PRISM - Is Not What You Think (Illustrated)

Originally posted by jimmyx
...all code is basically about the "on/off gates"...anything that is written, can be read. mind-numbing tedious line code search replaced by algorithms. there are "codeheads" out there that live and breathe this stuff. encryption is seconds new and minutes old.....my cliché list

Yea, I'm one of them.

It's not just on or off, 1 or 0... there's a bit more to it. How are those ons and offs, 1's and 0's arranged? In what order? How is that order defined? Is it completely random, with a formula determining the random order or is it a well-defined order?

Encryption is a science in itself that involves math more than anything else. There's no silver bullet to decrypting things, and no book with a list of instructions on how to break encryption unless it's already been done.

~Namaste

Originally posted by Variable
reply to post by SonOfTheLawOfOne

 

Where are you getting that they need a warrant to get at encrypted traffic only? They need a warrant to make the snooping legal so it's actionable in a court. But i think i understand what your saying, (it really depends on the type of traffic though) if the FBI wants to read your emails then they can simply go to your Mail host and get whatever they have on the server and ongoing emails copied, Facebook, Google for your searches and traffic patterns, Verisign for cell records.

But it sounded like your saying they (US Intelligence) are sniffing and storing all your data and THEN, if the unencrypted data flags something, they go back and get a warrant and then can read all your old encrypted packets. That is a whole different ball game and i don't think that's what happens. Not in my experience.

Also, read what Snowden said, he never talked about Prism like your talking about. He was talking about collecting data from Endpoints i.e. Cell phone, email, application providers. Where your data is stored. He never talked about mass culling of data from tier one providers. If he did i didn't see that.

What your talking about is when it was released that the US was snooping on pipes that are on the perimeter of the US data grid after 911 and I'm sure that is going on. Those are not just Internet traffic, they are also phone calls....

This whole thing is very complicated. If you don't understand the technology its easy to fool ignorant people. It is NOTfair to say that the US Government is looking at all Mr and Mrs Joe Blows US citizens packets and looking for key words. That is not true. Nothing points to that.

V

edit on 6/17/2013 by Variable because: typos

Your second paragraph is correct. The Narus deep packet inspection is basically flagging chunks of packets that it correlates based on things that they tell it to look for, but they still capture everything. At the other end of the firehose of data coming from all of the different data exchange points, they only look for the packets or chunks of data that have the flag and don't really pay attention to the rest, it's just noise. They still record it because there might be encrypted packets or other data that need later. But at that point, they've already invaded your privacy.

Once the flagged data comes through, it is usually presented immediately to an NSA analyst who can take the flagged data and look at its context to see if you are joking about something, seriously planning something, or already did something and are bragging about it. There is no warrant involved at this point, yet someone is looking at your data, private and all. If the analyst believes there is reason to suspect you for any other activity, they will get the FISA warrant to dig further, and in case they find something, they have to already have obtained the warrant for them to go to a regular / Federal court and say that they followed due process, otherwise no matter what you did, it will likely be thrown out on the technicality.

The other option, is that they can get the warrant on probable cause, and if you have your data encrypted on your hard drive, and you don't give up the password for it, they can hold you indefinitely until you do. (there's another post on ATS about this)

Either way, they are invading your privacy and snooping on you before they get the warrant. Otherwise, they have no evidence to get the warrant in the first place because they have to present probable cause to the FISA court, meaning, that they have already found something, some bit of data that was flagged, to give them the impression that you are doing something wrong.

~Namaste

Originally posted by LastStarfighter
reply to post by SonOfTheLawOfOne

 

Most fascinating. Thanks for supplying this easy to understand information. I have a question however. Do you know how the NSA was allowed to install their secret "rooms" where a portion of the data is syphoned into. Why did, google, for example, allow NSA to attach a box to their system and agree to keep quiet about it?

The Government leases the telecommunications lines from companies like ATT, where ATT "blocks" off an entire portion of the network exclusively for government use. Normally, the Feds use the networks to do voice conferences and secure phone calls, secure communications, so they have private rooms that nobody can gain access to.

