So this week I've been reading Battle of Wits: The Complete Story of Codebreaking in World War II by Stephen Budiansky.
The US intelligence community has a long history of going right to the communication source and obtaining raw data from public companies. In the 1920's Herbert Yardley's "American Black Chamber" worked with Western Union and other cable companies who turned over interesting cablegrams and radiograms.
In 1940 [before the US entered the second world war], the military assigned Lt Earl F. Cook to read and copy cable messages that passed through RCA's office with the consent of RCA's president, David Sarnoff.
After the war, there was of course project Shamrock.
So if anything. What we are seing might be an improvement of the situation rather than a worsening. People can and do speak up and for each generation we will move toward a more liberal approach perhaps.
There seems to be a pattern in society over the last century, towards social liberalism/acceptance among people (sex, drugs, race etc). This of course happens very slowly and takes decades.
The big question is how this will affect the intelligence community long-term, who are becoming simultaneously more important, and simultaneously more threatened by technology and the openness of the internet.
Will they be forced to become more transparent or succeed in their fight to keep growing in power/secrecy?
Having an extremely large and powerful government, now even more obsessed with aggressive enforcement of law, is almost always going to be continually at odds with the peoples trends towards social liberalism.
The internet seems to have accelerated liberalization and terrorism seems to have accelerated state totalitarianism. So it seem's we're witnessing an acceleration in the battle between the two (especially if you live in the HN bubble).
The counter argument of course could be, and often is, dismissed by those who see the state as a representation of the people and total secrecy in the intelligence community as necessary for a healthy country/national security.
>terrorism seems to have accelerated totalitarianism
How do you figure? I weakly dispute that totalitarianism is accelerating (there are some worrying trends at various stages of development in the US, UK, Canada, and Australia, but accelerating is a strong word - we may just be more aware of power abuses because of the internet), but I strongly dispute that, if true, "terrorism" is the cause. There has always been terrorism. There will always be terrorism. Terrorism is merely the enemy du jour. The idea that terrorism represents a new and uniquely dangerous threat is pure propaganda. Indeed, when you look at some the shit that went down in the latter half of the 20th century, we are living in a comparatively terrorist-free time. Possibly governing politicians are more afraid of terrorism after 9/11 (not because of its lethality as such but because of the unpredictable political aftershocks), but equally (more likely?) they may be consciously aware of its utility at pushing through power grabs. Either way, it's not right to call it a cause.
It's rather interesting how much longer the 2000s section is - rather misleadingly, as each entry is 2-3 lines of text while the earlier entries are generally a single line. Also, there's a lot of fluff in the 2000s entries. Search for where the word "bomb" appears and you'll see what I mean. I wonder if this is the result of terrorism hype, or one of those instances of subtle Wiki bias we've all been hearing about?
Measuring terrorism in number of historical attacks or body counts shows a lack of understanding of the goal of terrorism. I'm not saying terrorism attacks itself is the source, but the fear of terrorism (which is still essentially terrorism).
Terrorists attacks probably aren't accelerating (domestically). But politically in the last decade, it has been the source of the accelerated militarization of police [1], extreme border policies such as the TSA follies and the elimination of judicial check on executive power [1].
All signs of increased totalitarianism and all directly connected to terrorism.
Two hundred years ago, intercepting signals was extremely difficult. They were sent by courier in envelopes. Couriers are crafty and the backwoods perimeter long.
150 years ago, they could be sent by wire and this meant both an explosion of signals, but also a corresponding ease of identifying the route by which they would be passed.
In the early 20th century, radio increased the volume of signals, but again interception became easier to the point that there were many so many locations from which an antenna could be used that the development of encryption and decryption methods became the most important task in signals intelligence.
Today, anything could be important. And the NSA, being charged with national security assumes that you and I may very well be up to no good. There job is to be paranoid, and they are good at it.
Building a massive security apparatus, so far as I am aware, has never led to a more liberal political regime. While anecdote is not evidence, I don't see how one can make a strong case that the current state of affairs is the result of increasing liberalization.
Nothing surprising here. They're fighting tooth and nail to keep their activities under a veil not of secrecy (that's impossible at this point) but of vagueness, which in the end achieves the same purpose: preventing people from caring.
