×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

GCHQ Tapping UK Fiber-Optic Cables

Soulskill posted about 10 months ago | from the points-for-consistency dept.

United Kingdom 157

An anonymous reader writes "According to The Guardian, the UK government is tapping fiber-optic cables that carry global communications and gathering vast amounts of data. The British Government Communications Headquarters (GCHQ) has been sharing the data with its American counterpart, the NSA. 'The sheer scale of the agency's ambition is reflected in the titles of its two principal components: Mastering the Internet and Global Telecoms Exploitation, aimed at scooping up as much online and telephone traffic as possible. This is all being carried out without any form of public acknowledgement or debate. ... The documents reveal that by last year GCHQ was handling 600m "telephone events" each day, had tapped more than 200 fibre-optic cables and was able to process data from at least 46 of them at a time.'"

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

157 comments

Spy PR Gaffe (2)

Anonymous Coward | about 10 months ago | (#44078285)

Mastering the Internet and Global Telecoms Exploitation

Christ, who names this stuff? That's worse than "Boundless Informant." Why don't they call these programs something friendly like "Shamrock" or "Blarney?"

Shamrock was already taken. No, really (3, Interesting)

decora (1710862) | about 10 months ago | (#44078551)

Check wikipedia for project Shamrock

"The Armed Forces Security Agency (AFSA)[2] and its successor NSA were given direct access to daily microfilm copies of all incoming, outgoing, and transiting telegrams via the Western Union and its associates RCA and ITT. "

Re:Shamrock was already taken. No, really (3, Informative)

Anonymous Coward | about 10 months ago | (#44079015)

GP knew that. That's why he picked the words "Shamrock" and "Blarney" out of all the many words of the English language. Shamrock was one of the first NSA bulk-collection projects; Blarney is a current project that's said to gather metadata like device location information (you know, like how all your iPhone photos get GPS tagged if you're not careful?). Blarney is PRISM's lesser-known cousin.

Re:Spy PR Gaffe (2, Funny)

Anonymous Coward | about 10 months ago | (#44078555)

You have to admit the U.S. has an edge on marketing. PRISM sounds much better.

Re:Spy PR Gaffe (1)

Anonymous Coward | about 10 months ago | (#44078811)

PRISM sounds much better.

..until you learn that it actually stands for "Privacy Removal In Social Media"

Re:Spy PR Gaffe (0)

Anonymous Coward | about 10 months ago | (#44079171)

The logo [wikipedia.org] looks promising.

Re:Spy PR Gaffe (0)

Anonymous Coward | about 10 months ago | (#44079003)

Because in U.K., where man is a man and any boy can grow up to be Queen, the GCHQ is tapping each other in a display of buggery not seen since the NSAs Health Awareness Day, when they all went down to the gym and pumped each other. Only Secret Service gets bills for ho party and this is discouraged
In Soviet Union, our Kremlin are not sissyboys, but instead are swinging guys who get all the foxes. See, plan to make the west into sissy boys by putting their food in plastic to increase their estrogen levels is big success. Contact fearless leader....

Re:Spy PR Gaffe (3, Funny)

lxs (131946) | about 10 months ago | (#44079085)

Indeed. "Mastering the Internet" sounds like an evening class that teaches old people how to use email and facebook.

And so (5, Insightful)

Impy the Impiuos Imp (442658) | about 10 months ago | (#44078287)

Ladies and gentlemen, history will title this period "1983".

Re:And so (0)

Anonymous Coward | about 10 months ago | (#44078429)

+ 1 DoublePlusGood (Maybe NewSpeak was invented in 1983?)

Re:And so (4, Interesting)

ObsessiveMathsFreak (773371) | about 10 months ago | (#44078513)

Reading history, you frequently come across periods where you wonder "How could people put up with this?" or "Why didnâ(TM)t they just do X" where X is the solution which was eventually reached 20 years later.

Looking at the modern world, I realise I'm living in just such a period. A pity I'm not longer "smart" enough to figure out what the current X should be. I guess I may have been a little too hard on all those "stupid" societies in the past.

Then again, maybe it's not wrong to think that they and we are just, actually stupid.

Re:And so (4, Insightful)

similar_name (1164087) | about 10 months ago | (#44078731)

A pity I'm not longer "smart" enough to figure out what the current X should be.

Don't worry. Even if you figured it out, half of the population would be dead set against you.

Re:And so (1)

Anonymous Coward | about 10 months ago | (#44078987)

I think the problem is we all know what the solution is going to be, but none of us really want to have to stomach it. We are, in reality, a bunch of pussies and will let the government do whatever they want to us as long as we have relatively cheap gas and the starbucks keeps the coffee flowing. No one wants to give up their quality of life to fix this for future generations. Tell me that isn't true...

Re:And so (2)

tukang (1209392) | about 10 months ago | (#44079389)

The solution is to let the gov't know we won't stand for this. If a large enough number of people protest, the government will listen but yes the question is whether Brits & Americans have become too pussified for this to happen. But just because something doesn't seem possible today doesn't mean it isn't possible. Just look at the protests in Brazil:

Just a few weeks ago, Mayara Vivian felt pretty good when a few hundred people showed up for a protest she helped organize to deride the government over a proposed bus fare increase ... But when tens of thousands of protesters thronged the streets this week, rattling cities across the country in a reckoning this nation had not experienced in decades, she was dumbfounded, at a loss to explain how it could have happened. https://www.nytimes.com/2013/06/21/world/americas/brazil-protests.html [nytimes.com]

Millions protest in Brazil [youtube.com]
Brazilian girl calls to protest (english sub) [youtube.com]

Re:And so (2)

lxs (131946) | about 10 months ago | (#44079147)

X should be mandatory end to end encryption on all private communication. That way, if it's not encrypted it's fair game for eavesdropping. If it is, the communication should legally be treated as sealed envelope.
Spy agencies will still surreptitiously intercept the communication and try to break the encryption, but at least they'll have to work for it. If they have to work hard enough blanket screening will become impractical.

