The feds have gone to ALL device makers and demanded access, using National Security Letters each time to force the manufacturers to enter into their clandestine plan, without any public awareness. And if anyone spills the beans they may just get disappeared into a special holding facility. The US Govt. is capable of pretty much ANYTHING when it operates under the guise of "Protecting America." We can thank the Patriot Act (ever version 2 of it) for all the loss of freedoms and jack-booted state.
> The feds have gone to ALL device makers and demanded access, using National Security Letters each time to force the manufacturers to enter into their clandestine plan, without any public awareness.
It's a shame this is the top post.
A National Security Letter absolutely cannot do anything like this. NSLs are such a weird HN boogeyman. Absolutely a violation of the first and fourth amendments, but they are administrative subpoenas. They cannot compel the kind of action you're talking about.
There are plenty of ways to twist interpretations of statute to try and make investigative and prosecutorial overreaches legal, but it's ridiculous how often these NSL posts get voted up to "educate" others on a subject the poster clearly hasn't even read up on themselves.
I'm not sure where your beef with his broad strokes summarization lies. Here [0] is basically what he said, but detailed, by the EFF. They are data-demand letters that subject the recipient to a gag order so ridiculous that the receipt of and existence of the NSL is itself gagged (and thus unable to be openly challenged in court).
So yes, what he said is not only possible, but documented.
I said nothing about the gag order attached to an NSL. They are a violation of First Amendment rights and adhere to basically none of the checks the courts have put on gag orders in the past. The reason this hasn't been rectified is exactly as you point out: their very nature helps eliminate most legal challenges to them.
But that's not what I was talking about. An NSL is an administrative subpoena. It can compel you to turn over metadata about communications, for instance, which is absolutely a Fourth Amendment violation with what you can discern from modern "meta"data, but it can't compel you to turn over the content of those communications, and it certainly can't compel you to, for instance, alter the software on your customer's phone to allow easy intercept of all future communications.
As someone who is not American it doesn't matter to me how it's worded or under what category it falls, but that the three letter agencies can completely silence individuals so that they can do whatever they want with immunity is absolutely terrifying. Lavabit, and the Ross Ulbricht case are particularly bad examples that spring to mind.
I submit most people worthy of receiving national security letters are willing to contemplate serious personal harm before violating their convictions. Especially now that Cook won the staring contest.
Cook was not served with a NSL, at least not one he "won a staring contest over"
Tim Cook, Apple, in the San Berandio Case was served with a standard, in the open, court order, not a NSL, not a FISA Court order... this was just a run of the mill public order.
I always love this argument, the NSA routinely uses it in Court to eliminate any challenge based on Standing
Since the NSA will never admit they violated the constitution, no one can get discovery to prove they did, thus they will never be held to account.
The very Nature of "national security" and the ability of the government to literally make everything including the price they pay for a hammer a matter of "national security" and hide these things under the impenetrable cloak of that claim is a major damn problem.
As to the charge they have "disappeared" people, given we know 100% factually that the CIA perpetrated immoral renditions for the purposes of torturing people "legally" I fail to see why you do not believe other branches of the government did not follow the same play book
Hell they have admitted to executing US Citizens with out trial... I do not believe there is anything they will not do.
The NSA is signals intelligence and while they do tap your internet [1], they don't abduct humans. By your logic, the coast guard is also making citizens "disappear". You've been watching way too many movies.
I'd be very interested in a story about a technology device manufacturer employee--a U.S. citizen--who was disappeared by the U.S. federal government for discussing a national security letter or any other attempt to access information. I've never heard of one, or even the allegation of one.
"Disappearing" people isn't really the style of the US government. That's common in South America and was regularly used in the old USSR.
The US prefers to discredit people in the media as "terrorists" (or "gang members", etc) while throwing an unwinnable pile of charges at them to force a confession (aka "plea bargain"). This have the de facto result of keeping someone either in jail for a while or spending 100% of their time and money on defense.
Regardless of how it turns out, draconian probation requirements, pre-employment questions in the style of "have you been charged with a felony" and the arrest and/or criminal record are very effective at finishing the job of "disappearing" someone with unemployment and the social isolation that happens when someone's reputation is trashed. In many states, you can add long-term or permanent disenfranchisement.
The tactics everyone should be paying attention are closer to COINTELPRO, where key people are removed from potential positions of leadership or organization before they accumulate larger amounts of power. With a mass surveillance network and storage that lets you search through someone's past, parallel construction to remove someone on any kind of trumped up charge is easy.