The worst part is that the argument brought against transparency actually makes sense on the surface level, but as usual completely ignores the factor of bad actors within the system, which need to be kept in check as much as any hypothetical group of terrorists.
I think by now the situation has come to a point where nobody believes a word of denials coming from any US company when it comes to surveillance and user data. Anybody would just assume they're denying it because NSA tells them to do so and they don't have a choice. Understandably, big companies don't like feeling like ventriloquist's puppets. Maybe they should spend some of those lobbying dollars on putting collar, leash and muzzle on NSA.
Secretly and unconstitutionally feeding evidence to local law enforcement for petty crimes. Blackmailing judges and politicians. Giving (selling?) information about US citizens to foreign countries. Spying on significant others. Industrial espionage.
Aside from the first one, is there any hard evidence of these? "Industrial Espionage" != spying on foreign companies with no commercial benefit, for example.
Wait, actual falsification? Do you have a source for that?
I always thought it was the NSA telling local cops "go bark up that tree", and they make a series of "lucky guesses" that lead to an otherwise legitimate arrest and prosectution.
If those tech companies decided to release all of their information nothing would stop them (not even the U.S. government).
If the U.S. decided to take down every one of those companies or indite their CEOs/Boards the would have an uproar from the populous that would likely be comparable to the 60's (or worse).
Essentially, the populous would be more loyal to a company who's honest than a government which is dishonest.
I honestly didn't expect much from this. The part that scares me about all of this is this: if the government can't read our emails, listen to our phone calls, or see our web traffic but they have the ability to... what stops them from outsourcing the work to another country, where there is no constitutional restraint. we outsource everything else, why not our domestic spying?
It has been reported that the NSA shares data, including raw data on Americans, with Israel. Unfortunately, what you are concerned about has already occurred.
sharing information, i think is small potatoes. showing them how to get the information on their own is what i fear.
"Hey, check out this backdoor we found. Enjoy"
The intelligence community works on the principle that it's valuable to have information that other people do not. If they outsource the spying, then other people have that information, right?
Australia, UK, New Zealand, Canada, and the US are all part of the 5-eyes, which have a broad agreement on sharing intelligence.
http://en.wikipedia.org/wiki/Five_Eyes
While they may not share information with say - China - they will share it with one of the other eyes, who could also lend a helping hand in domestic spying.
but if the people you outsource to you are their allies, they may be able to justify it. Besides, it seems the NSA has a gift for rationalizing things away
Current revelations aside, when agencies are prohibited by law from engaging in certain kinds of surveillance, looping other countries in can be a way of purifying the information they desire. In other words, it's not illegal for the UK to spy on US citizens (and vice versa), so if the US maintains good relations they can get backchannel data all they like.
You can't expect me to actually go to jail for what I believe in, can you? Clearly, I can do more from the outside asking for permission! And I get to keep all my money too.
This comment feels really cheap to me. Two big issues:
1. Most people probably are not huge fans of this, but don't consider it a big enough deal to go to jail over it. I'm in that category (double disclaimer: not speaking in any official capacity for my company).
2. Even if someone DID think it a big enough deal, it's not easy to be a martyr. If it were, then presumably you would have already found yourself a job at one of these companies then spilled the beans. Considering you're commenting on HN, not languishing in prison, I can only guess that you find the prospect of such martyrdom much less appealing than your comment seems to indicate.
I'm not languishing in prison (yet). I certainly don't find such prospects appealing in the least. But my values are not hobbies. If push came to shove, prison is where I'd go. Granted, having a publicly stated policy of whistleblowing will likely put me on the bottom of a very long list of candidates for employment at these companies. (Well, it seems not to be the case with Google yet. I get prodded by one of their recruiters every semester, asking if I'm graduating yet or not. I'm unsure of whether I have the kind of technical chops they're looking for, but I suspect that even if I do, my personal convictions would leave the deal dead in the water.)
Hardly. I'd disclose that I will not carry out immoral or unethical behaviour on behalf of my employer, and will follow all protocol in pursuit of stamping it out, up to and including whistleblowing. That sort of attitude used to be a plus, dare I say something that was implicitly understood between the two parties. It's the sort of thing that you'd think people would want to ensure wound up in the contract all new hires signed when brought on board. I find it remarkable that such a policy would make anyone unfit for employment with anyone else. I'd like to think a company like Google would agree with such a policy. Their executive chairman seems to think as much:
"If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place."
