PRISM - Is Not What You Think (Illustrated)

reply to post by stealthyaroura


Wow, you took it old school for real! Good stuff...

Phreaking, in my day, was using a handheld tape recorder and putting coins into a payphone to record the very subtle tones that the coins made when dropping them in. Then you up the volume way loud and play back in the phone to get free long distance from any pay phone. It didn't last long, but was fun while it did.

Reminds me of the old tape on the end of a dollar bill, and soda machines or the good ol quarter with a hole drilled through it with some fishing wire at the video arcade.

Ah, nostalgia. Thanks for the memories.

~Namaste

reply to post by SonOfTheLawOfOne


aha but can you whistle 2600Hrz and stack trunk calls I Think You Could. glad you enjoyed the blast from the past.
interesting times now eh. same old monitoring it's just more complex. neat thread.

This is really starting to sound like Shadowrun. Now all we need are talking dragons and shamans with gator totems running around.

reply to post by FollowTheWhiteRabbit

what is shadowrun?

Originally posted by SonOfTheLawOfOne

Originally posted by WaterBottle
Then why even bother getting a warrant....

You must have missed the explanation for the warrant...

The NSA can't decrypt all of the secure / SSL traffic that they have. They can see the bits that are unencrypted. They inspect that traffic for "signs" of behavior that should be flagged. However, if all of your email is sent over SSL, it could take them days, weeks even months to decrypt all of your email. Same with chats or instant messages. The warrants are because they are not allowed to have the super duper secret encryption key that Google, or Facebook, or whoever uses, to encrypt their traffic, so they issue the warrant to bypass that problem and just get the decrypted data from the company.

I hope that makes sense.

~Namaste

Thats is PURE MULARKEY! takes them weeks.. pfft

who are you trying to fool? That "encryption" is so pathetically easily "cracked" by the Govt.

I was a Telecom Specialist and suffered thru massive amounts of schooling. And held a TS.

Great article...

Got a geat idea?

Well now by default, you will be required to share it with the government and their puppet masters.

If you're an entrepreneur with a unique business model, if you're an inventor with innovative ideas, if you're an author with a great piece of fiction in the works, if you're a scientist conducting valuable research, if you're a company with proprietary plans, if you're anybody who's tried to make it in this dog-eat-dog world, you can forget about realizing the rewards of your hard work.

PRISM is the perfect tool for industrial espionage. It will ultimately be used to rip-off any and all creative works. Anything which demonstrates even the slightest potential. It will reap the harvest, of everything you sow.

F.T.G.

reply to post by SonOfTheLawOfOne


Excellent post S&F

reply to post by SonOfTheLawOfOne

The warrants are because they are not allowed to have the super duper secret encryption key that Google, or Facebook, or whoever uses, to encrypt their traffic

I wouldn't be quite so certain about that if I were you.

Very informative thread! Thanks for that.

I can't help wondering if PRISM is version 2 of the old MATRIX (Multistate Anti-Terrorism Information Exchange)
MATRIX

This has nothing todo with the movie of the same name. Al thou a brilliant choice of name, in case someone would google it.

The Multistate Anti-Terrorism Information Exchange Program, also known by the acronym MATRIX, was a U.S. federally funded data mining system originally developed for the Florida Department of Law Enforcement described as a tool to identify terrorist subjects.

The system was reported to analyze government and commercial databases to find associations between suspects or to discover locations of or completely new "suspects". The database and technologies used in the system were housed by Seisint, a Florida-based company since acquired by Lexis Nexis.

The Matrix program was shut down in June 2005 after federal funding was cut in the wake of public concerns over privacy and state surveillance.

Of what i have been reading, PRISM was launched in 2007. This would give them 2 years of further development. It could also just be a part of PRISM these days?

Does anyone know more on this?

Just found it strange that the MATRIX-project was suddenly cut (due to lack of funds, and privacy concerns (like the NSA would give a sh!t))

Originally posted by SonOfTheLawOfOne
The warrants are because they are not allowed to have the super duper secret encryption key that Google, or Facebook, or whoever uses, to encrypt their traffic, so they issue the warrant to bypass that problem and just get the decrypted data from the company.

probably a concession agreed on to keep the companies from being dragged into lawsuits

Originally posted by WaterBottle
Then why even bother getting a warrant....