Re:And so (4, Informative)

Kjella (173770) | about 10 months ago | (#44078595)

Nah, Orwell wasn't even close. He might have been close to predicting STASI in East Germany, but this would have been far, far into science fiction. In his story they might have had telescreens but it was always humans watching humans. Huge segments of the population were informers, everybody was aware the Party had eyes and ears everywhere. Ask yourself, how many of the US/UK population knew these programs even existed? I'm guessing thousands out of hundreds of millions. And if the power that be take one lesson away from this it's not going to be the one you want, it's that humans are a liability. They suffer from a conscience and believing in the constitution, also called espionage and treason. Which is why more of this is going to be automated with fewer in the "need to know".

I'm quite sure China has just the same kind of systems - if not better - to track dissidents, you say something bad about the regime on any media flags start going up around you. The computers will do what their masters instruct with utter dedication. The only good news for now is that you still need human thugs to do the dirty work of throwing people in jail, but we're making progress towards changing that. We already have bomb disposal robots, I'm guessing a team of SWAT robots isn't that far behind. And if it comes to actual civil war more and more weapons are "smart weapons" that won't work for the rebels, did a tank operator defect to the enemy? Throw the kill switch. The deck is getting more and more stacked against any insurrection against any regime for any reason.

Re:And so (2)

cold fjord (826450) | about 10 months ago | (#44078865)

Ladies and gentlemen, history will title this period "1983".

History can be a tricky thing, especially when you are projecting into the future to determine what "the history" will be.

For all we know the current period could in fact be not "1983," but rather "1938." Will one of the many crisis or conflicts be the Sudetenland [japandailypress.com]? Will one of them turn out to be the invasion of Poland [indiatimes.com]? There are plenty of candidates.

Let us hope a shooting war between the major powers doesn't start any time soon.

Lord West: cut foreign aid to defend the Falklands [telegraph.co.uk]

He said: “I am horrified our naval flotilla now comprises only 19 frigates and destroyers.

"In the Falklands, in the first month of fighting, we had four sunk and 14 damaged. That makes you think. We seem to have forgotten that when you fight you lose things.

"Here we are with 19 frigates and destroyers. Are they bonkers? Are they mad? How have they allowed this to happen?”

Re:And so (2)

Richard_at_work (517087) | about 10 months ago | (#44079471)

Yes, our navy is much diminished these days, but it is of a much higher quality than in 1982. Today, we have multiple submarines that could take part in tactical strikes on both the islands and the Argentinian mainland rather than just the one submarine that had to stand off from the fight and could only be assigned to shadowing the Belgrano. Today we have a fleet with air defences that are order of magnitudes better than those of the fleet in 1982 (at least one of the major sinking was due to the recently installed systems randomly crashing). Today we have a detatchment of modern warplanes on the islands themselves, rather than just a tired detatchment of soldiers defending them.

And all of that ignores the fact that the Argentinians haven't progressed their forces at all in the intervening period!

Re:And so (0)

Anonymous Coward | about 10 months ago | (#44078971)

Ladies and gentlemen, history will title this period "1983".

We fear _1984_ while living _Brave New World_.
— run4yourlives, https://news.ycombinator.com/item?id=5907359

Re:And so (1)

tukang (1209392) | about 10 months ago | (#44079237)

There was of course no way of knowing whether you were being watched at any given moment. How often, or on what system, the Thought Police plugged in on any individual wire was guesswork. It was even conceivable that they watched everybody all the time. But at any rate they could plug in your wire whenever they wanted to. You had to live--did live, from habit that became instinct--in the assumption that every sound you made was overheard, and, except in darkness, every movement scrutinized.

Terrorists! (4, Insightful)

Anonymous Coward | about 10 months ago | (#44078325)

Terrorists: Ooga booga booga!
People: Oh, no! The terrorists are going to get us! Let's give away some of our rights to catch them!
Government: Trust us. We definitely won't abuse the power you've given us.
People: Yeah, there's no way you could abuse unchecked power; it's unthinkable.
People: Hey, you're abusing your power!
Government: National security.
People: Oh, okay.

Re:Terrorists! (2)

cold fjord (826450) | about 10 months ago | (#44078967)

The most innovative theater going these days is not "security theater,' but "civil rights theater." As demonstrated above, the dialog is ever more scintillating and persuasive. The plots ever more colorful. The fiction ever more developed. The distraction from the real world ever more enticing. But every once in a while, ugly reality blows up in your face, with the threat to do so again.

7 July 2005 London bombings [wikipedia.org]
Major terror attack on scale of 7/7 foiled every year in UK, police reveal [telegraph.co.uk]
At Least 4,000 Suspected of Terrorism-Related Activity in Britain, MI5 Director Says [washingtonpost.com]
MI5 warns al-Qaida regaining UK toehold after Arab spring [guardian.co.uk]
What do British Muslims think of the UK? [telegraph.co.uk]

These results are from a poll of Muslim students:
– 33% claim that killing is justified if done to protect religion.
– 40 percent support the introduction of sharia for British Muslims.
– 33 percent support a worldwide Islamic caliphate based on sharia.

Well, enjoy the show. Don't worry if you miss today's performance, it will have a long run.

Re:Terrorists! (0)

Anonymous Coward | about 10 months ago | (#44079027)

So, do you honestly think that posting links is going to convince people who think that the importance of liberties trump safety that the importance of liberties do not, in fact, trump safety? Do you honestly think that more than a minuscule portion of people who read this website will actually change their minds because you reveal the obvious fact that terrorists actually exist?

