietnam, Grenada, Iraq, Yugoslavia and many others. Plus covert or economical battles against El Salvador, Nicaragua, Guatamala and more.
I am talking about global war. While I share the belief I infer you have: war is immoral, I do think there is a very clear difference between every one of these wars you mention and an event like the Second World War.
In Freeman Dyson's fascinating book, Weapons and Hope, he plots an interesting chart of European wars by year and number killed. This chart shows an exponential growth curve until 1945, where it knuckles down dramatically.
I think we got too good at it. The next point on that curve would finish us all. It was only due to the limits of technology and geographic accident that WWII didn't wreck civilization.
While the evil in us lives on, we shifted our conflict to a different level. A level of "low-intensity conflict" (meaning "killing people in the third world") and "cold war" (meaning keeping secrets and stealing secrets). That's what I'm talking about.
You will never, ever, hear me argue that the world is a good place where people act with love, compassion, and integrity. A few do, but I for one am right there with Hamlet:
"I, myself, am indifferent honest, and yet I could accuse me of such things as t'were better my mother had not bore me." (quoted as well as I can remember it). Hamlet and me: Were both dirty, grubby, knuckle-dragging animals. Who wish we were better...
Here's how *I* would do it. (Score:2)
One of the main problems would be having the sheer computing power necessary in order to process all those message.
What you really need is some kind of distributed processing effort. They could always do something like save chunks of traffic, and then get unsuspecting computer users to download and process it for you. How? I don't know....maybe tell them they are actually helping the SETI project and are searching for exterrestrial intelligence? Just a thought.
What? Me paranoid?
Doesn't this defeat the point? (Score:2)
What this does accomplish is defeating the whole point anyway. When they say outloud, "We're spying on Japanese trade ministers, Pakistani scientists, and North Korean government officials." doesn't this mean that they'll start using encrypted emails or something? I know everyone suspected those were the people they were spying on anyway (though the Japanese economic people was news to me), there was at least some doubt before. This guy went and spoiled it for everybody!
Echelon&&NSA==nothing to do with intellige (Score:2)
for the uninformed '/.ers' it's nice to see a whole wad of american tax payers money spent on useful stuff like euchelon, spying on *cough*allies*cough*
the saddest part is the DSD agency (in aus, NSA is accountable to us gov) is not held accountable in australia..what a bloody joke!
Re:I still don't believe it (Score:2)
Please don't repeat this myth.
It's public knowledge that US companies can only export 40-bit encryption. Lotus, Netscape, and Microsoft have gotten around this by exporting 64-bit encryption and escrowing 24 bits with the NSA. All of their products are advertised as 40-bit. True 64-bit encryption is of course avaiable for US customers.
--
Why admit? It is simple. (Score:2)
It really means they have something a hell of a lot better already working or right there in the wings. Why do you think the US goverment let us all know about Stealth tech? Because its child play compared to the real secret stuph they have going on now. They give just enough to pacify the mass populace and keep people content.
---
Openstep/NeXTSTEP/Solaris/FreeBSD/Linux/ultrix/OS
emacs (Score:2)
Re:Of two minds (Score:2)
Except for the several wars the US has waged upon Vietnam, Grenada, Iraq, Yugoslavia and many others. Plus covert or economical battles against El Salvador, Nicaragua, Guatamala and more.
So long as you can secure your communications if you really need to, I think you should accept that they watch everything. Heck, I'm glad they watch everything. I just think I should be able to too.
What ever happened to personal privacy? I will not accept that "they" are watching me in my own home. I will not let my children grow up fearful of thinking for themselves, as well as being afraid to voice they're opinions openly.
Most of us have the best defence of all: We're boring.
Your defence against privacy invasion is your dullness? Not only is that silly, but it is likely wrong. At least I'd like to believe I'm not boring. And there are several other intelligent people around me that I think are quite interesting. But I would NOT want to see them ferreted out because of their communications.
There's a simple solution... (Score:2)
I'm building a bomb to kill the President
to their sig, how long would it be before even the NSA's got overwhelmed?
Re:Legal under American law? (Score:2)
Little off-topic, but I've thought of countersuits against the cities as well. The argument I've seen has been: Well, criminals get their hands on these guns, so pay us for the damages! Why not ask for the cost of every crime gun ownership has prevented?
Let's start out small. In those poor, barbaric (What? I consider being helpless to be barbaric) nations such as much of Europe where gun ownership is restricted to maybe a few pop guns, 50% of home robberies are 'hot', where the robbers deliberately burst in when there's someone home in order to steal more money. Not surprisingly, more innocent people get hurt when this happens and more gets stolen (I myself carry a fair amount of cash in my wallet.) 10% of robberies in the US are 'hot', and most of those are in poor neighborhoods against families unlikely to defend themselves. Sociologists have asked criminals, and they're afraid to get shot! If they try hot robberies in the US, they're more likely to get stopped by the homeowners than caught by the police. Find the average cost for property and medical for hot robberies versus cold, assume 40% more robberies would be hot without widespread gun ownership and sue for the price differential. And that's just a beginning.