A warrant is needed for the prosecution of the person in question, if they do not have a warrant they can NOT use any data mined from that person because it can not be used in court as avidence if they don't have a warrant for it.

If you want to make a case against someone over internet data you have to give the court LEGAL evidence, without a warrant all intel is ILLEGAL and will not be usable in court.
Same way police NEEDS a warrant to search your home or else they are the ones breaking the law and you can sue them.

Excellent breakdown. I have been looking into the NSA since 2001. I think you may not know the exact method they are doing this snooping. Yes the split it off and ciphon into a different room. I know enough about this program to say the spying is total and complete. They do have supercomputers that can sift through this days. Algorithms have been written to ignore the information they are not looking for.

Under construction by contractors with top-secret clearances, the blandly named Utah Data Center is being built for the National Security Agency. A project of immense secrecy, it is the final piece in a complex puzzle assembled over the past decade. Its purpose: to intercept, decipher, analyze, and store vast swaths of the world’s communications as they zap down from satellites and zip through the underground and undersea cables of international, foreign, and domestic networks. The heavily fortified $2 billion center should be up and running in September 2013. Flowing through its servers and routers and stored in near-bottomless databases will be all forms of communication, including the complete contents of private emails, cell phone calls, and Google searches, as well as all sorts of personal data trails—parking receipts, travel itineraries, bookstore purchases, and other digital “pocket litter.” It is, in some measure, the realization of the “total information awareness” program created during the first term of the Bush administration—an effort that was killed by Congress in 2003 after it caused an outcry over its potential for invading Americans’ privacy.

This article came out. 2-3 years ago and it spells out what is going on. You cannot read this article and not realize that Americans are the target.

About the data...

Given the facility’s scale and the fact that a terabyte of data can now be stored on a flash drive the size of a man’s pinky, the potential amount of information that could be housed in Bluffdale is truly staggering. But so is the exponential growth in the amount of intelligence data being produced every day by the eavesdropping sensors of the NSA and other intelligence agencies. As a result of this “expanding array of theater airborne and other sensor networks,” as a 2007 Department of Defense report puts it, the Pentagon is attempting to expand its worldwide communications network, known as the Global Information Grid, to handle yottabytes (1024 bytes) of data. (A yottabyte is a septillion bytes—so large that no one has yet coined a term for the next higher magnitude.) It needs that capacity because, according to a recent report by Cisco, global Internet traffic will quadruple from 2010 to 2015, reaching 966 exabytes per year. (A million exabytes equal a yottabyte.) In terms of scale, Eric Schmidt, Google’s former CEO, once estimated that the total of all human knowledge created from the dawn of man to 2003 totaled 5 exabytes. And the data flow shows no sign of slowing. In 2011 more than 2 billion of the world’s 6.9 billion people were connected to the Internet. By 2015, market research firm IDC estimates, there will be 2.7 billion users. Thus, the NSA’s need for a 1-million-square-foot data storehouse. Should the agency ever fill the Utah center with a yottabyte of information, it would be equal to about 500 quintillion (500,000,000,000,000,000,000) pages of text. The data stored in Bluffdale will naturally go far beyond the world’s billions of public web pages. The NSA is more interested in the so-called invisible web, also known as the deep web or deepnet—data beyond the reach of the public. This includes password-protected data, US and foreign government communications, and noncommercial file-sharing between trusted peers. “The deep web contains government reports, databases, and other sources of information of high value to DOD and the intelligence community,” according to a 2010 Defense Science Board report. “Alternative tools are needed to find and index data in the deep web … Stealing the classified secrets of a potential adversary is where the [intelligence] community is most comfortable.” With its new Utah Data Center, the NSA will at last have the technical capability to store, and rummage through, all those stolen secrets. The question, of course, is how the agency defines who is, and who is not, “a potential adversary.”

www.wired.com...
I would argue that you have done the best you can considering that this is as highly classified as things can be. This is just the tip of the iceberg.

