Linked by Thom Holwerda on Sat 8th Jun 2013 14:57 UTC
Legal And yes, the PRISM scandal is far, far from over. More and more information keeps leaking out, and the more gets out, the worse it gets. The companies involved have sent out official statements - often by mouth of their CEOs - and what's interesting is that not only are these official statements eerily similar to each other, using the same terms clearly designed by lawyers, they also directly contradict new reports from The New York Times. So, who is lying?
Order by: Score:
Comment by MOS6510
by MOS6510 on Sat 8th Jun 2013 15:00 UTC
MOS6510
Member since:
2011-05-12

Something isn't official until it has been officially denied.

Reply Score: 9

RE: Comment by MOS6510
by Morgan on Sat 8th Jun 2013 15:27 UTC in reply to "Comment by MOS6510"
Morgan Member since:
2005-06-29

"Plausible Deniability" was a term thrown around a lot during the 80s and 90s in the US with regard to certain alphabet organizations operating on US soil in direct violation of the Posse Comitatus Act and other legislation designed to prevent the use of our own military against our citizens. Basically, if the organization's director has no knowledge of the operations being performed, he can't be held accountable for the inevitable backlash.

Now it sounds like the corporations are the ones practicing plausible deniability.

Reply Score: 6

Outrageous
by gfg233 on Sat 8th Jun 2013 15:20 UTC
gfg233
Member since:
2013-06-07

Mark Zuckenberg: "I want to respond personally to the outrageous press reports about PRISM".

So outrageous not even one of those companies has threatened a law suit.

Reply Score: 4

RE: Outrageous
by fkooman on Sat 8th Jun 2013 15:42 UTC in reply to "Outrageous"
fkooman Member since:
2008-05-06

Is he outraged about the press reports or about PRISM?

Reply Score: 4

No direct access
by voidlogic on Sat 8th Jun 2013 15:25 UTC
voidlogic
Member since:
2005-09-03

I'm operating under the assumption that the NSA does not have "direct server access", rather what they have is the SSL private keys from all the companies involved. Maybe the companies volunteered these keys (sounds like MS), maybe they were infiltrated (sounds like Twitter), but it seems completely plausible the NSA has them. I have little doubt armed with the SSL private keys that the smart folks at the NAS could man-in-the-middle attack, and stream traffic from anywhere on the Internet backbone they can put their beam splitters (*cough* prisms...).

Edit: If this is not plausible, explain why and put my mind at ease.

Edited 2013-06-08 15:42 UTC

Reply Score: 4

National Security Letter to the keymaster
by tomz on Sat 8th Jun 2013 15:33 UTC
tomz
Member since:
2010-05-06

The FBI would not go directly to Mark Zuckerberg or Eric Schmidt. Just go to whomever is in charge or has access to the server and demand the private keys and access passwords with the letter that says if you even mention it to any lawyer you will go to jail forever.

Do they audit all the servers to see if they have FBI/NSA malware backdoors?

No one mentioned Verisign, Digicert, or the rest.

I don't believe someone showed up in the CEO's office. Maybe not all the hackers were chinese. And physical access suffices - and that can be from a lowly technician or even janitor.

Reply Score: 3

voidlogic Member since:
2005-09-03

Just go to whomever is in charge or has access to the server and demand the private keys and access passwords with the letter that says if you even mention it to any lawyer you will go to jail forever.


The only reason not to do this is that if you bring the upper level people on board they are gagged too. If not: If I was the CEO and I found this had happened without my consent, that I was never handed the gag letter, in one swoop I would talk to the NY Times, fix the infiltration and fire the employee. After all until they hand me the writ I am unbound.

I don't care what the letter says, If I'm a executive officer I expect my employee to bring me in to the loop, albeit off the record.

Reply Score: 3

Re:
by kurkosdr on Sat 8th Jun 2013 15:35 UTC
kurkosdr
Member since:
2011-04-11

Am I the only one who sees that "secret court orders" violate constitutional rights?

You receive a secret court order. You can't contest it infront of a judge, because you can't reveal it exists. If you contest it and hence you reveal it exists, you are automatically breaking the law. If you don't comply, you are also automatically breaking the law.

As long as there are neckbeards and tools -on a global level- believing all those "do as we say" and "spy on the citizens" acts are being voted to protect us, it will get worse. Dystopian-fiction kind of worse. 'nuff said.

Browser: Mozilla/5.0 (Linux; U; Android 2.3.4; el-gr; LG-P990 Build/GRJ23) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1 MMS/LG-Android-MMS-V1.0/1.2

Reply Score: 9

RE: Re:
by No it isnt on Sat 8th Jun 2013 18:54 UTC in reply to "Re:"
No it isnt Member since:
2005-11-14

It's completely legal, there's just one catch, Catch-22.

Reply Score: 2

RE: Re:
by djohnston on Sat 8th Jun 2013 20:31 UTC in reply to "Re:"
djohnston Member since:
2006-04-11

Am I the only one who sees that "secret court orders" violate constitutional rights?


Welcome to the United Socialist States of Amerika. Most of what the government does "under color of law" now violates the U.S. Constitution, whether it's the President, Congress or a government agency. Every day the Federal Reserve exists, it is in direct violation of Article 1 Secions 8 and 10. And it has existed since 1913.