It doesn't happen at Google, and nobody accesses their lines directly. The way the rooms for the NSA got set up was through the TIA during the Bush administration. It allowed for the rooms to be set up by the NSA, and by the time people realized that their rights were being trampled on, they "shut down" the program, but never removed any of the equipment, and then later re-coined the TIA to something else to resurrect it. In typical government fashion, they buried things in bureaucracy, making it very hard to figure out how this happened. Look into the TIA a bit and you'll see how they were able to build the rooms.

~Namaste

reply to post by Variable


Great follow-up post.

I'd be interested in hearing where you think my technical points were misleading, I might be able to clarify or correct if I didn't convey them properly, it definitely isn't from a lack of knowledge or understanding; sometimes it's just difficult to explain it in a non-technical way.

I could talk about the standard RSA provider, and the differences between TripleDES and AES encryption, why the length of passwords and private keys matter, how public and private keys work, Vernon encryption, one-way hashes and salts... but I'd probably lose a majority of the readers.

~Namaste

Originally posted by Mike.Ockizard
reply to post by SonOfTheLawOfOne

 

This is incorrect:

Instead, they try to look for the key identifiers in the traffic, narrow it down to a specific place, such as an email that was sent through Google, and then get a warrant with "probable cause" to request that Google provide them with every piece of data that they want on that individual since Google owns the private encryption key used, which is what they actually need the warrant for. Only Google can decrypt their secure traffic.

most systems use a combination of public-key and symmetric key encryption. When two computers initiate a secure session, one computer creates a symmetric key and sends it to the other computer using public-key encryption. The symmetric key is discarded once the conversation completes, so tell us again how the message is decrypted?

I apologize if I wasn't clear enough, however I don't think you fully understand how an RSA provider works, and should present proof of your argument before you flat out claim that I'm incorrect.

It's the private key that is the prime factor in RSA encryption, and without knowing that factoring logic that results in the encryption of the message being sent, there is no way to decrypt the message.

Let's say I (server) want to send you (client) a message that is encrypted. I have a public key and a private key. I give you the public key and you use it to turn your message from text into a bunch of numbers. Everyone (all clients / users) get the public key, not the private one, only I know the private key. This is the message that will be sent to me (the server). When I (the server) gets the message, I will use the private key to decrypt, not the public key.

You're misunderstanding what a symmetric key is. Nobody actually uses symmetric keys because that would require that both parties have the private key, making it insanely easy to hack. (Google it if you don't believe me) This is an implementation detail of how someone decides to set up their security, but from experience, I can say that this is not the norm and is only common with highly trusted partnerships between parties, not for public use over the internet.

I think you're confusing one type of encryption with another. Today's norm is mostly based on the RSA model, and most data exchanges are encrypted using a public and private key based on the RSA model for SSL to encrypt the wire (transport / transmission), along with AES encryption for the inner contents of the message. It's because of this complexity that they can capture your traffic but can not decrypt it.

~Namaste

This is very interesting. Wish I knew these kinds of stuff.... Thanks OP!

Originally posted by SonOfTheLawOfOne

Originally posted by AllIsOne

Originally posted by Variable
reply to post by AllIsOne

 

NSA/CSS capabilities are not current. They are at least 20 years ahead of what we have.

This does not appear to be so. Quantum computing isnt for real yet. If it ever does become the real deal, the world changes. .....

Really, ...

www.forbes.com...

And this is the stuff they publish ...

Yes, really.

In some optimization problems, the D-Wave handily beat the test PC—finding solutions up to 3,600 times faster. But unless the problem is specially tailored to fit the quantum computer, it has to be translated. The D-Wave performed on par with the classical computer when working on problems in need of translation.

There is still doubts that the system actually makes use of true quantum effects. It's been hotly disputed even though it is gaining more support. It will still be quite some time before it's efficient enough to deal with strong encryption, but it will happen.

Source

Gave you a star, but you seem to miss my point entirely. I need to work on my communications skills :-( I'm trying to say that this is stuff they openly publish. I still maintain that the NSA/CSS (not FBI) has capabilities that are at least 20 years ahead of what we currently know exists.

Do you think that current encryption algorithms can be hacked given quantum computation paired with advanced AI are a reality? I think the answer is obvious ...