You're seriously an idiot. As someone who values liberties more than safety, I can the only thing you're good for is being ridiculed. Posting random links of supposedly foiled plots is not going to convince me because, as I just revealed, I believe that rights are more important than being safe from terrorists/rapists/what have you.

There is no "civil rights theater." Civil rights are actually real, unlike much of the security the government claims to be giving us (not that it matters whether or not the security exists, so don't bother posting more links).

Re:Terrorists! (1)

WOOFYGOOFY (1334993) | about 10 months ago | (#44079427)

These results are from a poll of Muslim students:
â" 33% claim that killing is justified if done to protect religion.
â" 40 percent support the introduction of sharia for British Muslims.
â" 33 percent support a worldwide Islamic caliphate based on sharia.

Yeah but those numbers are similar to the numbers Christian post in our well developed, secular democracy_

- 33% believe Christianity should be the state religion:
http://www.huffingtonpost.com/2013/04/06/christianity-state-religion_n_3022255.html [huffingtonpost.com]

oh, and about those 33%....

http://www.theocracywatch.org/ [theocracywatch.org]

You can pretty much rest assured that they would answer the first two questions in the affirmative if they were ever permitted to come to the kind of power they seek.

Radical Islam is no joke, but it's not that different from the 33% of Americans who are merely held in check by the fact of being embedded within the context of a civil, secular society ...

but why? (2)

acedotcom (998378) | about 10 months ago | (#44078339)

this is what i dont understand...why is there a "need" for all of this. they arent stopping "terrorism" nor are they really using it in a way thats stopping any major crimes. dont get me wrong, i am weird and 100% opposed to all of this. but who are they protecting with all of this data mining?

Re:but why? (3, Informative)

Sponge Bath (413667) | about 10 months ago | (#44078389)

The people in charge and their rented politicians need power and money.

Re:but why? (0)

Anonymous Coward | about 10 months ago | (#44078715)

and information gathering helps protect both.

Re:but why? (3, Insightful)

Anonymous Coward | about 10 months ago | (#44078409)

Probably a case of institutional panic. You know, like others are so deathly afraid of child porn on the internet that they're loudly clamouring for (and getting!) nation-wide filtering against "badness" on anyone's internet connection. Nevermind that most actual child abuse happens within families or other obvious relations of trust, like teachers or preachers. Similarly with terrorism on the internet and espionage on the internet and clamouring for "cyber-offensive capabilities" or whatever it's called this week. Or... ah you get the picture. The internet is quite a fsckton of traffic, collecting is easy once you have the infrastructure, and most of the analysis can be automated.

Also a case of "let's see how far we can take this". Because, hey, they can claim it's all for the good of the country (of course) and it means they can spend spend spend on shiny spendy toys! Isn't that fun?

They have to, of course, since it's a clear case of catching up to the industry with their big data and things, you know. And so on. I'm sure there's plenty of other perfectly reasonable (to bureaucrats and/or politicians) reasons to be thought of.

Because, simply put, signals intelligence is what these outfits do. And what bigger source of signals than the internet?

Re:but why? (0)

Anonymous Coward | about 10 months ago | (#44078949)

Can you imagine how much child porn is stored at the NSA?

Do you want them to win? (0)

Anonymous Coward | about 10 months ago | (#44078419)

My god man - don't you know that questoning your govenment is what the terrorists want you to do?

Re:but why? (3, Interesting)

Jeremi (14640) | about 10 months ago | (#44078437)

why is there a "need" for all of this. they arent stopping "terrorism" nor are they really using it in a way thats stopping any major crimes.

I don't mean to defend the program, but what makes you so certain it does not (and cannot) detect terrorist plots? That would be the stated purpose, anyway, and when a plot is detected and pre-empted, they wouldn't publicize how they did it, as doing so would give other terrorists information on how to avoid detection.

Binary thinking is an oversimplification -- it's perfectly possible for a program to be both an Orwellian privacy nightmare AND an effective tool for catching terrorists.

Re:but why? (2)

acedotcom (998378) | about 10 months ago | (#44078507)

i didnt say that cant, im saying they arent. if this program was so effective they would be singing its praises nonstop, by their own admission (in the US at least, they have only prevented but stopping a handful of terror events that werent dependent on it) seems like an odd investment in the technology. you are right, you can have tools that are great at preventing crimes and the trade off is that it is an Orwellian nightmare.

Re:but why? (2)

Jeremi (14640) | about 10 months ago | (#44078935)

i didnt say that cant, im saying they arent. if this program was so effective they would be singing its praises nonstop, by their own admission

Only if they thought they could do so without compromising the program's continued effectiveness.

In any case, the more likely answer to your question is that there simply aren't that many terrorist plots around to foil.

Re:but why? (0)

Anonymous Coward | about 10 months ago | (#44078593)

If they actually DID stop a terrorist...

They'd be on every news channel TELLING us. They wouldn't be able to stfu about it for weeks.

Re:but why? (0)

Anonymous Coward | about 10 months ago | (#44078619)

No, it cannot. It may catch some dumbasses wanabe terrorists, but it will be completely ineffective against the real ones with minimum training. Even if they use Internet to send information online (which is unlikely), it will be heavily encrypted. And no, is not possible to decrypt every message sent, even with an unlimited amount of resources. One of the simplest form of encryption (bitwise xor) by itself is enough to secure ANY form of communication if a sufficiently large key is used (preferably larger than the message). It simply cannot be broken unless you know the exact key OR content the message itself.