Even worse, the trickle down effect reaches to the state, county and municipal levels.

Reply Score: 5

RE[2]: Re:
by woegjiub on Sat 8th Jun 2013 23:17 UTC in reply to "RE: Re:"
woegjiub Member since:
2008-11-25

socialism != fascism.

It has brought it in the past, but the most heavily socialist states in the world are the freeest; scandinavia, NZ, Aus, EU, etc.

Edited 2013-06-08 23:18 UTC

Reply Score: 6

RE[3]: Re:
by djohnston on Sun 9th Jun 2013 02:23 UTC in reply to "RE[2]: Re:"
djohnston Member since:
2006-04-11

socialism != fascism.


That's true. The U.S. is both socialist and fascist. In retrospect, what I should have said is that those who believe corporations have no influence over the decision-making at the state and federal levels have not been paying attention. This has been going on a long time, even before the rise of Rockefeller's Standard Oil.

Reply Score: 3

RE[3]: Re:
by orfanum on Sun 9th Jun 2013 08:42 UTC in reply to "RE[2]: Re:"
orfanum Member since:
2006-06-02

Social democracy is not socialism. All the places you mention have social democratic principles or underpinnings, not socialist ones.

It's political 101 stuff.

Reply Score: 7

RE[4]: Re:
by woegjiub on Sun 9th Jun 2013 13:24 UTC in reply to "RE[3]: Re:"
woegjiub Member since:
2008-11-25

Social democracy is watered-down socialism, no?
Government-owned media, power, and other infrastructure (where competition makes no sense, because it needs to be ubiquitous) is a weakened form of government ownership of the means of production.


Once you take subsidies and investments in research and businesses into account, you may not have a socialist state, but it's not a free market either; it's in the middle.

Reply Score: 3

RE[5]: Re:
by orfanum on Sun 9th Jun 2013 17:10 UTC in reply to "RE[4]: Re:"
orfanum Member since:
2006-06-02

Well, you just defined it for yourself, it's in the middle: Social Democracry uses various means to redistribute the way wealth moves through society, as well as securing the ability of citizens to freely engage in both the political process and in the creation of wealth itself.

Germany for example has a cast-iron constitution and some of the most successful businesses on the planet. Does the state of Germany or even Bavaria own BMW? And I would love to see you arguing the point that he or she supported watered-down socialism to a member of the conservative and Catholic Christian Social Union party there.

In your view therefore the United States must be socialist, since the Interstate road system is funded by the government-or do you assiduously avoid using it, given that it therefore must be the highway to socialist hell?

Would that business did actually pay for everything it used to make money in the States (where I am guessing you are from). But that would be a free market, wouldn't it?

Reply Score: 4

RE[6]: Re:
by woegjiub on Sun 9th Jun 2013 22:53 UTC in reply to "RE[5]: Re:"
woegjiub Member since:
2008-11-25

Which was why I called them some of the more socialised countries; the free-state to socialist state balance lies more to the left in those nations than most ohers.

I live in Australia, so I am frustrated by our Labor party selling off government assets, and creating privately owned monopolies.
True socialism would only work in a global (single world-state) technocracy/democracy hybrid, due to how stupid the general population is, and how easily they are made to vote against their own interests.

Liberterianism works nowhere, though. Companies are not accountable, and once they have enough clout, they become un-boycottable. They are able to do anything they like, and use their power to their own interests, at the expense of everyone else, including customers.
It is naïve to trust companies, who do not have to release all of their internal workings, more than one trusts governments, who theoretically do.
Private lobbying is the reason the governments are so corrupted and despotic in the first place.

Edited 2013-06-09 22:58 UTC

Reply Score: 5

RE[7]: Re:
by orfanum on Mon 10th Jun 2013 12:23 UTC in reply to "RE[6]: Re:"
orfanum Member since:
2006-06-02

Sorry, I just do not comprehend your answer: are you for or against socialism? Your chief angst about socialists in your own country is that they are *privatising* assets, which then turn into monopolies.

So, if you are against socialism, then at least you must be in favour of this particular cadre for decoupling state and commercial interests?

If you are for socialism, which some of your reply seems to indicate, since regulating markets that turn into monopolies can be said to be state interference, why are you seemingly down on socialism generally?

I can't make up my mind whether you can't make up your mind, or that you just don't really know what you are addressing apart from some hurt sensibilities at change in your country that for whatever reason you just don't like or are not gaining any advantage from.

I don't mean this maliciously - I genuinely can't fathom where you are coming from.

Reply Score: 2

RE: Re:
by Drumhellar on Sat 8th Jun 2013 21:16 UTC in reply to "Re:"
Drumhellar Member since:
2005-07-12

Am I the only one who sees that "secret court orders" violate constitutional rights?


Nope. The Ninth Circuit court also finds them unconstitutional.

http://www.wired.com/threatlevel/2013/03/nsl-found-unconstitutional

Reply Score: 4

RE: Re:
by l3v1 on Mon 10th Jun 2013 06:32 UTC in reply to "Re:"
l3v1 Member since:
2005-07-06

You receive a secret court order. You can't contest it infront of a judge, because you can't reveal it exists. If you contest it and hence you reveal it exists, you are automatically breaking the law. If you don't comply, you are also automatically breaking the law.