OK, to me this reads, "No, I'd not disclose anything that jeopardizes my chances to be that whistleblower. I'd just disclose the main thing that jeopardizes my chances to be that whistleblower." I'm not trying to be (overly) confrontational, but I can't spot the difference between what I asked and what you said you'd do. It just seems like you've constructed a scenario where you will never be called upon to do what you seem to think is such an obviously good choice, and therefore I have trouble seeing how you came to the conclusion that the choice is easy or obvious.
No comment re: anything after "It's the sort of thing . . ." I don't know the company's employment policies in this area and wouldn't talk about them even if I did.
You asked me if I would let myself off the hook for blowing the whistle because I told my employer in advance that I would do so. I wouldn't characterize it as letting myself off the hook, because there shouldn't be a "hook" in my clavicle mandating unethical behaviour in the first place. I'd characterize it as doing the right thing if for no other reason than being ethically obligated to do so. Blowing the whistle should never be a "letting myself off the hook" gesture. It should be the expected default choice of action when the protocols put in place to address bad behaviour are being subverted.
>"No, I'd not disclose anything that jeopardizes my chances to be that whistleblower. I'd just disclose the main thing that jeopardizes my chances to be that whistleblower."
>It just seems like you've constructed a scenario where you will never be called upon to do what you seem to think is such an obviously good choice...
It seems the nail has met the head. Now, I don't know if you are indeed a software engineer for Google or not --and perhaps I'm torpedoing my own opportunity to join the ranks a year or so from now-- but Hacker News does seem to have quite a number of folks online that are genuinely involved in the thick of the industry. Of course, I understand that you cannot, will not, confirm or deny, comment or speculate. But you've brought about the very point I'm raising: Why on earth would asserting that I would behave ethically, affirming that I would blow the whistle if the protocols in place to address such issues failed, constitute "[disclosing] the main thing that jeopardizes my chances to be that whistleblower"? Why would such a statement constitute "[constructing] a scenario where [I] will never be called upon to do" the right thing? What is it about stating "my loyalty is to the company up until I'm expected to behave immorally, unethically, or illegally" that makes every last employer want to run for the hills?
>...and therefore I have trouble seeing how you came to the conclusion that the choice is easy or obvious.
I didn't come to either conclusion. Whistleblowing is neither easy nor the obvious answer. But when it becomes clear that it is the only viable answer, when every other avenue of objection is exhausted, it most certainly does become the right thing to do. Everyone has their own excuse for staying silent. They can be perfectly valid excuses. I wouldn't expect someone to blow the whistle if their dependents would be ruined by it. I wouldn't expect them to blow the whistle if they genuinely felt that it would make absolutely no difference and leave them forever destitute. But that doesn't make it right. Just excusable. And in the tech industry, a knowledge industry dominated by single, unattached, 20 somethings, I find it hard to believe that every last soul could have a valid excuse.
> Why on earth would asserting that I would behave ethically
Let me construct a parallel scenario that might make it obvious to you. Let's suppose you're hiring a nanny to care for your children while you are away at work (not that you or I could necessarily afford such a thing). You tell the candidates your requirements for how the children should be treated while you are away, including what food they may eat, what shows they may watch, the ways, if any, they might be disciplined etc.
One of the candidates, upon hearing these requirements, declares that he will follow them up to the point he feels they violate his ethics or morals.
No, of course you wouldn't hire a nanny who doesn't spank if you require them to spank your child under certain circumstances. You're talking about dealbreakers, and that is something that should be brought up as early as possible in the interview process. For both nannies and knowledge/technical workers.
Seems like a very interesting example to choose. Hiring a nanny for your child is one of those cases where you would absolutely want to fully vet each candidate. Are you suggesting you'd sooner leave the nanny's ethical and moral compass as a question mark than fully investigate what his or her ethics and morals are? This seems like a case where someone's ethics and morals are absolutely required to be known, not left as an exercise. Of course, most people rely on friends and family for such jobs for precisely these reasons. And if I had to hire a stranger, I'd absolutely be interested in knowing about their ethics and morals. Given my limited ability to get to know every last person, I'd prefer to hire from a reputable agency (so much as you can trust their reputation, in any case).