> The US prefers to discredit people in the media as "terrorists" (or "gang members", etc) while throwing an unwinnable pile of charges at them to force a confession (aka "plea bargain"). This have the de facto result of keeping someone either in jail for a while or spending 100% of their time and money on defense.
Can you share an example of this happening to someone who works at a technology device manufacturer? Someone who was in a position to be aware of an NSL that they could spill the beans on?
Not quite a device manufacturer, but a technology company: Qwest CEO Joseph Nacchio was convicted of insider trading after allegedly refusing to help the NSA: https://en.wikipedia.org/wiki/Joseph_Nacchio
It may be a coincidence that he happened to both refuse to help the NSA as well as commit a crime, but "insider trading" as an officer of a company is pretty hazy, especially if you have the NSA informing you that they're going to tank your company's stock if you don't comply.
Thanks, that's good one to think about. Not a "disappearance" per se, but maybe an example (at least an alleged example) of an indirect legal consequence for fighting the NSA.
That isn't the only industry that can be subject to a NSL. We are lucky to have any of the information at all; if you limit your search to very-specific categories, you risk finding areas that have less public data.
That case has nothing to do with discrediting someone as a terrorist or gang member, charging them with any crime, forcing a confession out of them, and really anything to do with criminal charges or jail time at all.
Agreed. The documented style of the modern US national security complex isn't so much to disappear citizens, but rather to explicitly and proudly assert the authority to suspend the 5th amendment and assassinate them [1].
Even if someone would present such a case there would be soo little tangible evidence and many other "more plausible" theories as to why the person disappeared it would be simply dismissed as a conspiracy
People want to reject the idea their government is immoral, so they do...
Clarification: I said that somebody would notice, not that somebody would care. (fact vs emotion)
Cite your source.
I am skeptical by relying on the "six degrees of separation" theory... I literally know nobody who has ever known anyone (etc) that has been "disappeared".
>>Clarification: I said that somebody would notice, not that somebody would care.
Then I fail to see what your point it, the entire point of "someone would notice" would imply that would be a deterrent to prevent or give pause to the US Government disappearing someone. This would necessitate people caring.
Further, in order for many many people to notice like you said, a good portion of them must care enough to spread that info.. Unless you are thinking the only people that would be disappeared would be someone like Tim Cook, or other High Level person, no it more likely would be some unnamed programmer, or researcher.. not a CEO of a Fortune 100 company who is of no actual value to the US Government.
In The Puzzle Palace, Bamford describes how telegraph companies loaned paper records to federal intelligence services. How teletype companies loaned wire recordings, and later tapes. Mostly they relied on patriotism. Sometimes threats. International mail has always been subject to inspection.
It's also mentioned in The Idea Factory; the head of Bell Labs and most AT&T leadership had "secret schedules" where they visited DC to receive orders and transmit information.
Abraham Lincoln had the nations' telegraph wires all terminate in a room in Washington DC, get received and inspected, then retransmitted. That was 150 years ago.
considering that the first line in the states was built from DC to Baltimore [0] I find this a bit like the comments that 70% of the worlds internet goes through Northern Virginia[1]. If part of the technology was invented in a specific area where a large group of people had knowledge then that is the reason why it is a central point of crossing (termination)
Nonsense. Read https://www.law.cornell.edu/uscode/text/18/2709 ; you just can't twist that to compel a computer manufacturer to unlock a computer and reveal data. It's targeted at telecoms providers (so maybe Apple iCloud) and metadata and subscriber records.
What's the point of believing something if you can't regard it as true due to lack of evidence? That's usually reserved for religious faith.
If you suspect something, there has to be a reason. You have a certain level of evidence to support a suspicion, a higher level to support a deeper suspicion, a lot more to support being "practically certain" and so on.
The role played by suspicion in a rational context is to justify a search for more information, or to justify some precaution being taken.
This is entirely a semantic argument, but if you have proof of something then there is no need for belief to enter into anything.
For example, the fact that the Earth is warming is a matter of fact, it's measurable that year on year the planet's temperature has increased. I don't need to believe it, it's observable. But the conjecture that it will continue warming is a belief - perhaps the models are entirely wrong and next year we will enter into a new ice age. You can't prove something will happen until it happens - maybe tomorrow Russell's Teapot will magically appear on the other side of the Sun, it's not a falsifiable claim.
I would say that a belief is a stronger conviction than a suspicion, but I don't think it necessarily implies ironclad proof.
Given a past record of bad behavior, I'm more than willing to believe in present abuses of state secret privileges. It's been rotten since it was created (US V Reynolds) and at this point the null hypothesis is that nothing has changed.