Well, what about ignoring it and denying ever getting it. They couldn't put you in court, since it's all hush-hush anyway. How can you break an order if nobody will acknowledge its existance? Or they'll just send out a black car with tinted windows in the middle of the night ;)

Reply Score: 4

Government?
by re_re on Sat 8th Jun 2013 15:42 UTC
re_re
Member since:
2005-07-06

"This is what you get when you let companies rule the show. They don't care about you, and they don't care about your privacy. I've been saying this for years, but I'll repeat it once more: do not trust companies. Ever."

I think this has more to do with the gov't threatening these companies with the wrath of God. I would find it very hard to believe that even the companies that went above and beyond would have complied with this without being strong armed into it.

That having been said, I am not saying that these corporations are necessarily wonderful members of society or that they did the right thing when they caved. I am however saying that I at least understand that they were under immense pressure from the NSA to do this.

I am not so quick to throw blame at companies. As a general rule I am inclined to more heavily scrutinize government before corporations.

Reply Score: 2

RE: Government?
by orfanum on Sun 9th Jun 2013 08:39 UTC in reply to "Government?"
orfanum Member since:
2006-06-02

I think the problem exists because there is little or no distinction increasingly. In many places in the world affecting to have democracy, constitutions or recognised legal precedent devise strict lines of formal demarcation between, say, the executive and the judiciary. But at the same time, informal practices have eroded the gulf between the executive/parliament and corporations.

In the UK we have two live examples of this. On the one hand, politicians, especially those in government, are becoming more frustrated since the judges often stick to their legal guns, to the 'detriment' of government policy. On the other, the lobbying scandal here demonstrates how politicians, whether of the Left or of the Right, wear different hats at the same time, one being commercial, and anyway slide easily between the business and political worlds. I even think that they do not see a difference.

Orf.

Reply Score: 3

RE[2]: Government?
by Soulbender on Sun 9th Jun 2013 09:33 UTC in reply to "RE: Government?"
Soulbender Member since:
2005-08-18

whether of the Left or of the Right, wear different hats at the same time, one being commercial


Your lefties are wearing commercial hats? Wtf? Shouldn't they be wearing the hat of the proletariat or one of them Castro caps?

Reply Score: 2

RE[3]: Government?
by orfanum on Sun 9th Jun 2013 16:43 UTC in reply to "RE[2]: Government?"
orfanum Member since:
2006-06-02

Well, the items that I have tried to sell them with such motifs are still in the warehouse..

Reply Score: 2

Comment by Nelson
by Nelson on Sat 8th Jun 2013 15:49 UTC
Nelson
Member since:
2005-11-29

We start to get into a gray area when companies start being blamed for complying with the law. They are compelled to provide this information by the Government of what is in some cases their host country. Surely a little slack can be afforded to the ones that did comply.

In addition, I find that what Google and others did to further the security of the provided information to be equally as noble. Just because they don't like what they're being forced to do, doesn't mean that they need to do it recklessly.

Twitter surprised me by refusing to comply, and I'd love to read some sort of statement or postmortem of this entire thing when the smoke clears. If true, it was majorly heroic from a moral and ethical standpoint. I'm interested in the ramifications of companies asserting more autonomy by pushing back against their host governments when it comes to data privacy.

Now, I instead would 100% like to direct the outrage at the Federal Government. From a practical matter, perhaps they feel justified in that they may have access to intelligence otherwise not possible without the wiretappings. Still, for me and many others this is a step too far.

If, as some put it, the goal of terrorism is to dismantle the freedoms of say Americans, then we'd be playing directly into their hand by having our own liberties eroded in the name of counter terrorism.

Americans have shown to put up with this BS in small dosages (think the TSA body scanners), but its much easier to express outrage over phone wiretappings and backdoors into Facebook.

For what its worth, I don't think the companies affected particularly like the fact that they're forced to do this. When stuff like this happens and documents leak out, we get major PR headaches for all affected.

Reply Score: 3

RE: Comment by Nelson
by voidlogic on Sat 8th Jun 2013 16:03 UTC in reply to "Comment by Nelson"
voidlogic Member since:
2005-09-03

We start to get into a gray area when companies start being blamed for complying with the law. They are compelled to provide this information by the Government of what is in some cases their host country. Surely a little slack can be afforded to the ones that did comply.


Understandable and excusable are different. When it comes to things like human rights and civil liberties I expect people (and therefore companies) to to make the hard call and do what is right. What you are saying is just more supporting evidence of the banality of evil.

I'm not just talking about civil disobedience there. I'm sure the smart folks at many of these companies could work on engineering their products so that complying with these orders in a meaningful was be technically impossible and provide the government with no information.

Reply Score: 5

RE[2]: Comment by Nelson
by WorknMan on Sat 8th Jun 2013 18:59 UTC in reply to "RE: Comment by Nelson"
WorknMan Member since:
2005-11-13

Understandable and excusable are different. When it comes to things like human rights and civil liberties I expect people (and therefore companies) to to make the hard call and do what is right. What you are saying is just more supporting evidence of the banality of evil.