The reality of course is that every candidate will follow your orders up until he or she feels they violate his or her ethics/morals. Whether they're open about it or not is irrelevant. If you ordered them to abuse your own children (of course you wouldn't, but we're both being good-heartedly facetious here) you could reasonably expect them to turn you in, whether they were up front about it during an interview or not. Playing coy about the matter during an interview is a recipe for disaster on both ends.
That is a fair point. But I take it you understood what it is that makes it hard to hire a candidate when their ethics go against what a company believes is ethical, and/or what a company is legally bound to do.
Also, don't worry about what you say to me. I'm nowhere near important enough for that to matter.
Probably naive, but what would happen if Google, Facebook, MS just started disclosing everything? What are they going to do shut them down? Seems silly to me that these huge companies can't just give them the middle finger and show them that they're not going to be bullied any longer.
Yes, the US government does have the power to forcibly shut down US based multinationals for violating US law and sending the appropriate people to jail. At worst they could forcibly nationalize Facebook if they felt it was part of critical national infrastructure/upset too many voters. And I don't believe they are less scared of a nuclear Iran than they are of MS.
I'll note that the U.S. justification is essentially the same justification made by the "metadata is data" piece by der Spiegel a couple of months ago; if you have enough data about something, it doesn't matter that you don't disclose the contents of that data directly, the harm is already done.
Oddly enough, this time it's the tech companies arguing the opposite (that disclosing specific metadata only is OK and not hazardous).
Be careful what you wish for. A big slice of the tech industry builds surveillance technology and sells it to anyone globally. Would you trust such a lobby not to lobby for protectionism if US companies were losing business to overseas providers of verifiable secure services?
There are already people lobbying heavily for all the shitty things I could see a tech lobby lobbying for. MPAA/RIAA, protectionist labor unions, 'military-industrial complex', etc.
Tech lacks representation though, particularly compared with how much lobbying much less affluent industries manage to do.
I think specific parts of tech, lobby specifically, for their specific interests - and those specifics aren't aligned with other players.
Far be it from me to understand the finer points - but to my mind, youtube isn't a whole lot different from megaupload - but you can bet Google has top class lobbyists and lawyers, whereas megaupload did not.
Everything on Youtube is publicly indexed. It's therefore accessible to copyright holders and authorities. Megaupload (and all file lockers) were set-up as if your uploads are personal and private, but to still allow files to be shared by passing around direct URLs. This is why Rapidshare (who were once one of the biggest of them all) ditched their sharing capability and are now left alone. It's the cliques that are the problem to vested interests, not the frivolous sharing.
That is not actually the case. Youtube has a concept of both private and unlisted videos. Unlisted videos work similarly to how you describe Megaupload:
"Unlisted videos
Making a video unlisted means that only people who have the link to the video can view it. To share an unlisted video, just share the link with the people who you’d like to have access to it, and they’ll then be able to see it. Unlike private videos, the people you share the video with do not need to have a Google account to see the video, and they can share with more people simply by forwarding the link to them.
Unlisted videos won’t appear in any of YouTube's public spaces, like your channel page or search results."
Ok, put another way... all videos on Youtube are videos and relatively transparent, easy to view and inspect. On a file locker your files are opaque mysterious entities that the site can't hope to inspect.
Not to incriminate myself or anything, but I have been given copyrighted documents with Google Drive. (Though I've ingested many orders of magnitude more copyrighted documents through youtube...)
I don't follow. In what way was megaupload inaccessible? Rapidshare have had to ditch their sharing capability - and yet youtube continues unimpeded. Can you explain what I am misunderstanding?
The difference is that Youtube takes advantage of the DMCA safe harbor provision by responding to DMCA takedown requests. Indeed, the Youtube/Viacom litigation was instrumental in the current understanding between media companies and internet companies that sharing sites could operate freely as long as they complied with DMCA requirements. Megaupload in comparison made it a point to bill itself as a facilitator of copyright infringement.
I'm not sure I remember it billing itself as a facilitator of copyright infringment and I do seem to recall megaupload responding to DMCA requests. I remember in response to their indictment megaupload said that the DMCA requests they didn't respond to were on machines that had some other legal instrument demanding they not interfere with the evidence.
I wasn't sure how youtube's private videos worked but jlgreco has explained above - further blurring the lines in my view between megaupload et al and youtube.