Re:but why? (2)

WaffleMonster (969671) | about 10 months ago | (#44078899)

I don't mean to defend the program, but what makes you so certain it does not (and cannot) detect terrorist plots? That would be the stated purpose, anyway, and when a plot is detected and pre-empted,

Who cares if it stops a few "terrorists"? normal criminals have proven to be just as capable of killing people and in far far greater and predictable numbers than any terrorist boogieman your state can conjur to scare you into submission.

they wouldn't publicize how they did it, as doing so would give other terrorists information on how to avoid detection.

Law enforcement often gets on TV and brags about how they were able to defeat threats. Entire documentary series give away LEA tactics and methods tought with no classification attached.

When criminals are arrested and tried in courts everything about the case is not kept secret to prevent tactics and methods from being erroded are they? Couldn't criminals use knowledge of "the system" to defeat it so shouldn't everything be secret?

Binary thinking is an oversimplification -- it's perfectly possible for a program to be both an Orwellian privacy nightmare AND an effective tool for catching terrorists.

Meanwhile all the time those billions are being shovled into the military industrial boiler real crimes are being committed and real people are being killed. The binary thinking occurs when you fail to consider the opportunity cost of having a terrorism freakout.

Re:but why? (1)

Skiron (735617) | about 10 months ago | (#44078461)

Them. Governments, or rather people that run Countries (i.e. the government might change, but the people in the background stay there, the money people). The illuminati, (if you like), do not want the hoi polloi to uprise, so monitor every aspect of what we do - it's called 'control'.

Re:but why? (1)

X.25 (255792) | about 10 months ago | (#44078501)

this is what i dont understand...why is there a "need" for all of this. they arent stopping "terrorism" nor are they really using it in a way thats stopping any major crimes. dont get me wrong, i am weird and 100% opposed to all of this. but who are they protecting with all of this data mining?

Because that is what leadership does when people lose ability to control them. No matter what they tell you, they always want absolute power. People that don't want some kind of power don't get into politics. It really is simple as that.

For a very long time, I couldn't understand why Americans were supposed to have arms and why it was even in constitution. However, now I really understand why it's there (too late to do anything, though), and I also realize that people that created US constitution were so much more wiser than any 'leaders' that exist on this planet today.

Re:but why? (4, Informative)

AHuxley (892839) | about 10 months ago | (#44078635)

The UK interest in coded product goes back to the Soviet embassy codes before ww2.
After that code breaking effort political leaders in the UK have really asked "how can we help" and for "more" over every generation.
As US tech got cheaper more became "everything"
GCHQ has had its ups and downs trading the Empire ie land to the USA for NSA product.
The GCHQ was also very smart in staying out of the press, not going to court vs spies and some publishers (so did the NSA for a long time).
The bulk data interest could always be seen as with the first Intelsat (international satellite telephone calls) efforts at Goonhilly Downs -CSO Morwenstow,/GCHQ Bude got every keyword of interest in the late 1960's.
http://cryptome.org/jya/gchq-etf.htm [cryptome.org] international telephone calls to and from Ireland.
The finding of any keyword of interest on all phonelines was always the aim in the 1960-80's.
re protecting with all of this data mining - the gov, the celebrities, press, trade, disruptive technology, arms deals, diplomatic blackmail, dissidents, protesters, disarmament, peace protesters, bases, police corruption, local elections, trade unions - anything and anyone that could get traction in the community or be a worry to the establishment.
The file placed before a political leader becomes addictive and gets wide domestic budget cuts turned into expanded projects.
Major crimes where only been an issue in ~1990-2000 and seem to have stopped due to the ability of major crime networks to slowly stop using all electronic communications once the court cases start.
CIB3 (anti-corruption squad) and 'Operation Nigeria' also showed what could go wrong for the GCHQ. Corrupt police officers very quickly learn of huge new efforts wrt to "major crimes" and guess what - all electronic communications stop.
Better to let the perception of anonymity keep people talking.
The future is just like the NSA - a rewinding of anyones 'internet' life once they are discovered.
To keep that amount of data you have to collect it all, store and in the past filter for keywords/known links. Add in facial recognition, voice prints, cell tracking, spyware, drones.

Re:but why? (4, Insightful)

Nyder (754090) | about 10 months ago | (#44078655)

this is what i dont understand...why is there a "need" for all of this. they arent stopping "terrorism" nor are they really using it in a way thats stopping any major crimes. dont get me wrong, i am weird and 100% opposed to all of this. but who are they protecting with all of this data mining?

They are using it to keep themselves in power. That is all. You know the saying Power Corrupts? Well, this is what they are talking about.

First Google was collecting info on me, but I was cool with it, i used their free services.
Now every company is collecting info on me, but I'm cool with it, after all, it's for business right?
Then the Government request access to the data from the companies, but it's okay, it's for terrorist prevention, right?
Then the Government just starting tapping the source and forgets to tell me about it, and I say, wtf? Who said that was okay?
Then the Government tells me its in the name of terrorism, and I ask them, why you are terrorizing your own citizens?
Then the Government locks me up for questioning them, but you don't know because they don't tell anyone anything.

Re:but why? (0)

BoRegardless (721219) | about 10 months ago | (#44078717)

I suspect they are now protecting the UK & US Gov't income and guarantee of income from their serfs, uh...citizens, in making sure they don't avoid taxes on things like say, mandatory health insurance, and soon mandatory government homeowners insurance "To Protect Everyone".

Of course there may be some collateral damage, like your company's secret information might be sold by some analyst to your competitor, but of course the chance of that happening is statistically near zero ... right?

Re:but why? (1)

greenbird (859670) | about 10 months ago | (#44079383)

who are they protecting with all of this data mining?

It's to monitor the enemy and stop them from nefarious activities. Who these enemies are is left as an exercise for the student. (Hint: Who are they monitoring?).