Right. So you're running a large company, and the government comes to you and says, 'We need some information from your servers about Joe Sixpack, and by law, you must provide us with this information.' So, what are you going to do? Are you going to play the hero and get yourself thrown in jail, and your company possibly put out of business? I'm sure we could get a good debate going about whether such things should be legal, but the point is that they ARE legal, and businesses are legally obligated to hand this information over. So I personally don't hold it against them.

I'm not just talking about civil disobedience there. I'm sure the smart folks at many of these companies could work on engineering their products so that complying with these orders in a meaningful was be technically impossible and provide the government with no information.


The way I look at it, it's like the DMCA. If you're being requested for information and it happens frequently enough so that it's a pain in the ass to do it manually, eventually you'll come up with some way to streamline the process. Otherwise, it's probably costing you time and money, and slowing down the process. If you HAVE to do it anyway, might as well be quick about it.

Edited 2013-06-08 19:04 UTC

Reply Score: 3

RE[3]: Comment by Nelson
by voidlogic on Sat 8th Jun 2013 19:24 UTC in reply to "RE[2]: Comment by Nelson"
voidlogic Member since:
2005-09-03

Right. So you're running a large company, and the government comes to you and says, 'We need some information from your servers about Joe Sixpack, and by law, you must provide us with this information.' So, what are you going to do? Are you going to play the hero and get yourself thrown in jail, and your company possibly put out of business? I'm sure we could get a good debate going about whether such things should be legal, but the point is that they ARE legal, and businesses are legally obligated to hand this information over. So I personally don't hold it against them.


Fair enough, the first few times it happened. Then I would like to see companies like Google to take technical measures to make it impossible to comply with these kind of orders in a meaningful way (Ideas follow):

It could be as simple as making sure non-encrypted user data is in jurisdiction non-amenable to assisting other security states and owned by a subsidiary local to that jurisdiction.

So they might comply, but the powers that be would get no useful information. For example, my gmail messages could be encrypted using my public key and only decrypted client side using my private key. Then Google could not read my mail (after storing it) and they could not provide anything but cryptotext to governments. They could still do all their advertising/search stuff by doing keyword indexing or whatever they do at receive time.

Q: How much extra work is this?

Not much, the server has one extra public key encrypt (which is cheap and happens every-time you visit a HTTPS page), after that the extra work is done client side (and is still pretty cheap). The only thing burdensome perhaps is that any search/ad indexing must happen are receive time and is not deferred (which may or may not be the case now for gmail).

The real technical challenge here is how to make sure the user has their private key on their devices/browsers without storing the key at Google, etc. Perhaps putting this key server in a different legal jurisdiction or letting users sneaker-net it at their choice is an option.

Reply Score: 2

RE[4]: Comment by Nelson
by WorknMan on Sat 8th Jun 2013 20:06 UTC in reply to "RE[3]: Comment by Nelson"
WorknMan Member since:
2005-11-13

Q: How much extra work is this?


Not only how much work, but how much would it cost, including server resources? Would you be willing to pay for this extra level of security?

Reply Score: 2

RE[5]: Comment by Nelson
by voidlogic on Sat 8th Jun 2013 20:16 UTC in reply to "RE[4]: Comment by Nelson"
voidlogic Member since:
2005-09-03

Not only how much work, but how much would it cost, including server resources?


With the design I have in mind, very little. I tried to make that clear.

Would you be willing to pay for this extra level of security?


Yes. However, a company that claims to be concerned about government invasion of privacy on moral grounds should make this their base offering. I don't think, even at scale, the cost increase would be substantial, at least compared to the current cost of operations.

Reply Score: 3

RE[5]: Comment by Nelson
by darknexus on Sun 9th Jun 2013 01:58 UTC in reply to "RE[4]: Comment by Nelson"
darknexus Member since:
2008-07-15

Not only how much work, but how much would it cost, including server resources? Would you be willing to pay for this extra level of security?

Don't forget that Google would never do such a thing. They make money from analyzing your emails (along with anything else you give them) to try to shove ads down your throat. Encrypt your mail so Google couldn't utilize the only part of their business plan that is actually bringing in the cash? Lol.

Reply Score: 4

RE[4]: Comment by Nelson
by tylerdurden on Sun 9th Jun 2013 01:11 UTC in reply to "RE[3]: Comment by Nelson"
tylerdurden Member since:
2009-03-17

The problem is that part of google's business plan depends on being able to read your mail... It's also a reason why it's a free (as in gratis) service

Reply Score: 3

RE[5]: Comment by Nelson
by voidlogic on Sun 9th Jun 2013 03:20 UTC in reply to "RE[4]: Comment by Nelson"
voidlogic Member since:
2005-09-03

The problem is that part of google's business plan depends on being able to read your mail...


That is why I suggested the ad/search indexing be done at receivable time prior to long term (encrypted) storage.

Reply Score: 2

RE[6]: Comment by Nelson
by Alfman on Sun 9th Jun 2013 06:08 UTC in reply to "RE[5]: Comment by Nelson"
Alfman Member since:
2011-01-28

voidlogic,

"That is why I suggested the ad/search indexing be done at receivable time prior to long term (encrypted) storage."


I've worked with similar encryption schemes, but unfortunately there are a lot of technical issues arising from the proposal. Even if it didn't interfere with google's business model (I agree with tylerdurden that it does), it introduces usability problems due to the lack of server side processing & indexing.