I think the litigation you mention is evidence of Google's lawyering and lobbying prowess.
No, from the available information (including the indictment) it did not appear that Megaupload complied with DMCA laws. Specifically:
(1) They sought to rate-limit DMCA takedown requests
(2) They operated the service with red-flag knowledge of copyrighted content, such as when a user complained that the video quality of the Showtime show "Dexter" was poor, and Kim Schmitz mailed his team to work on improving the quality of that content.
(3) They themselves used the service to exchange copyright-encumbered material, such as the movie "Taken".
(4) They operated a paid incentive program to get users to upload copyrighted content, and in their itemized performance reports for the program acknowledged repeatedly that the content they were paying for was copyrighted.
1) I don't have anything to disagree with here specifically: it would be easy to make a case that youtube were more responsive than megaupload. (though I don't know any of the details - I'm just assuming) I doubt megaupload had youtube's resources - another assumption.
2) 3) and 4) I think youtube staff were just as bad if not worse. From Google/Viacom - you can see email transcripts on page 7 onwards (numbers being at the bottom of the page)
4) further to above - I do think youtube channels make money - and copyright material can be a source of that (though it should not be by their rules). Youtube now have detectors in place - that wasn't always the case. Megaupload could have done similar.
I think what really swung it for Google was catching Viacom uploading their own material, and yet suing for it, but again I'm not 100%
Also youtube weren't dealing with an FBI sting and it went through the courts. (I think that is where the lobbying aspect comes in - wild speculation, sure, but there is a marked difference in treatment)
Thanks for digging that up. It's instructive to read the evidence in the Viacom suit and compare it with the MegaUpload indictment. Again and again, the management of Youtube struggles with the copyright problem. Clear directives are given to remove full-length videos. The legality of clips from Comedy Central are constantly questioned. When Jawed Karim himself posts a copyrighted video, the rest of the team seems angry. And yes, repeatedly, the Youtube team is shown to be sensitive to the impact that copyright enforcement will have on their user stats.
There is no such conflict in the Mega emails. Kim Schmitz is show repeatedly to be concerned solely with maximizing the value of the content Mega stores to users. The operators of Megaupload are repeatedly shown to be aware of specific infringing content --- sometimes because they themselves used it, sometimes because their users pointed it out, and in some cases because they paid to have it put there.
Could there have been a criminal infringement charge leveled against Youtube? Based on this evidence, it looks like "maybe". But would DOJ have won the case? Almost certainly not. Read the judgements in the Viacom case. The founders are repeatedly found not to have had awareness of specific infringements. The DOJ doesn't bring cases it doesn't think it can win.
> There is no such conflict in the Mega emails. Kim Schmitz is show repeatedly to be concerned solely with maximizing the value of the content Mega stores to users. The operators of Megaupload are repeatedly shown to be aware of specific infringing content --- sometimes because they themselves used it, sometimes because their users pointed it out, and in some cases because they paid to have it put there.
Agree with everything you wrote except the above. Basically the disagreement is on the source materials - one is a naive Viacom and the other is an indictment. So I think the indictment is cherrypicked "better" than Viacom managed.
If e.g. the FBI/DOJ were going after youtube I think they would have quoted more selectively than Viacom did.
Unless the full text of Mega's emails are out there - I can't be sure there's no conflict, I'm sure someone could dredge up him ordering something taken down.
Again with "repeatedly" and "specific" - the youtube emails, for all their conflict are repeated and specific, many times. There's also instances of youtube employee's grabbing stuff from other sites and putting it there themselves, which mega are accused of. I'm pretty sure with youtube's channel system, copyrighted content is paid to be put there in the same manner, though I'm not sure how youtube's early users were compensated.
I doubt the thought occured to them to bring a criminal case against youtube - that's one of the points I'm wildly speculating on - or if it was the case, lobbying stemmed it.
The full text of Mega emails are included in the indictment. If Viacom could have quoted anything of a similar magnitude, they absolutely would have. You should read the indictment. It's damning. And fun reading!
I remember enjoying reading the indictment, but I don't recall all of Mega's emails being there, that's what I was getting at. Given a sufficiently large sample - I'm sure you could find exonerating material.