PS: When they go to court they need old fashioned proof that is admissible and they don't want to tip their hand re advanced capabilities.

reply to post by SonOfTheLawOfOne

'd be interested in hearing where you think my technical points were misleading, I might be able to clarify or correct if I didn't convey them properly, it definitely isn't from a lack of knowledge or understanding; sometimes it's just difficult to explain it in a non-technical way.

What I (and Mike.Ockizard,) seemed to think you were saying was that, a warrant, somehow gave the FBI or NSA the ability to suddenly decrypt your encrypted traffic. You explained in a rebuttal post. I concur with what you said in the rebuttal. The problem is the limits of understanding of the subject matter and the implied meaning when typing up posts. You type one thing and someone reads it differently. The whole subject is complex and explaining every nuance is difficult. I think were on the same page now as far as encryption goes.

Now, the other point where we disagree, you continue to think that the NSA or whomever is still storing all the data through these traps using Narus. Let me through this quote at you.

Instead of grabbing everything that passes, the ITA watches for anomalies in traffic and aggregates packets into two kinds of "vectors" for each session: a human-readable transcript of all the packets in a particular connection, and an aggregation of all the application data that was sent in that session.

Narus explained

Further, in the same article:

“Typically with a 10 gigabit Ethernet interface, we would see a throughput rate of up to 12 gigabits per second with everything turned on. So out of the possible 20 gigabits, we see about 12. If we turn off tag pairs that we’re not interested in, we can make it more efficient."

Were we seem to differ is the amount of storage possible. There is simply no way the NSA, or anyone for that matter, can capture to storage ALL data flowing over these cables.

Here is another quote in the Arstechnica article:

Considering that, according to Cisco, the total world Internet traffic for 2012 was 1.1 exabytes per day is physically impossible, let alone practical, for the NSA to capture and retain even a fraction of the world's Internet traffic on a daily basis.

Now, i know this references world wide internet traffic but let's agree that all US data traffic still greatly exceeds any method of storage. The Narus units look for specific data and they capture interesting traffic BUT only interesting traffic.

Further, I watched the C-Span coverage with the FBI and NSA. I humbly suggest, any interested readers watch this. C-SPAN NSA coverage

At the end, several Representatives flatly ask pointed questions that are being debated here on AboveTopSecret. They flatly deny what many posts are suggesting. They are under oath and before congress. I watched it and I believe these guys are on the level. I know this is a conspiracy site and many will flatly deny what they are saying, but i think it behooves all of us to watch it.

This testimony directly refutes that all US domestic data traffic is being monitored and stored. I work in the field, i humbly suggest that the amount of US data traffic could simply not be stored. Now, given that, we need to understand the devil is in the details. But it still seems they need warrants to store US data.


V

Good thread.

My understand is that it's like a web-bot service which analyzes every piece of data and shows what is most relevant and pressing. They have access to it all but only investigate things which would jeopardize national security, whilst other low-priority threats are handled in other ways. As for the rest of the data, it's probably accumulating somewhere until they develop a program sophisticated enough that can analyze it all. At which point every single person in the world will be categorized in a database with every known piece of information. That's assuming they haven't done this already.

It's not just invasion of privacy but a form of control, which if left unchecked will lead to greater levels of control and manipulation. It extends beyond personal privacy because you have to consider company secrets, the advantages of knowing stock market changes before they happen, being able to steal technological inventions from other companies and much more. Don't forget that as technology progresses it will only become more sophisticated and one day we could be faced with mind reading and mind control in the hands of the NSA.

reply to post by FyreByrd

As far as I know, PGP can only be broken by brute force (which can take the best tech we've got years to achieve) and the guy who invented it met with a strange end…… There is no breaking this form of encryption without the receivers private key.

Originally posted by FyreByrd

Originally posted by SonOfTheLawOfOne

He is partially correct. Any traffic that is not explicitly encrypted is fair game and can be inspected or listened in on in a real-time fashion. So they do not need warrants for that. But let's say the only non-secure data you send over the Internet is text messages from your phone? (not encrypted) They can listen to those, and if one of those messages has the right words in it, it will get "flagged". Next, they start focusing on all of your Internet traffic and find that you are doing all email and everything else with SSL encrypted traffic. They can't just decrypt it, but sometimes they can, it depends on the level of encryption. But in most cases, it will take them too long, so they just get the warrant and ask the company that you're using for your email to decrypt it for them and provide them the unencrypted data.