For example, an email provider might implement features such as searching, threaded views, sorting, grouping, etc, their code must have access to cleartext data&indexes. For client side fat-apps (ie imap clients) it wouldn't necessarily be a problem to sync with all encrypted server data to build necessary indexes locally, but web-apps are a different story. Consider phone users who have limited ram, limited storage, limited cpu, limited battery, and pay $$ per meg: god forbid they need to regenerate an index or run an adhoc mail search.

Don't get me wrong, I understand where your coming from. Unfortunately though it would still be trivial for a service provider to modify a client side web app to leak your keys back to themselves anyways. Who knows if a court would legally compel them do to so if they knew it was possible. In the end maybe it's better to use your own server if you do not trust your service provider.

Edited 2013-06-09 06:09 UTC

Reply Score: 3

RE[7]: Comment by Nelson
by voidlogic on Sun 9th Jun 2013 14:25 UTC in reply to "RE[6]: Comment by Nelson"
voidlogic Member since:
2005-09-03


I've worked with similar encryption schemes, but unfortunately there are a lot of technical issues arising from the proposal.

I never said it would be trivial. I believe it is feasible, and futhermore, my idea was just an example, I'm sure other people could come up with a better design for such as system.

Even if it didn't interfere with google's business model (I agree with tylerdurden that it does), it introduces usability problems due to the lack of server side processing & indexing.

In the proposed system indexing is still happening, yes that means the government could get a dump of the indexes, but depending on what is being indexed that still may not be to useful. I suggest two levels of indexing, "vague" indexing at the server side (pre-encrypt) and detailed indexing/filtering client side.

but web-apps are a different story. Consider phone users who have limited ram, limited storage, limited cpu, limited battery, and pay $$ per meg: god forbid they need to regenerate an index or run an adhoc mail search.

What I am suggesting is that the "rough" indexing be done server side with its limited indexes, any of the operations you describe would further filter the results client side. Is this less efficient bandwidth-wise? Yes, but not as bad as making the client index everything.

Don't get me wrong, I understand where your coming from. Unfortunately though it would still be trivial for a service provider to modify a client side web app to leak your keys back to themselves anyways. Who knows if a court would legally compel them do to so if they knew it was possible. In the end maybe it's better to use your own server if you do not trust your service provider.

Using your own server might be an option for you or I, but it is not for the average gmail user. Also if people are running an HTML5 thickclient they could have and code from a third party non-profit in a neutral jurisdiction verify the SHA256 hash of the HTML5 client code.

I'm not saying there are not problems with my proposal (which was meant as an example to get people think), but their are always solutions and I think some of you guys are being a bit pessimistic and close minded.

Reply Score: 1

RE[4]: Comment by Nelson
by talaf on Mon 10th Jun 2013 06:20 UTC in reply to "RE[3]: Comment by Nelson"
talaf Member since:
2008-11-19

Q: How much extra work is this?

Not much, the server has one extra public key encrypt (which is cheap and happens every-time you visit a HTTPS page), after that the extra work is done client side (and is still pretty cheap). The only thing burdensome perhaps is that any search/ad indexing must happen are receive time and is not deferred (which may or may not be the case now for gmail).

The real technical challenge here is how to make sure the user has their private key on their devices/browsers without storing the key at Google, etc. Perhaps putting this key server in a different legal jurisdiction or letting users sneaker-net it at their choice is an option.



Actually, if I get you idead correctly, it would mean doing public key encryption rather than private key encryption for Google, which is orders of magnitude slower. While it's technically "cheap", the cost in processing would be gigantic.

Reply Score: 2

RE[3]: Comment by Nelson
by TM99 on Sun 9th Jun 2013 05:59 UTC in reply to "RE[2]: Comment by Nelson"
TM99 Member since:
2012-08-26

Right. So you're running a large company, and the government comes to you and says, 'We need some information from your servers about Joe Sixpack, and by law, you must provide us with this information.' So, what are you going to do? Are you going to play the hero and get yourself thrown in jail, and your company possibly put out of business? I'm sure we could get a good debate going about whether such things should be legal, but the point is that they ARE legal, and businesses are legally obligated to hand this information over. So I personally don't hold it against them.


I hold it against them, and yes, I do expect them to stand up to this. Does this generation never study history any more? Go read about the Red Scare and McCarthyism. It was finally stopped when individuals and businesses began to stand up to the crazy intrusions upon civil liberties. It would not have if everyone did what you and Nelson (the corporate shill & apologist) are suggesting here.

Yup, poor little CEO's and corporations. They have a multi-billion dollar tax haven, errr, I mean business, to run. They can't be bothered with standing up to obvious governmental violations of the US Constitution & civil liberties!

Christ on a pogo stick. Haven't ya'll read any decent distopian science fiction? Unplug and read a fucking book or two!

Reply Score: 4

Comment by Nelson
by Nelson on Sat 8th Jun 2013 15:56 UTC
Nelson
Member since:
2005-11-29

http://news.cnet.com/8301-13578_3-57588337-38/no-evidence-of-nsas-d...

CNET article which casts doubt on the "direct access" portion of these allegations.