He is asking why you believe something if there is no proof. Rationally proof should precede belief, but suspicion is better suited to describe your position. I understand your use of the word "belief" but I think I do prefer his usage.
To set a precedent. They had the ability, but wanted to gain access to any phone for any case without having to dip into their budget. Even ones that don't threaten national security.
Because NSLs are very tightly constrained. They're only for telecoms metadata and subscriber information, and they're only for national security use.
There almost certainly were NSLs served on the shooters' phone companies---about the most reasonable use of them one can imagine. They would not compel Apple to do a thing about a phone held by its owner, the City of San Bernadino.
Because they knew the phone wasn't important from day one and they decided to play a political game.
I said a month ago or more that there are companies that do this and the FBI should just ask one. And moreover that these companies were beating down the FBI's door wanting to do it to prove themselves.
NSL only makes it so Apple can't talk about it. It doesn't make it so they have to make a new operating system just because the FBI told them to. There wasn't an easy way to create the precedent of forcing Apple to do what they wanted without it being public.
Article simply counts when the All Writs Act has been used to make a request of Google and Apple, not focusing on what that help was, and thus, isn't terribly informative.
For example, when Apple turned over the iCloud data for the San Bernardino iPhone, I don't know if that was under the All Writs Act or not, but Apple claimed no problem with doing so. If Google did similar (or, in the one case this article details, reset a password), that's completely compatible with Apple's recent stance.
iCloud Data can be obtained with just a search warrant. The power of the All Writs Act is in making a company do work to assist in decrypting or accessing data, rather than just handing it over.
From Apple's Legal Process Guidelines [0]:
"It is further ordered that, to the extent that data on the Device is encrypted, Apple may provide a copy of the encrypted data to law enforcement but Apple is not required to attempt to decrypt, or otherwise enable law enforcement's attempts to access any encrypted data."
Both comments are correct - Apple supplies iCloud data with a warrant[1], but the iPhone access was going to be under the All Writs Act[2]. No judge is going to accept an argument that handing over iCloud data is going to be an unreasonable amount of work to do in response to a warrant - and Apple hasn't even attempted to argue that.
My understanding (and correct me if I'm wrong!) is that handing over a copy of the data does not fall under All Writs. If the map included warrants for iCloud data, etc, I'm pretty sure all 50 states would be colored.
You're correct. The All Writs Act is only of use if there are no alternative remedies. The best way to think of the Act is as a catch-all. It gets used when other remedies aren't applicable or don't exist.
I believe San Bernardino County was the owner of the iPhone so resetting the password would have gone through the standard process of sending a password reset request and then capturing the email at the server.
Apple may have assisted in providing the iCloud data in a more digestible form than what's available in the public web interface but that's more a matter of convenience than access.
This quote from "a Google spokesman" seems unambiguous and key:
"We’ve never received an All Writs Act order like the one Apple recently fought that demands we build new tools that actively compromise our products’ security.... We would strongly object to such an order."
Disk encryption is required to be enabled by default on any device shipped with Android 6 (Marshmallow). There is an exemption for very slow phones, but I'd guess that most new medium or high end phones have it enabled now.
Without hardware keystore for the key encryption key it's sort of pointless as you can extract and brute force with any PBKDF2 round count that will be acceptable for a mobile user.
From the link you gave, the "Google Security Guys" seem to be specifically protesting "industrial-scale subversion of the judicial process" by the NSA. This wouldn't preclude active cooperation with law enforcement or designing systems meant to comply with warrants (where a truly secure system would make this impossible).
I didn't downvote you either. But I'm guessing that the issue is the kind of "have you stopped beating your wife" twist you're giving to what the Google spokesman said. It seems like you're looking for a way to twist what he said to fit your paranoia, rather than giving an honest reading to his words.
That said, your reading is within the possible meanings of his words... but I still think you're trying to read too much into them.
Considering that PR people are trained to say things in the most preferable way for the company, and considering what happened in the Apple case and in the previous years with PRISM, it’s not paranoia to assume that Google has a backdoor one way or another. It’s probably even expected in the age of NSL letters and secret courts.
Overspecific dementi "We never had to add a backdoor" are usually a very good sign of a company under a gag order that still wants to notify the public.
I didn't vote, and I don't disagree with you per se, but I also don't really know what you're saying. In the context of the quote, there was no question indicated, so it's very hard to tell what question wasn't answered.
The ACLU post/map is pretty good. It's based on gov prosecutor report from October that Apple and Google had complied with All Writs orders scores of times before. More details at court orders linked to each case.
What capability is unique to Google? Anyone can replace the rom if the bootloader is unlocked, and if it isn't, they need the manufacturer, not Google.