And yeah, to get this back on topic, when it comes out in the US that similar domestic spying is occuring, what's going to keep the politicans honest with the votes and prevent them from saying, "Piss off! We've got the Army!"? Widespread gun ownership. You wanta try to take over a heavily armed country? Every other unarmed democracy sooner or later sinks into tyranny. Germany? Hah. Britain? Not recently, but just think of all those kings, and the way it's going there recently I'm afraid it's not that far off. That oft-mentioned ideal of Japan, where all the citizens are nice and kind to each other and don't use guns? Having seen it, it's a lovely country, and I hate to break it to you, but Japan was a military dictatorship (Emperor aside) until we bombed it into submission!
So in conclusion, if you don't want domestic spying going on in your country, vote the politicians out of power who try to pull this crap, and own guns, so they'll actually leave. Yeah, and drink mocha in the morning, and you'll write like this too.
NSA line-eater, here we come! (Score:2)
Look into the Jargon File for details.
Kaa
The Quote!!! (Score:2)
--Pastor Martin Niemoller, 1892-1984
Steganography info (Score:3)
BTW, a bunch of useful Steganography info can be found at:
http://www.jjtc.com/Steganography/ [jjtc.com]
A (probably incomplete) list of steganography software packages for various OSs can be found at:
http://members.iquest.net/~mrm il/stego/software.html [iquest.net]
Instead of mailing the image/text/whatever to a specific recipent, you could use a less trackable (for both sender and reciever) way of distributing it. Putting it up on somewhere that offers free anonymous web space would be good; posting to one of the alt.binaries.* would work too. Then anyone could grab it at their whim and easily hide their identity thru various anonymizers, internet coffee shop, library, etc.
Re:I don't trust Duncan Cambell (Score:3)
Re:I ain't scared (Score:3)
In my dayjob, I provide nuclear arms to Pakistan, at night, I harass Austrailian nationals.
I've thought about this stuff... (No, not providing arms to Pakistan!, this whole big superintelligence X-Files conspiracy thing)... no matter what they do, the algorithms probably aren't smart enough to pick up on fine details of conversation, and the authors of them are probably well aware of the fact that anybody in their right mind would use keywords or encryption in an important conversation.
What if this computer picks up on interesting things like... hmmm this number keeps calling Pakistan/Pakistan embassy, or there are a good number of calls coming from city Z to one particular number in Pakistan, the odd thing about these calls is that they can not be trivially deciphered, and they do not fit the patterns of human voice... I'm going to start tracking some of these and put up some flags.
My point is, they don't have to listen to everything, they only have to listen to the unusual... like the phones of all top exectives of all multinational corporations, all embassies, all unusual encrypted international transmissions... especially ones coming from hotels or payphones.
I think the best way to handle this is to call up every foriegn embassy in your city from the same payphone and have a very slow and serious conversation about watermelons. Lots of detail about when their arriving, and what they will cost.
Be sure to send them heavily encrypted copies of AOL CDs too.
(P.S. No disrespect intended towards Pakistan, only Austrailian nationals :-))
Re:Ah yes, the "wake up" argument (Score:3)
As for the matter of privacy: Given enough time and resources there is a pretty good chance a professional investigator can find out anything they like about you or your activities.
In this day and age privacy is a myth.
We leave information about ourseleves everywhere. In the 80's the world was astounded when kids going by names like Phiber Optik could find out their intimate details.
10 to 15 years later, when the world has become much more connected, and when the President of the USA can be impeached because an internet journalist didn't need an editor to approve his story, when the company owned by the richest man in the world can be sued because of emails written 10 years ago, you cannot tell me real privacy exists. That our information is more secure from those who want to get at it.
Every day people are paid to find out things about others. Corporations, individuals, governments, marketing companies and crime syndicates all have reasons for collecting information on people. IMHO, it is wishful thinking to believe that anything disclosed to anyone else is safe from prying eyes.
Echelon may exist. It probably doesn't for very sound technical reasons. But if the technology did exist - do you think it wouldn't be used?
Re:I ain't scared (Score:2)
As for Rot-13, I've met people who can decode the newspaper "CryptoQuip" in about 30 seconds.
--
I still don't believe it (Score:3)
There are nearly insurmountable problems in performing this kind of spying.
1) Collection: The various agencies involved would have to have their fingers in many many pies to cover all the ways people could communicate with each other. Phone lines (voice and data), banks, radio, cells, satellites, etc, etc, etc.