Reply Score: 2

RE: Comment by Nelson
by gfg233 on Sat 8th Jun 2013 16:07 UTC in reply to "Comment by Nelson"
gfg233 Member since:
2013-06-07
RE[2]: Comment by Nelson
by avgalen on Sat 8th Jun 2013 17:48 UTC in reply to "RE: Comment by Nelson"
avgalen Member since:
2010-09-23

Contrary to what Tom says, not all of them mentioned DIRECT Access in their press release:

Then there's AOL:

We do not have any knowledge of the Prism program. We do not disclose user information to government agencies without a court order, subpoena or formal legal process, nor do we provide any government agency with access to our servers.

Reply Score: 2

RE[3]: Comment by Nelson
by UltraZelda64 on Sat 8th Jun 2013 17:52 UTC in reply to "RE[2]: Comment by Nelson"
UltraZelda64 Member since:
2006-12-05

Maybe they were running short on time. Either that or they forgot a point.

But it is still disturbing how similar they all are.

Edited 2013-06-08 17:52 UTC

Reply Score: 4

Again
by Treza on Sat 8th Jun 2013 16:12 UTC
Treza
Member since:
2006-01-11

I'll repeat what I've written in the previous thread.

Even if these lies were true, the mere fact that some employees of Google, Facebook and others have access to that information is very dangerous. There is no reason to trust them more than the CIA.

They say they refuse to share that information with governments, not that they don't exploit that information themselves.

I doubt Zucker and Page and other actually know how many US and foreign "agents" are working in their premises.

The solutions : Distributed servers (a compromised server must not give access to everything), self hosting, encryption everywhere (they don't need to know the content, just transfer it for decryption on the endpoint).

Reply Score: 2

Those running the show
by darknexus on Sat 8th Jun 2013 17:29 UTC
darknexus
Member since:
2008-07-15

This is what you get when you let companies rule the show. They don't care about you, and they don't care about your privacy. I've been saying this for years, but I'll repeat it once more: do not trust companies. Ever.

Thom, how can you be so right about the rest of it and then say something this stupid? This is what you get whenever you have a government running the show, not companies. Facebook, Apple, Google, etc aren't running the show here. If they did, of course, these particular types of problems would be much less likely since it'd be bad for business and lose any company who did it a good deal of their user base. Of course, companies running the show causes other problems. What it boils down to is, people cause problems. Everything's perfect until the power-hungry bastards get involved, and that applies to companies, governments, and anything else you can name.
The only solution is a completely free society, but we'll never have that because so many people just want to be ruled. Living on their own is just too hard for them. They'd rather not think, and would rather just be told how to live and that they're safe. It's because of people like those that we'll see this cycle repeat again and again without end, no matter who runs the show. Those people want to be ruled, and there's always at least one power-lover that wants to do the ruling.

Reply Score: 2

RE: Those running the show
by woegjiub on Sat 8th Jun 2013 23:24 UTC in reply to "Those running the show"
woegjiub Member since:
2008-11-25

We all know the government can not be trusted with these matters. The point is that companies can also not be trusted, and that libertarians are naïve for thinking monopolising companies would not throw all of their users under the bus to improve profit margins or marketshare.

Reply Score: 4

RE: Those running the show
by TM99 on Sun 9th Jun 2013 05:50 UTC in reply to "Those running the show"
TM99 Member since:
2012-08-26

Are you truly so young and naive that you believe that it is solely the 'government'?

The government the USA has today is a revolving door between lobbyists, corporate CEO's and CFO's, and cabinet chiefs & congressmen/congresswomen.

Obama's entire 'economic' advisory team is made up of former banking officials from Wall Street. When he planned to revamp healthcare, he didn't turn to the doctors, allied health professionals, or the people, he turned to the CEO's of corporate insurance companies. The current education secretary doesn't listen to teachers or educators, he turns to the Bill Gates Foundation to implement his policies of reform. The Social Security trust fund would be entirely solvent if the money borrowed from it for the Iraq War was paid back. Instead, Congress turns to bankers to devise privatization schemes.

The USA is a corporate government and very rarely the Republic it was once founded to be. The government is not run by the people for the people. It is owned and run by MBA's, CEO's, and lapdog House, Senate, and Presidents beholden to these large entities for their billion dollar campaign war chests.

Stop reading Ayn Rand and do some study, research, reading, and observation. It is all laid out in front of us on a daily basis. PRISM is just another blatant example & Thom is dead on with his assessment and analysis.

Reply Score: 10

RE[2]: Those running the show
by Alfman on Sun 9th Jun 2013 06:21 UTC in reply to "RE: Those running the show"
Alfman Member since:
2011-01-28

TM99,

+1 if I could. There's a big facade in place, but anyone who opens their eyes will see that washington is overrun by corporate interests.

Reply Score: 6

How about this?
by leonalpha on Sat 8th Jun 2013 18:30 UTC
leonalpha
Member since:
2011-02-02

Here's a statement from Google, found here: https://plus.google.com/+YonatanZunger/posts/huwQsphBron

I have a tremendous number of thoughts about the various revelations about the NSA's domestic espionage programs revealed this week. But first and foremost, I wanted to share this message from +Larry Page and our Chief Legal Officer +David Drummond. Google had no involvement in the PRISM program and the first we heard of it was when Greenwald's article hit the press.