How do you exonerate the guy who has one of his users complain that a pirated Dexter video has poor quality and then complains to his team about the low quality of the pirated Dexter videos on his site? He's been caught red handed.
The only argument I've ever heard that could exculpate Schmitz is that "perhaps the video uploads could have been authorized." But that beggars belief. No reasonable person on a jury would buy that Schmitz seriously entertained the idea that those videos were authorized uploads.
Well I've set the bar low to mean exonerate the guy to the extent that he's only as bad as the youtube crowd:
"On September 23,2005, YouTube co-founder
Chad Hurley emailed YouTube co-founders
Steve Chen and Jawed Karim, stating: "can we
remove the flagging link for 'copyrighted'
today? we are starting to see complaints for
this and basically if we don't remove them we
could be held lìable for being served a notice.
it's actually better if we don't have the lìnk
there at all because then the copyright holder
is responsible for serving us notice of the
material and not the users. anyways, it would
be good if we could remove this asap."
Their only mitigating behaviour is the moral dilemma they exhibit, I'm sure something similar could be pulled from Mega's email archives - again my point being the FBI/DOJ are better at making a case than Viacom.
I don't know if the Google/Viacom litigation says anything about Google's lobbying prowess. Google is just trying to take advantage of the DMCA safe harbor, which is as old as Google itself and quite a bit older than Youtube.
For those companies that are already public (so not dependent on ability to raise capital), why don't just move all operations overseas and get immune to U.S. government? Prohibitive costs of bandwidth?
You can't fight things like that in court, it's as hopeless as Khodorkovsky's attempts to defend himself. Only things that work for businesses is moving out, for people - using strong encryption on personal level.
I don't say that legal way should not be taken, it is still good but just to show how far the government is willing to go to defend it's violations of human rights - which should make things clear to those who are still in doubt.
SC has a lot of deference to the Congress, and will go out of the way to find some convoluted legal language to justify something if it can be justified. So if the Congress and US public will be OK with mass surveillance, SC would not ride in on the white horse and save them from themselves. It would say "it's constitutional because of the precedent in 1834 that says blah blah blah and decision in 1928 that says foo bar bar foo, and you can't really expect privacy when you sending data out anyway, if you want it private, don't send it to nobody".
How about they stop requesting and start spilling the beans? Or at least ensure that the relevant evidence winds up in the relevant laps of the relevant journalists. The White House can selectively leak whatever it feels is beneficial to them with impunity. I find it hard to believe that there isn't a single person in any of these companies that hasn't already taken action. Just wait and see I suppose.
Part of the problem is that these companies have a lot of incentive to remain on friendly terms with the government. Suppose you are a telecom company and you want to lay some new fiber -- do you really want to be the company that rebelled against the government? Would Microsoft, which was supposed to be broken up for antitrust law violations, really want to be a company that rebels against the government?
Sure, individual employees might leak the information, but they would being taking a great personal risk by doing so. Ed Snowden was not the only person who was aware of these programs and had a problem with them; yet he was the only one ready to give up his livelihood to leak the information.
Qwest simply refused NSA surveillance requests, and were rewarded with the cancellation of a government contract and having their CEO charged with securities fraud.
Is there evidence that the securities fraud charges were actually caused by their refusal? Or were they caused by the fact that the guy said Qwest was doing well and sold ahead of a huge downturn in prices? As far as I can tell from Wikipedia, the charges would have stuck irrespective of the NSA stuff.
The downturn in the stock came after the government dismissed the contract. "Induced" insider trading by the government manipulating the stock to tank, then prosecuting in some people's opinions.
If these companies were serious about protecting their customers, they'd band together and block government mandated mass surveillance entirely, from A to Z. Given their size of the market, the government can't and wouldn't shut them down.
The US intelligence community has a long history of going right to the communication source and obtaining raw data from public companies. In the 1920's Herbert Yardley's "American Black Chamber" worked with Western Union and other cable companies who turned over interesting cablegrams and radiograms.
In 1940 [before the US entered the second world war], the military assigned Lt Earl F. Cook to read and copy cable messages that passed through RCA's office with the consent of RCA's president, David Sarnoff.
After the war, there was of course project Shamrock.
http://en.wikipedia.org/wiki/Herbert_O._Yardley#The_American...
http://en.wikipedia.org/wiki/Project_SHAMROCK