NSA, GCHQ, who's next? (5, Insightful)

Anonymous Coward | about 10 months ago | (#44078353)

Actually, the real question is this: Against such habits of secrecy, skirting any and all laws and regulations, avoiding public debate, and even not telling their own lords and masters what they're up to, fits only one remedy, that of immediate shutdown of the outfit and never ever letting such people near government anything again. How, as the world's internet population, are we going to manage that?

Re:NSA, GCHQ, who's next? (3, Insightful)

ATMAvatar (648864) | about 10 months ago | (#44078529)

While the program may or may not be any good at catching terrorists, I'm sure it works fantastically well against political opponents who use regular avenues of communication because they feel they have nothing to hide.

Re:NSA, GCHQ, who's next? (2)

AHuxley (892839) | about 10 months ago | (#44078925)

Enjoy your freedoms as just another software developer, artist, author.
Start a blog about 'your' new free code/encryption/file system if you have the skills.
Safe from spyware, keyboard hardware loggers, MacWin/Linux ready....free and real soon now.
Start talking about the press by name, mention corruption, new insights into past political 'deals' in your State, city.
Go way beyond simple keyword lists and make sure its in your geographic area.
Drive around a lot in new ways/times, stop as if 'meeting' the press, people with past insights, with your cell phone next to you.
Educate consumers about the expensive spy friendly junk they will be buying.
When you are tracked down and questioned at your front door- try your polite but consumer grade mic is running voice :)
You "might" have a video camera running just as they "might" have been intercepting your boring blog/ life.
So enjoy your freedoms as just another software developer, artist, author.
Nothing to hide just code snippets or background to a book, play, script, comic, song, game.....
A very dystopian comedy - book, play, script, comic, song, game...

Wow im shocked! (0)

Anonymous Coward | about 10 months ago | (#44078355)

Ok, did i sound convincing? Of course our federal governments track our communications. They have since the beginning of 'civilized society', and its just the technology and volume have changed over the centuries.

Prescient? (1)

pongo000 (97357) | about 10 months ago | (#44078361)

http://servv89pn0aj.sn.sourcedns.com/~gbpprorg/guerrilla.net/ [sourcedns.com]

Time to bring this back to life...

Re:Prescient? (1)

pongo000 (97357) | about 10 months ago | (#44078397)

Interestingly enough, a quick search of the Wayback Machine no longer returns copies of this site. Oh wait, let's look at who funds Internet Archive:

http://archive.org/about/credits.php [archive.org]

Enough said.

Re:Prescient? (1)

Anonymous Coward | about 10 months ago | (#44078701)

Project appears to be dead. You might want to look into Byzantium [project-byzantium.org]. Probably exactly what you're looking for.

 

Encryption (3, Informative)

Nerdfest (867930) | about 10 months ago | (#44078369)

As usual, the solution is to encrypt as much as possible. Your SSL traffic is safe, and those who use encrypted email are safe. The point is that you really shouldn't have to protect yourself from your own government. It sounds like they're no longer *your* government.

Re:Encryption (1)

Anonymous Coward | about 10 months ago | (#44078455)

Your SSL traffic is safe

Except sniffers can still tell who you are communicating with, as well as have an indication of the amount of data exchanged.

Re:Encryption (0)

Anonymous Coward | about 10 months ago | (#44078523)

Wouldn't a goverment agency be able to simply force companies to hand over SSL private keys?

Re:Encryption (0)

Anonymous Coward | about 10 months ago | (#44078525)

Isn't it common opinion that SSL can be cracked by the NSA. They have huge farms that can brute force it, at the very least. But Man-in-the-middle is more likely.

Re:Encryption (1)

maroberts (15852) | about 10 months ago | (#44078541)

Brute forcing of SSL may be possible, but the question is surely whether can it be done in enough volume to be useful?

Re:Encryption (1)

crioca (1394491) | about 10 months ago | (#44078577)

Brute forcing of SSL may be possible, but the question is surely whether can it be done in enough volume to be useful?

You don't need to break the SSL encryption to see where the messages are going and how much data they contain if you have a tap on the whole network,

Re:Encryption (3)

Skiron (735617) | about 10 months ago | (#44078587)

They are not interested in what the stuff is - just who is talking to who ssl doesn't protect that info. If it rings alarm bells, then the work starts.

Basically it is like a bouncer on the door weighing everybody up - if you look dodgy, then you get the once over.

Re:Encryption (1)

Anonymous Coward | about 10 months ago | (#44078643)

Moxie Marlinspike showed how SSL can easily be broken by Man in the middle attacks, which is what they could be doing. That flaw has been fixed by browsers, but from that you can conclude if an agency can get the private key from a site, they can forge a cert and do the same attack at any time and be undetectable even better than Marlinspike's example (you "could" detect Moxie's MITM attack if you went through a bit of effort before browsers were fixed).

So, SSL can be hacked by agencies. They only have to brute force the private key once and then they have access to ALL traffic with that cert. In addition they may have agreements with verisign to get these private keys without having to brute force.

So for an agency wiretapping 300 million people, this would be trivial work. Don't assume SSL will be safe from them in the least.

Re:Encryption (1)

Jorgensen (313325) | about 10 months ago | (#44078901)

Agreements with Verisign (or other CAs) would not help here: Verisign will NOT get the website's private key when somebody ask for a certificate.

It is possible (but unlikely) that the CSR (Certficate Signing Request) may be of use to NSA though. It does NOT contain the private key.

It is MUCH easier to strong-arm a CA to sign NSAs newly-generated key for e.g. "facebook.com" and play man-in-the-middle on whatever traffic they're listening in on - isn't that what Iran did with google traffic? (My memory is vague here...)