The federal surveillance programs revealed in media reports are just “the tip of the iceberg,” a House Democrat said Wednesday. Rep. Loretta Sanchez (D-Calif.) said lawmakers learned “significantly more” about the spy programs at the National Security Agency (NSA) during a briefing on Tuesday with counterterrorism officials. “What we learned in there,” Sanchez said, “is significantly more

Tools like Prism (or any other electronic surveillance tool) are double edged swords.

These tools can do what the government says - to find terrorists and criminals.

These tools can also be used for stealing ideas and technologies and to blackmail perfectly good people.

Once a tool or a technology is created, it finds uses much beyond its original intended purpose.

There are a lot of ways terrorists can be monitored and terrorist attacks be avoided; besides such all encompassing electronic surveillance of every citizen.

We believe tools like Prism are avoidable shortcuts that do more harm than good.

reply to post by SonOfTheLawOfOne


This is incorrect:

Instead, they try to look for the key identifiers in the traffic, narrow it down to a specific place, such as an email that was sent through Google, and then get a warrant with "probable cause" to request that Google provide them with every piece of data that they want on that individual since Google owns the private encryption key used, which is what they actually need the warrant for. Only Google can decrypt their secure traffic.

most systems use a combination of public-key and symmetric key encryption. When two computers initiate a secure session, one computer creates a symmetric key and sends it to the other computer using public-key encryption. The symmetric key is discarded once the conversation completes, so tell us again how the message is decrypted?

reply to post by GArnold

The federal surveillance programs revealed in media reports are just “the tip of the iceberg,” a House Democrat said Wednesday. Rep. Loretta Sanchez (D-Calif.) said lawmakers learned “significantly more” about the spy programs at the National Security Agency (NSA) during a briefing on Tuesday with counterterrorism officials. “What we learned in there,” Sanchez said, “is significantly more than what is out in the media today.” Lawmakers are barred from revealing the classified information they receive in intelligence briefings, and Sanchez was careful not to specify what members might have learned about the NSA’s work. “I can’t speak to what we learned in there, and I don’t know if there are other leaks, if there’s more information somewhere, if somebody else is going to step up, but I will tell you that I believe it’s the tip of the iceberg,” she said.

thehill.com...

About Gen Alexander the most powerful person in the US now IMO.

INSIDE FORT MEADE, Maryland, a top-secret city bustles. Tens of thousands of people move through more than 50 buildings—the city has its own post office, fire department, and police force. But as if designed by Kafka, it sits among a forest of trees, surrounded by electrified fences and heavily armed guards, protected by antitank barriers, monitored by sensitive motion detectors, and watched by rotating cameras. To block any telltale electromagnetic signals from escaping, the inner walls of the buildings are wrapped in protective copper shielding and the one-way windows are embedded with a fine copper mesh. This is the undisputed domain of General Keith Alexander, a man few even in Washington would likely recognize. Never before has anyone in America’s intelligence sphere come close to his degree of power, the number of people under his command, the expanse of his rule, the length of his reign, or the depth of his secrecy. A four-star Army general, his authority extends across three domains: He is director of the world’s largest intelligence service, the National Security Agency; chief of the Central Security Service; and commander of the US Cyber Command. As such, he has his own secret military, presiding over the Navy’s 10th Fleet, the 24th Air Force, and the Second Army. Alexander runs the nation’s cyberwar efforts, an empire he has built over the past eight years by insisting that the US’s inherent vulnerability to digital attacks requires him to amass more and more authority over the data zipping around the globe. In his telling, the threat is so mind-bogglingly huge that the nation has little option but to eventually put the entire civilian Internet under his protection, requiring tweets and emails to pass through his filters, and putting the kill switch under the government’s forefinger. “What we see is an increasing level of activity on the networks,” he said at a recent security conference in Canada. “I am concerned that this is going to break a threshold where the private sector can no longer handle it and the government is going to have to step in.”

thehill.com...

I am not knocking your post at all. I think you nailed aspects of this. I think this is so highly classified and compartmentalised that maybe 10 people know the full scope of the spying. You have done a good job with the very limited information we have been given.