~Namaste

About the encryption, bear with me - not even close to my field: I seem to recall - in the 90s sometime - a huge flap over PGP or Pretty Good Protection or some such. The flap was that the encryption was so good the government couldn't break it and was, well, pissed because they didn't have a Master Code so to speak. My memory is that the case with encrytion schemes up to that point had provided the government with such a Master Key. Does this ring any bells.

I get the 'no access' to propietary servers - just a split of data stream. Check. But they still are in possession of the entire data stream - not only the government but private contractors with allegence to their company not the constitution - I digress.....

Originally posted by ugie1028

Originally posted by WaterBottle
Then why even bother getting a warrant....

because when you issue a warrant for a wire-tap and it goes public, they can say legal procedures were being followed leaving people who don't know how big this is to feel all warm and fuzzy inside. (safe) which in turn doesnt raise a lot of questions and their secret programs remain secret.

They could easily wire-tap without a warrant and when they find info on someone they can always bring it to a judge and make it official... then claim the data they found was obtained legally. leaves a lot of loopholes and the secrecy behind it definitely leaves windows open for corruption and misuse of this tech.

But can you or anybody else give a single good reason why they would do all this on somebody suspected of being innocent?

The point still stands, why would they wast time money & resources spying on people for no good reason, but nobody has explained this madness to make any sense for there speculations, and nobody has a better alternative & solution to these programs, i think its a none brainier that these programs are here to stay unless we end up back in the dark ages

Originally posted by Eonnn
Good thread.

It's not just invasion of privacy but a form of control, which if left unchecked will lead to greater levels of control and manipulation.

How can any government/country function without control?

How can civilization continue without organisation & control?

Places where there is lack of rules, order and control in the world, are called 3rd worlds & failed states if this is for you then fine, if not, perhaps you should consider living on a desert island away from civilization

reply to post by TritonTaranis

It's not about having no control, it's about not going overboard on control.

You want the short, to-the-point, eplaination of why the NSA & counter-intel spooks in the military signal corps call the sysytem 'PRISM'


it is because of what a Prism does.... it takes a input source of sunlight (info/data) and breaks the beam (info) down into its seperate components...

recall the colors alerts used to alert the public of just what stage of readiness we need to be in with regards to terror threats...


this works the same way.... info is collected then compiled into groups of individuals

(ROY G BIV) are the categories of interest which every person living in the USA is being lumped into

the R people, in the 'Red danger' class have very dangerous affiliations & contacts, also they will fall into the broad-sprectrum warrent of getting hacked and taped conversations made for further analysis by agent-analysts in NSA etc


the V people, in the docile 'Violet' class are not worth investigating any further


so "Prism" stands for 7 levels of interest in all your communications and emails & lifestyle choices


the first three which correspond to the colors of light that seperate by using a Prism are the 'Persons-of-interest and would likely not get shipped to a FEMA Re-education camp in the future... they should get erased instead




i am trying my best to get myself classified as an I (indigo) or V (violet) class person on the anti-govt scale of potential anarchists/revolutionaries under the PRISM protocols


theres no use trying to spell it out any clearer... the OP made a good but ill fated attempt ... it was too convoluted for government policy, platforms, protocols...


thanks for being attentive

Originally posted by TritonTaranis

But can you or anybody else give a single good reason why they would do all this on somebody suspected of being innocent?

The point still stands, why would they wast time money & resources spying on people for no good reason, but nobody has explained this madness to make any sense for there speculations, and nobody has a better alternative & solution to these programs, i think its a none brainier that these programs are here to stay unless we end up back in the dark ages

The problem is when They have a pretty different idea about what "innocent" means than ordinary citizens do. Witness China.

Already the idea of a secret court whose decisions are secret and can't be challenged as a "check" to control a secret program whose magnitude and scope can't be discussed sounds, quite literally, like something one would read about in a bitterly sarcastic book by Solzhenitsyn.