Re:Encryption (1)

reve_etrange (2377702) | about 10 months ago | (#44078743)

The NSA has admitted that "using encryption" is justification for keeping all your records for longer (including US persons). Even though strong encryption is mainly used to protect legitimate business interests.

Re:Encryption (0)

Anonymous Coward | about 10 months ago | (#44078747)

Your SSL traffic is not necessarily safe. If your browser accepts certs signed by a CA that an attacker controls (or is just sloppy), it is trivial to perform a man in the middle attack, and access your "SSL protected" data. Several CAs accepted by all major browsers have links to national governments. Several CAs have been shown to be very sloppy in the last couple years. Also, if you don't 100% control the host, you don't control the CAs it accepts.

A single wildcard cert of *.com would allow an attacker to access much of the SSL traffic. Add a trivial number of other TLD wildcard certs, and you can probably grab over half of the SSL traffic. A few more targeted subdomain wildcard certs for *.google.com, *.facebook.com, etc., and SSL "protection" becomes a complete joke.

Note that your employer or school may already be snooping on you this way. The employer adds a CA they control as a trusted CA to all the computers in the organization that they control, and using the SSL man in the middle "feature" provided in some "security" products, they then snoop away. This is, apparently, common at K-12 schools in the US* (facebook traffic is a prime target). These folks *will* report you to the authorities if they find anything off. Think of it as crowd sourced NSA spying.

Firefox add-ons like certpatrol can help guard against this, but it is noisy, and without inside information, you can never be certain that every certificate change it notifies you about is legit or non-legit. But, if you see the cert was signed by "your-employer.com" you can be certain.

* At the college I work, we had a request from the K-12 school district, in the area, for more information on the setup we use for student registration etc. Their SSL man in the middle (they didn't call it that) was getting confused by all the redirects and non-standard ports used (it really is a mess, but in this case it is a good thing). I convinced my supervisor that we had no interest in helping them, and that I would have no part if they did. My supervisor and director overtly threatened me that I was not to speak of the incident. A draw. Later, a security appliance vendor came to give his pitch, and mentioned their SSL man in the middle feature. I asked if anybody actually used such a thing, as the privacy implications were horrendous. He said it was a very popular feature. Scary.

Re:Encryption Stored Forever (2)

BoRegardless (721219) | about 10 months ago | (#44078755)

If the government knows where your encrypted files went, they just go there to that place with a warrant on "National Security Grounds" from a FISA court and strong arm the recipient, who probably just wet his pants when these guys stormed into his office.

The NSA has already said it holds all encrypted traffic for a long time or forever in the assumption you might be doing something against them. That suggests we could overwhelm them with 100% encrypted web traffic. Unfortunately, the government would want to use our tax dollars to store EVERYTHING at that point.

The Israeli security guys who have spoken say that well trained observers and spies on the ground with their literal ears to the wall are the best source of relevant intelligence.

Re:Encryption (1)

PolygamousRanchKid (1290638) | about 10 months ago | (#44078763)

Your SSL traffic is safe, and those who use encrypted email are safe.

Would the NSA tell us about it, if they had methods to crack SSL and encrypted email . . . ?

Re:Encryption (0)

Anonymous Coward | about 10 months ago | (#44078999)

Unfortunately, merely encrypting your email doesn't help if you are a person of interest. Even if you make sure that

a.) Your encryption software is actually working as you expect, and doesn't feature backdoors or weakness
b.) Your keypair was correctly and securely generated
c.) The machine that you're using hasn't been compromised
d.) They aren't able to observe your machine's power output, the time taken to encrypt messages, the sound your machine makes as it performs the calculation, vibrations, etc. Interestingly, if you type with your smartphone on the desk near you, there exists software which can determine what you are typing based on the table vibrations.
e.) The key you are using to encrypt your mail is actually the other person's real key, and you aren't being MitM'd.

You also need to make sure that the person you are talking to are at least as trustworthy as you are, and aren't handing your presumably incriminating correspondence to the police.

This is before we look at the wide, scary field of emissions security... unfortunately, cryptography is only one small part of the answer to a very, very big problem.

Why does everyone think this is bad? (1, Informative)

maroberts (15852) | about 10 months ago | (#44078387)

I am willing to bet that if Henry Stimpson knew the consequences of closing down the equivalent of the NSA in 1929, he would have sacrificed his "Gentlemen do not read each others mail" mantra in a heartbeat. In fact, he did just that in WW2 because he came to realize the value of intelligence gathering activities.

I personally hope that GCHQ and the NSA are gathering as much intelligence as possible. What is needed is a boundary on who that intelligence is passed on to and used, not how much is gathered.

Re:Why does everyone think this is bad? (4, Insightful)

Jherek Carnelian (831679) | about 10 months ago | (#44078433)

What is needed is a boundary on who that intelligence is passed on to and used, not how much is gathered.

When it is all collected in one easy to query database the only "boundary" that prevents misuse is the laws of man.

When it remains distributed across the internet in the possession of only those are concerned with the creation and use of the data the "boundary" that prevents misuse is the laws of physics.

I'll take the laws of physics over the laws of man any day of the week.

Re:Why does everyone think this is bad? (5, Insightful)

SJHiIlman (2957043) | about 10 months ago | (#44078475)

Why does everyone think this is bad

Not "everyone" thinks this is bad, but everyone with even a little bit of knowledge about history knows that giving the government such powers so they can catch the scary bogeyman will inevitably result in the government abusing said powers. Everyone else... well, they're under the delusion that government workers are perfect beings, apparently.

Re:Why does everyone think this is bad? (1)

maroberts (15852) | about 10 months ago | (#44078559)

Of course its susceptible to abuse, but killing the Golden Goose just because it lays a few bad eggs is foolish. You simply need quality control of the output, which is what I stated in my original post.