2) Bandwidth: All this data then has to be A) processed immediately and/or B) stored. Let's do some back of the envelope calculations for a second. 100 million computers (leaving aside phones, etc) connected at an average of 10 Mb/s (dialup vs T1--hey this is an envelope calc) is 1 billion Mb/s = 1 million Gb/s = 1000 Tb/s = 1 Eb/s.
3) Secrecy: They've been doing for 50 years without a hitch? When they'd obviously need an army of techs/programmers/spooks? Not to mention all the accomplices necessary (phone companies, computer/software makers, etc)?
Number 3 has some additional points: If this conspiracy is so vast, evil and secret, how come Joe Blow from Australia was allowed to blow the whistle?
I don't doubt there is SOME "domestic intelligence" going on, especially on the Internet. But every single message? No fscking way.
--
"Please remember that how you say something is often more important than what you say." - Rob Malda
Re:Everybody and their brother is tapping your pho (Score:2)
Don't trust the security of your phone!
Thanks
Bruce
Of two minds (Score:5)
What I think FDH Americans (FDH -- Fat, Dumb, and Happy) fail to realize is that national givernments all over the world do this routinely. Spying on one another is a stabilizing factor in international relations. What would have happened between Pakistan and India if India wondered if Pakistan had nuclear weapons? The first-strike temptation might well have become overwhelming.
The process of discovering, keeping, and disclosing secrets is the shadowy part of international politics and diplomacy.
I also know that even back in the 1950's various security agencies (including the domestic FBI) have had broadband recording equipment and they systematically record vast swaths of the RF spectrum for later analysis. Heck, the FCC has vans that do this with the not altogether inimical objective of finding and eliminating what radio amateurs call QRM, man-made radio interference.
In your own neighborhood, I'd be willing to bet, there is at least one person who comes to the window every time there's a loud noise in the street. We love to snoop.
If you want paranoia, consider that intelligence services have to consider whether intercepts are planted to ferret out information sources! The people who work on these things will sometimes weigh the importance of information against the importance of assets in place and might choose NOT to use an intercept.
Consider also that they can figure out a lot just from seeing the number, freqency, and endpoints of indecipherable communications. You can glean information from the pattern of messages, even if you can't read the messages.
I think all of this is necessary. Its part of why, despite a world bristling with weapons of terrifying power, we have gone without a global war for over 50 years.
My concern comes in when governments have this power exclusively. So long as you and I can watch the watchers, I think things are reasonably safe. If the US government succeeds in forcing Clipper and Skipjack on us, I think we have something to worry about.
I think the second amendment should add crypto to the right to bear arms as a defence against tyranny. I'm not a gun not, nor am I a crypto nut, but I think the right needs to be there just in case.
So long as you can secure your communications if you really need to, I think you should accept that they watch everything. Heck, I'm glad they watch everything. I just think I should be able to too.
Finally, I don't think it matters much what the government does or does not want us to have. Computing power is becoming nearly free (Beowulf), cameras, recorders, microphones are becoming ubiquitous. It will not be long before everything has a net address (your car, your home, your wristwatch) and GPS will know where all of them are all the time.
Privacy will cease to exist. In fact, it largely already has. Now I think we need to make sure that everybody knows everything or else it will just be governments and marketers. There's a world I don't want to live in.
It's in the National Radio Quiet Zone (Score:2)
Go to www.gb.nrao.edu [nrao.edu] and click on "Quiet Zone". I used to work at NRAO (about 50 miles away), although I didn't know the Navy had an Echelon site down the road at the time. They have a van that drives around and tracks down stray emissions like old faulty microwave ovens or ham radio operators. The NRQZ was apparently established in 1958, so this has been around for a while. I don't know if the Echelon site or the radio observatory came first.
Where to get the background info. (Score:4)
The Puzzle Palace : A Report on America's Most Secret Agency, by James Bamford. Its an older book, but you'll learn quite a bit. I actually ended up having a lot more respect for the NSA when I had finished reading the book.
Another book you may want to check out is Pine Gap : Australia and the US Geostationary Signals
Intelligence Satellite Program. It may be harder to find this one. Its ISBN is 0043030025.
You can always look them up on Amazon.com [amazon.com]
Here is one URL [newsguy.com] on Echelon to get you going.
By the way I think its very silly for Australia to openly or honestly admit this stuff in any fashion or form.
Everybody and their brother is tapping your phone (Score:3)
All communications should be considered to be broadcasts. If you don't encrypt and carefully protect your key, you must assume you're being listened to.
Bruce
Stranger than fiction (Score:2)
Australia sure looks like a bad place to be given the day's news, but this is going to be the game everywhere. Ever read The Invisibles by Grant Morrison?
I'm not sure what is fiction and what is real anymore. This whole article just makes me cynical. And they say that part of the decision to be open about this is to reassure Australians that its domestic spying activity is strictly limited and tightly supervised.
Anyone feel reassured?