Linked by Thom Holwerda on Sun 9th Jun 2013 11:18 UTC
Legal The term 'direct access' seems to be the central issue when it comes to the coordinated PR campaign from Silicon Valley, and a new article from The Washington Post seems to clarify it all quite a bit. "Intelligence community sources said that this description [i.e., direct access], although inaccurate from a technical perspective, matches the experience of analysts at the NSA. From their workstations anywhere in the world, government employees cleared for PRISM access may 'task' the system and receive results from an Internet company without further interaction with the company's staff." This seems to explain why the leaked official documents speak of 'direct access' even though the companies themselves deny it. The leaked documentation probably wasn't written by a technical expert, so he simply used a term that describes the end result (i.e., access whenever, wherever, whatever), but not the actual technical workings (i.e., the system does not directly tap into the companies' own servers). Update: The Guardian has released a new slide from the NSA slide deck: it speaks of "collection directly from the servers" of several US companies, like Apple, Google, Facebook, Microsoft, and so on. It also mentions directly tapping into the very cables that carry data to and from the US. I wonder how long Silicon Valley will continue to lie and/or legalese around the issue. Man up for once.
Order by: Score:
Damage Control
by gfg233 on Sun 9th Jun 2013 13:04 UTC
gfg233
Member since:
2013-06-07

The US software companies can only do their best at saving face from all of this. Expect more public denials, but at the same time anonymous source confirmations to the media.

The Washington Post and The Guardian appear to be going tit for tat with the US government with this, likely intentionally holding more on more details as more denials come through.

Meanwhile, individuals and businesses around the world will start considering alternatives to US data providers. This is literally Facebook, Google and cos worst nightmare.

Reply Score: 8

Comment by Deviate_X
by Deviate_X on Sun 9th Jun 2013 13:12 UTC
Deviate_X
Member since:
2005-07-11

all this kerfuffle, to be honest i'm finding it hard to care, i'm sure it was generally assumed to be going on anyway...

Reply Score: 2

RE: Comment by Deviate_X
by No it isnt on Sun 9th Jun 2013 17:08 UTC in reply to "Comment by Deviate_X"
No it isnt Member since:
2005-11-14

Yeah, the EU already was weary about trusting US corporations with data.

http://www.zdnet.com/blog/igeneration/microsoft-admits-patriot-act-...

Reply Score: 8

RE: Comment by Deviate_X
by WorknMan on Sun 9th Jun 2013 18:16 UTC in reply to "Comment by Deviate_X"
WorknMan Member since:
2005-11-13

all this kerfuffle, to be honest i'm finding it hard to care, i'm sure it was generally assumed to be going on anyway...


Me too. I figured something like this was going on... if not from the government, than from somebody else. As a result, I pretty much assume that any info I give these companies is public knowledge. I think others would be wise to do the same. Doesn't mean you don't have to not do business with them, just don't hand them anything that's super private.

It would be interesting if someone caught Microsoft/Apple scanning the personal files of its users on their local drives and handing them over to the government. But I don't think they would be stupid enough to try it ;)

Reply Score: 3

RE[2]: Comment by Deviate_X
by windowshasyou on Sun 9th Jun 2013 19:06 UTC in reply to "RE: Comment by Deviate_X"
windowshasyou Member since:
2011-05-14

"But I don't think they would be stupid enough to try it"

I wouldn't bet money on that.

Reply Score: 5

cwlh
Member since:
2010-09-03

A set of servers outside the USA and its friends and an email service similar to Gmail would have me for a subscriber today. And goodbye to Google and other branches of the USA government.

Reply Score: 5

franko Member since:
2012-05-25

You could always use I2P's email system
http://www.i2p2.de/
I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties.

Many applications are available that interface with I2P, including mail, peer-peer, IRC chat, and others.

Reply Score: 2

drcoldfoot Member since:
2006-08-25

i2P solves point to point anonymity. But this doesn't solve the anonymity of the data (your personal emails, social networking posts, cloud storage, cloud apps, etc.) stored on the "cloud" server itself.

Edited 2013-06-10 19:48 UTC

Reply Score: 2

Comment by ilovebeer
by ilovebeer on Mon 10th Jun 2013 15:31 UTC
ilovebeer
Member since:
2011-08-08

Now we get to hear people argue about what "direct access" means. Is the physical act of sitting down at their servers and logging in? Does it mean logging in using a company-owned computer? Does it mean logging in remotely? Does it include the ability for the government to submit a digital request for data via search form where the actual search function accesses the databased directly, but the searcher himself does not?

The debates are about to get really stupid and if you can't be scared into turning your back on this issue, you'll be bored into it.

Reply Score: 3

What copying means
by jgmills on Mon 10th Jun 2013 17:44 UTC
jgmills
Member since:
2005-12-15

From reading news reports so far, I conclude that NSA is copying and storing all the content data, but not reading it. Then, when they get a court order to examine the content belonging to an individual who is under suspicion, they can start reading it. That way, they will have access to content several years in the past. It's all legal because they declared it legal.
It's as if they got a warrant to put a wiretap on somebody's phone, but instead of recording phone calls starting when they got the warrant, they can listen to phone calls they recorded before they got the warrant.

Reply Score: 2