Re:Why does everyone think this is bad? (2)

SJHiIlman (2957043) | about 10 months ago | (#44078585)

Of course its susceptible to abuse, but killing the Golden Goose just because it lays a few bad eggs is foolish.

Freedom is more important than safety; far more important. I'd rather not have this system at all if they're going to collect all this data.

Re:Why does everyone think this is bad? (2)

reve_etrange (2377702) | about 10 months ago | (#44078753)

And that's assuming there is a benefit to safety. But there's no evidence of that besides statements to congress from men who've already been caught openly lying to congress.

Re:Why does everyone think this is bad? (1)

PPH (736903) | about 10 months ago | (#44078505)

Because during WWII, the Allies collected intelligence on "the enemy". Today, it appears that our governments treat their own citizens as the enemy.

Re:Why does everyone think this is bad? (1)

maroberts (15852) | about 10 months ago | (#44078591)

Its painfully obvious that the enemy changes from time to time, and the ability to identify who is really your enemy before he or she takes action is priceless.

Re:Why does everyone think this is bad? (1)

PPH (736903) | about 10 months ago | (#44078773)

But who identifies the enemy? Declaring war is the job of Congress. Unless they do so, individual terrorist acts are a law enforcement issue and should be handled within the constraints of that function.

Re:Why does everyone think this is bad? (1)

X.25 (255792) | about 10 months ago | (#44078511)

I am willing to bet that if Henry Stimpson knew the consequences of closing down the equivalent of the NSA in 1929, he would have sacrificed his "Gentlemen do not read each others mail" mantra in a heartbeat. In fact, he did just that in WW2 because he came to realize the value of intelligence gathering activities.

I personally hope that GCHQ and the NSA are gathering as much intelligence as possible. What is needed is a boundary on who that intelligence is passed on to and used, not how much is gathered.

You reckon that everyone should lose their rights so that "intelligence agencies" could gather as much data as possible? And we should make it as easy as possible for them too?

You are a genuis.

Re:Why does everyone think this is bad? (1)

maroberts (15852) | about 10 months ago | (#44078573)

I didn't say we should make it easy for them. As far as I am concerned private individuals and governments should make an effort to protect their data.

I said that Intelligence agencies should make their best effort to identify threats as soon as possible and that control of obtaining information should be at the output of the agency, not at the input,

Re:Why does everyone think this is bad? (0)

Anonymous Coward | about 10 months ago | (#44078563)

More specifically, GCHQ should be sacked if they weren't. Domestic wiretapping is stalinistic; tapping other people's cables is a necessary part of national security. If the chinese aren't trying (and they are) to tap our fibre, then they're doing it wrong.

Re:Why does everyone think this is bad? (3, Informative)

Charliemopps (1157495) | about 10 months ago | (#44078569)

The chance that I'll be killed in a terrorist attack are 1 in 20million.
The chance my government will put me in prison is 1 in 100.

I'll take my chances with the terrorists thank you.

Re:Why does everyone think this is bad? (4, Funny)

Skiron (735617) | about 10 months ago | (#44078875)

Reminds me of an old joke I read somewhere once:

A statistician worked out that 1 in 20000 aircraft could have a terrorist bomb on board.
The odds of having 2 bombs on board the same aircraft worked out at 1 in 50000000.

So, every time he took a flight, he carried his own bomb.

ignorance piled on arrogance (2)

decora (1710862) | about 10 months ago | (#44078611)

1. Hoover set up a massive index of FBI files on american citizens in the WWI era, it was later shutdown by congress as a massive affront to American law and history

1.a. Nixon used the security apparatus to damage his political opponents. That is why we had the Church Committee to investigate past abuses of the CIA, NSA, FBI, etc, where gross nazi-style human rights abuses were revealed. That's why we have FISA courts and why USSID 18 was supposed to exist and be respected.

2. World War II was an Actual War where 60+ million people died after genocidal dictators started sending millions of troops, tanks, and airplanes into each others countries and murdering civilians by the hundred-thousand. We are not in world war ii.

3. Back in 1929 the biggest threat to global security was the financial system that crashed and left millions and millions homeless and unemployed, including a huge number of disgruntled german WWI veterans, whom Hitler was able to mold into the SA and later the SS. Spying on people wouldnt have stopped the abuses on wall street. In fact, wall street typically grows fat on these abuses because it has inside information and links with spy agencies.

4. the US was not ready for WWII, but it became ready quickly enough to turn the tide of the war. Having a massive standing army is not a pre-requisite to victory. Having the moral high ground and a strong economy, well, those are. And the US is rapidly losing both of those things.

In other words, if people are wanting the NSA to prevent the next WWII, they are coming from a very ignornat, and arrogant point of view of history. Do you want to prevent "an enemy of the US", or do you want to prevent totalitarianist ideology in general? Because that ideology could take over the US just as it took over Germany's Weimar Republic if the principles of the founders are not adhered to and respected.

Re:Why does everyone think this is bad? (2)

DarkOx (621550) | about 10 months ago | (#44078665)

I don't agree. When in history has domestic intelligence not been used in unintended ways? Why do think it will be different this time?

The fact is all the firewalls don't work because nothing stops anyone from changing the rules later on. The only way to prevent a government any government, possible any organization from misusing data is to prevent it from collecting such data in the first place and even that isn't easy. Data gathering is very much a case of you can't put the genie back in the bottle.

They're traitors, that's treason. (3, Informative)

Anonymous Coward | about 10 months ago | (#44078421)

You spy for a foreign power, that's treason and GCHQ are traitors. You're exposing Britain to political spying and commercial spying. You're exposing Europe to commercial and political spying.