Listening to NPR now and they are talking about this subject. Dick Cheney was just on in response to this.

He said "these are not your personal private records. These are business records of major telecommunications companies".

Originally posted by HanzHenry

Originally posted by SonOfTheLawOfOne

Originally posted by WaterBottle
Then why even bother getting a warrant....

You must have missed the explanation for the warrant...

The NSA can't decrypt all of the secure / SSL traffic that they have. They can see the bits that are unencrypted. They inspect that traffic for "signs" of behavior that should be flagged. However, if all of your email is sent over SSL, it could take them days, weeks even months to decrypt all of your email. Same with chats or instant messages. The warrants are because they are not allowed to have the super duper secret encryption key that Google, or Facebook, or whoever uses, to encrypt their traffic, so they issue the warrant to bypass that problem and just get the decrypted data from the company.

I hope that makes sense.

~Namaste

Thats is PURE MULARKEY! takes them weeks.. pfft

who are you trying to fool? That "encryption" is so pathetically easily "cracked" by the Govt.

I was a Telecom Specialist and suffered thru massive amounts of schooling. And held a TS.

So please enlighten us as to how this is done? The best method that doesnt involve "cracking" ssl is to proxy the connection. Really this is just a "man in the middle" attack where you think you are commu nicating with a remote site when in fact you are communicating with a proxy that sets up two sessions, one with you and the other with the site you are trying to get to. This technology is commercial these days meaning you can buy it from networking vendors. No big secret. To suggest that the govt has a "master key" rubs against the way that ssl encryption actually works.

Also worth noting that there are multiple types of SSL/TLS algorythms used on the internet. SSL using RC4 is weak and the first 247 bytes can be un-encrypted fairly easy but to get the whole message takes more time/computing power. Other flavors of SSL/TLS are more challenging. To suggest that the Govt has the ability to seamlessly unencrypt all of the SSL traffic it captures and considers interesting is doubtful. I submit that setting up proxy servers to intercept traffic they want to look at would be easier.

Originally posted by SonOfTheLawOfOne

Originally posted by WaterBottle
Then why even bother getting a warrant....

You must have missed the explanation for the warrant...

The NSA can't decrypt all of the secure / SSL traffic that they have. They can see the bits that are unencrypted. They inspect that traffic for "signs" of behavior that should be flagged. However, if all of your email is sent over SSL, it could take them days, weeks even months to decrypt all of your email. Same with chats or instant messages. The warrants are because they are not allowed to have the super duper secret encryption key that Google, or Facebook, or whoever uses, to encrypt their traffic, so they issue the warrant to bypass that problem and just get the decrypted data from the company.

I hope that makes sense.

~Namaste

I suspect that their new Utah facility will have enough power to decrypt the traffic in a matter of minutes. Let's face it, we're doomed

reply to post by Mike.Ockizard


w/o actually going "snowden" on you, how can i explain?

do you have access and knowledge of all the tools in the box?
do you actually believe there isn't equipment being used that happen to be MORE advanced than you are aware?


this may be too out there of an anology.. but remember the word compartmentalization... now you have many dsc's established that re-segment encrypted data in a way that is unlike what you think it does.. THAT IS THE ILLUSION and SMOKESCREEN hidden within the remarks by Clapper. Its hard to tell them unless you have actually been 'on the inside'.
analogy.. these independent dsc's are one thing, but when combined like Voltron.."become a whole new animal".. thats easiset way to describe it.

I have been stationed at a place on the west coast you have NEVER known about. and we monitored EVERTHING in the PAC.. and btw.. frequencies dont stop traveling at the shoreline

Originally posted by WaterBottle
Then why even bother getting a warrant....

because when you issue a warrant for a wire-tap and it goes public, they can say legal procedures were being followed leaving people who don't know how big this is to feel all warm and fuzzy inside. (safe) which in turn doesnt raise a lot of questions and their secret programs remain secret.

They could easily wire-tap without a warrant and when they find info on someone they can always bring it to a judge and make it official... then claim the data they found was obtained legally. leaves a lot of loopholes and the secrecy behind it definitely leaves windows open for corruption and misuse of this tech.