I'm not sure what the details of this PRISM program are, but I can tell you that the only way in which Google reveals information about users are when we receive lawful, specific orders about individuals -- things like search warrants. And we continue to stand firm against any attempts to do so broadly or without genuine, individualized suspicion, and publicize the results as much as possible in our Transparency Report. Having seen much of the internals of how we do this, I can tell you that it is a point of pride, both for the company and for many of us, personally, that we stand up to governments that demand people's information.


These reports from Thom have become increasingly annoying.

Reply Score: 2

RE: How about this?
by gfg233 on Sat 8th Jun 2013 19:12 UTC in reply to "How about this?"
gfg233 Member since:
2013-06-07

Pretty strong words from Yonatan Zunger (sounds Israeli). I actually believe him but he may well have not been in the loop.

"Yonatan Zunger02:50+15

+M Monica +Matt Harmon I have my own suspicions -- which I won't go into here -- about what PRISM was actually about. I'll just say that there are ways to intercept people's Google, Facebook, etc., traffic in bulk without sticking any moles into the org -- or directly tapping their lines. You may find some interesting hints in the leaked PRISM slides, http://www.washingtonpost.com/wp-srv/special/politics/prism-collect... , especially the second and fourth ones shown there. The subtleties of phrasing are important, I suspect, not because they were trying to be elliptical but because they reveal what was obvious to the people who were giving that presentation. "

"Yonatan Zunger03:17+8

+Michael Comia The NYT article touches on a number of things which I can't comment about, but I'll say that in every such matter that I'm familiar with, ethical standards were upheld which I would not feel embarrassed about in the least if the entire details were to be made public. "

Edited 2013-06-08 19:19 UTC

Reply Score: 2

Article on Ars
by WorknMan on Sat 8th Jun 2013 20:07 UTC
WorknMan
Member since:
2005-11-13

Google: 'we cannot say this more clearly,' no government access to servers

http://www.theverge.com/2013/6/8/4408622/google-cannot-say-this-mor...

Reply Score: 2

RE: Article on Ars
by UltraZelda64 on Sun 9th Jun 2013 00:54 UTC in reply to "Article on Ars"
UltraZelda64 Member since:
2006-12-05

I would love to believe that, and sure--it's a comforting thought. It damn well better be, because that's their business on the line... and they're already on the receiving end of trust issues. But, were there any more top-secret court orders that require the kind of complete silence that Verizon is forced to comply with?

More needs to be found out about this PRISM operation and Google's (as well as the other companies' involvements) with it. Why, if they really did, did they join for one thing. How are we supposed to believe that Google or any of the others are not ordered to keep silent when they apparently already willfully joined this PRISM crap?

There's a lot to be explained; until then, their trust is shattered as far as I'm concerned.

Reply Score: 4

RE[2]: Article on Ars
by Morgan on Sun 9th Jun 2013 03:16 UTC in reply to "RE: Article on Ars"
Morgan Member since:
2005-06-29

If Google (and the other companies involved) really want to tell the truth without getting in trouble with gag orders, they can say something like "We are unable to confirm any allegations of collusion with the government regarding access to our data stores". That sends the message that yes, we are compromised, and no, we can't tell you about it.

But they won't do that because they would bleed customers like a severed artery.

Reply Score: 5

RE[3]: Article on Ars
by UltraZelda64 on Sun 9th Jun 2013 04:38 UTC in reply to "RE[2]: Article on Ars"
UltraZelda64 Member since:
2006-12-05

But they won't do that because they would bleed customers like a severed artery.

Such a perfect analogy. Well said.

Reply Score: 2

Excellent detective work, Thom
by benali72 on Sun 9th Jun 2013 06:22 UTC
benali72
Member since:
2008-05-03

Excellent detective work, Thom. If only the U.S. press had the intelligence to figure out and post what you have. Instead we get the press lining up to repeat these PR statements as fact, with little real analysis.

Reply Score: 3

RE: Excellent detective work, Thom
by bnolsen on Sun 9th Jun 2013 13:00 UTC in reply to "Excellent detective work, Thom"
bnolsen Member since:
2006-01-06

the us press didn't break any of these scandals, I believe they spend more time trying to find ways to keep the lid on them.

Reply Score: 5

yester64 Member since:
2012-07-28

the us press didn't break any of these scandals, I believe they spend more time trying to find ways to keep the lid on them.


Perhaps the reason is the us press is kind of dead and not very critical and only critical if it serves the partisan view.

Reply Score: 3

Who's lying every one
by gjones on Sun 9th Jun 2013 12:57 UTC
gjones
Member since:
2013-06-09

So the the government doesn't get the data directly from the internet companies but the data goes through a data broker who takes the anonymous Google data and matches it to users (just one example of many). The truth and the lie exist in a state like quantum indeterminacy. To paraphrase from a popular recent movie there are some more responsible than others and they will be held accountable. Of course in the new America we will probably see whoever leaked this data go to jail for a very long time while those that have committed crimes against our shrinking freedoms will be rewarded with wealth and great career prospects.