CIA/NSA will use that data to ensure UK politicians do their bidding over the bidding of the voters. You made that possible.
CIA/NSA will use that data to ensure European politicians do their bidding over the bidding of the voters. You made that possible too. We have examples of it already in Wikileaks, with Holland.

RIPA did not give GCHQ the power to spy for the NSA. That's why they're demanding the snoopers charter. Trying to legalize what they're doing.

"The 2000 Regulation of Investigatory Powers Act (Ripa) requires the tapping of defined targets to be authorised by a warrant signed by the home secretary or foreign secretary. However, an obscure clause allows the foreign secretary to sign a certificate for the interception of broad categories of material, as long as one end of the monitored communications is abroad."

So that means the NSA gets all the data it can't legally collect (but tries to anyway) from GCHQ and GCHQ gets all the data it legally can't intercept from NSA.
An illegal reacharound, sustained by secret laws that put a military man in charge.

It also means that GCHQ's loyalty is more aligned with General Keith Alexander, than with David Cameron. Those 40000 search rules the NSA provided? How many of them were against UK interests? How many of them spied on Brits for the benefit of the CIA? How many of them spied on Americans for the benefit of a rogue General?

proud Briton (1)

Anonymous Coward | about 10 months ago | (#44078427)

Makes you proud to be British.

I don't know what all the fuss is about: Naturally, to be able to find any terrorist or child pornography related data you have to sieve through all of it.
It's even more bizarre that people are so surprised that a spying agency has been, well, spying!

Re:proud Briton (3, Insightful)

reve_etrange (2377702) | about 10 months ago | (#44078821)

Interesting that they chose not to go after any LIBOR fixers or financial criminals don't you think?

It's almost like there's a double standard in which the people who work in the government use the powers they have been given for their own profit rather than the interests of the public, all the while trotting out a couple of extremely rare bogeymen to justify their actions.

No wonder (1)

Anonymous Coward | about 10 months ago | (#44078441)

No wonder Skynet will go insane and try to kill us all. Imagine listening to million of robo and spam calls daily. That's too much for any machine to handle/

NSA Games The USA Constitution (1)

Anonymous Coward | about 10 months ago | (#44078483)

GCHQ provides (for cash per transaction) intelligence including credit card user information and history, recorded phone calls, and all other forms of electronic communication of USA citizens to the NSA.

This is how NSA games the USA Constitution and blackmails Congress, the Executive and the Judiciary.

It also means the NSA (with GCHQ) is the largest holder of online porn in the World. It is a given that the porn NSA holds is sold to southeast Asia countries whereby it ends up in China, after 'goodwill' cash has exchanged hands.

All Capone would be laughing.

Is the IETF doing anything about this? (1)

PolygamousRanchKid (1290638) | about 10 months ago | (#44078533)

Well, now we know that all Internet communications are exposed down to the wire or fiber to deep packet inspection systems. Is the IETF working on any counter-measures against this? Like, some new kind of protocol to thwart our friendly feathered government snoop-dooper friends?

I was thinking of something that would leave IP packets alone, so that they could still be routed correctly through the existing Internet. But . . . scramble the IP fragmentation sequence somehow, so that only the sender and receiver would know the correct order of the packets to reassemble them in the right order correctly. This could makes things much more difficult for our deep packet inspector detector pals.

I haven't really given much thought to the idea, but when I am using Wireshark to debug problems, I always use the "follow TCP stream" option. The lack of that option would certainly make my life more difficult.

Terrorist are not so stupid! (1)

indybob (2731135) | about 10 months ago | (#44078601)

Except stupid ones, terrorist already encrypt Email and communication for years because everybody knows the governments listen internet!

Re:Terrorist are not so stupid! (0)

Anonymous Coward | about 10 months ago | (#44078791)

Even if they didn't actually encrypt their communications they obfuscated it with 'code'

Re:Terrorist are not so stupid! (1)

reve_etrange (2377702) | about 10 months ago | (#44078835)

And the NSA has said that "using encryption" justifies them collecting and holding your data, regardless of who or where you are.

Always tapping (1)

hhawk (26580) | about 10 months ago | (#44078851)

The UK has always tapped their cables since the dawn of the telegraph.. This isn't new, and certainly isn't news to anyone who studied history.

Re:Always jibber-jabbing (0)

Anonymous Coward | about 10 months ago | (#44079209)

errr.... difference today is that G4S (Wackenhutt) bugs the poo out of Cheltenham staff accommodation.....

nearly forgot, remember SERCO? well, they have been bugging the poo out of most of London`s courthouse jails (they have a contract to provide "security". Dont see what the big deal is, MI6 are practically working for foreign-interests, Cheltenham has some good lads, but eventually the americans pull weight; whether it be privatising British Telecom, British Rail, British Gas, British Energy, Royal Mail, perhaps the NHS, HMPS, next up, Doctor Who will be working out of a tardis with the logo of a huge multinational. Belief has been buggered!

Did anyone see that RT segment called "Big Ears"? apparently, sometimes these big supra-national agencies just tap into another countries wiretapps! blast `em all!

No wonder all jobs in U.K need Security Clearence. (0)

Anonymous Coward | about 10 months ago | (#44078861)

I've been working as telecoms contractor for the last 20 years. It's getting harder and to get any contracts lately because more and more jobs require some type of clearance. At the beginning I was wondering if this is some type of "job market protection"
Now I know the answer.

Logic! (0)

Anonymous Coward | about 10 months ago | (#44078957)

Government: "WE NEED THESE POWERS TO PROTECT YOU FROM TERORRISTS!"

No, shit like this makes me want to become a terrorist.

Are they tapping them on the first date? (0)

Anonymous Coward | about 10 months ago | (#44079087)

Oh, those slutty cables . . .

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...