Reply Score: 2

not surprised
by yester64 on Sun 9th Jun 2013 20:09 UTC
yester64
Member since:
2012-07-28

i got say that i am not really surprised with all of this.
Politicians voted for that to be a reality and the real surprise is that everyone is surprised.
And, will it be changed now?
I think the only thing that will come of this is, that for awhile trust will be lost. But in the end nothing will change. I am sure of that.

Reply Score: 3

v Thom, who has the guns?
by Berend de Boer on Sun 9th Jun 2013 22:23 UTC
RE: Thom, who has the guns?
by Treza on Sun 9th Jun 2013 22:56 UTC in reply to "Thom, who has the guns?"
Treza Member since:
2006-01-11

So what?

Companies are lying (at least by omission), they must not be trusted.
They could be trusted more if they said : "everything you write or wrote may be accessible by the NSA"

Their attitude is also very arrogant.
When Google says "we don't share our server's contents", it means that want to keep it for themselves, not that they are making efforts to make difficult the systematic exploitation of data.

In a way, they consider being "above" the governments.

Reply Score: 2

RE: Thom, who has the guns?
by Soulbender on Mon 10th Jun 2013 04:35 UTC in reply to "Thom, who has the guns?"
Soulbender Member since:
2005-08-18

Government puts gun to your head, and says: "Gi'me the data."


So I guess Twitter just took the bullet, eh? Maybe they wore bullet-proof helmets?

Seriously, we don't know how much pressure was applied but if it's true that you could just decline the offer that does make the companies that joined seem rather suspicious.

Reply Score: 3

Cloud data storage services
by vasko_dinkov on Mon 10th Jun 2013 07:31 UTC
vasko_dinkov
Member since:
2005-09-13

Anyone still in doubt why all those companies started offering (almost) unlimited cloud data storage for all your images, files & documents in the recent years? Yeah, it's definitely just for easier device sync.

Reply Score: 4

Genuine shock?
by M.Onty on Mon 10th Jun 2013 10:13 UTC
M.Onty
Member since:
2009-10-23

I wonder how many Facebook/Google/&c. users are genuinely shocked by the revelation that their data is being passed around with arrogant ease? I feel there must be a word, phrase or cautionary tale to better describe this mentality, but I can't think of it. So I'll say its the false bravado of someone who's been ignoring what he has always expected was going on, and now its been shoved in his face feels the need to react angrily to save face.

Why the hell did anyone think cloud backup services exist? Of course its not the best way of getting large amounts of data (i.e. larger than an address book) to sync across devices. If that were the real intention then we'd be sold bluetooth memory bracelets or somesuch that would do it locally in a fraction of the time. Honestly gov, your files are taken to California and back for your own benefit. The hard drives grow better out here due to the favourable climate, donchaknow.

I'm not being flippant or saying I-told-them-but-would-they-listen. I really think that the majority of those users don't value their own data or privacy, so long as its stripped away from them gently and quietly. After all, many of these services are 'sold' to the user as a way of more efficiently advertising yourself to and measuring yourself against your 'friends' by means of witty updates & constant peer scrutiny. Now we've been reminded of what losing your privacy can actually signify the rush is on to pretend its always meant something to us.

I'm glad the PRISM programme exists and is being publicly discussed. Hopefully bringing the subject into Airstrip One territory will make a few more people remember the value of privacy.

Reply Score: 4

They have no choice but to lie
by bolomkxxviii on Mon 10th Jun 2013 13:03 UTC
bolomkxxviii
Member since:
2006-05-19

It is a federal crime to disclose details about this secret government spying program. They have no choice but to lie. Therefore they can deny all they want without worry of being sued.

Reply Score: 2

Quietude
by CapEnt on Mon 10th Jun 2013 14:29 UTC
CapEnt
Member since:
2005-12-18

I feel a quite strange silence about what these companies received as a reward for their compliance.

Agencies engaging in secret programs not only bullies companies in compliance, they try to get them willing to their side.

We are dealing here with companies that exists largely on internet, they can move their headquarters and data centers anywhere in the world, still they choose to collaborate and remain quiet.

So, what they got? If they received large cash and public incentives/protection in detriment of other multinationals, they violated a handful of WTO rules and things can get far worse for American government in that case.

Reply Score: 2

RE: Quietude
by unclefester on Tue 11th Jun 2013 09:37 UTC in reply to "Quietude"
unclefester Member since:
2007-01-13

So, what they got? If they received large cash and public incentives/protection in detriment of other multinationals, they violated a handful of WTO rules and things can get far worse for American government in that case.


The deal is simple. Be nice to the government and you can break as many laws as you want. Don't bother about paying corporate taxes, defrauding investors or nasty foreign companies suing you.

Reply Score: 3

Comment by ilovebeer
by ilovebeer on Mon 10th Jun 2013 15:22 UTC
ilovebeer
Member since:
2011-08-08

Nobody should be surprised by any of this, and it shouldn't take to crystal ball to have predicted it years ago. Trust is nothing more than an illusion to help people sleep better at night. In truth, people can't even be trusted to act in their own best interests so why anyone would think a government or for-profit company would is beyond me. These entities have a single primary goal - to control the behavior of others. They're great at it and no tool is left unused.

Reply Score: 3

v No Thom
by andrewclunn on Mon 10th Jun 2013 15:23 UTC