The depressing part for me is that I've started to consider what I search for on a daily basis and how that might look...essentially they are starting to make me paranoid.
Over the last few months I've googled
Numerous Weapon Systems (I have a fascination with WW1, WWII and Cold War history - stuff like Black Arrow etc).
Religion uses this, "don't think naughty thoughts, God will record it and you'll pay for it later". NSA is God except that NSA exists and is real.
Here your search is a bit like your thoughts. Any of those things you listed, possibly could have landed you on the "naughty list". So now you start to really worry about what you search for. If you can't research or find info about, well might as well not think about things at all at some point.
Before you used to go to the library. Except that they can monitor that too and it is terribly inefficient.
I grew up in Soviet Union and I remember being told by my parents not to mention or talk about certain things (criticizing the party, telling jokes about politics around strangers, ..., and so on). But at least you knew, if you are in the country side with your family you could crack jokes at the stupidity of bureaucracy. And then when I came here the big "selling" point of the country was "you have all this freedom, and this is something you really need, want and is the best thing in the world". But just like you, I started in the last 3-5 years to kind of think for a second before searching for things. Or when I write an email to a friend, I am careful if I am a bit too sarcastic or making a joke about the president or whatnot.
Not saying we'll end up in a labor camp anytime soon, but the tragedy is that this kind of control and monitoring so disturbing vis-a-vis propaganda and the expectations of what this country should be. In totalitarian regimes at least it is clear and understandable what is going on and what is expected of people. Here it is "freedom, dreams, realize yourself, pursue your happiness" but effectively what we think about is restricted.
Thanks for the interesting post, as I mentioned in the first post I have a fascination for 19th and 20th century history and the parallels to some of it are horribly stark (so stark in fact I can't believe that the people in power haven't spotted them which leaves me with "this is what they want").
Secret courts, no right to due process, no right to face your accuser, the presumption of guilt on political grounds, secret warrants, an out of control security apparatus, extra judicial killings, curtailing on the right to free protest, right to free speech...
Thanks to our reliance on modern communications and technology the state apparatus can assemble data warehouses that the most optimistic of STASI operatives wouldn't have even dreamed possible and we seem to be sleep walking into a police state more pervasive and insidious than anything we've ever seen.
"If you want a picture of the future, imagine a boot stamping on a human face — forever."
But if you delve into that history even more, you'll note that it was accompanied by a pervasive sense of dread and fear even amongst those who were not being persecuted. In Nazi Germany, for instance, it was not just the Jews who lived in terror of the Stasi (edit: mixed up my history, not Stasi, but the "death squads" -- the Stasi came after the war, but even more feared), but all German citizens in general. The reason was probably that the Stasi made no attempts to hide their activities, just as the various Islamic groups and Mexican drug gangs don't today. Publicity of their acts to spread terror is the very tool these folks rely on to exert their control.
People who draw parallels between the actions of today's intelligence agencies and the agencies of oppression of yesteryear uniformly miss out on this key difference.
> People who draw parallels between the actions of today's intelligence agencies and the agencies of oppression of yesteryear uniformly miss out on this key difference.
Except that sense of dread doesn't come into place instantly it will lag behind the apparatus that causes the dread.
The flaw in the "thought control" premise is that the NSA never intended their monitoring to be revealed, so you'd never restrict your thoughts.
Unless... Snowden is an NSA operation to subtly begin exerting thought control! Brilliant! Now that I think about it, "Snowden" even sounds like a codename for an NSA operation.
I didn't say it is conspiratorial and intentional. Of course they don't want those they monitor to know they are being monitored. The thought control element is a byproduct of constraints, rewards, and bureaucratic setup. So nobody probably sat down or met on some secret island to set this, but nevertheless that effect is there.
That quote, and the mentality behind it, used to drive me to obsessively parse my language to avoid having something twisted out of context. Since then I've realized those efforts are largely for naught: anyone who would judge you based on six lines lacks the compassion or wisdom that would merit giving any weight to their judgment, anyone who twists your words and is powerful enough to do so won't be hindered by your care in trying to avoid it.
I think the real lesson in there is to be slow to judge and not let others suck you into joining the outrage mob based on thin arguments or weak evidence.
An institution directed at the control of thought in the European world, based around weekly surveillance of the conduct and thoughts of every human being. Based around the censorship of all reading material and in the end based upon the ability to predict and to punish unorthodox thought.
We begin therefore where they are determined not to end, with the question whether any form of democratic self-government, anywhere, is consistent with the kind of massive, pervasive, surveillance into which the Unites States government has led not only us but the world.
This should not actually be a complicated inquiry.
A few months ago, I spend a good hour or so googling and reading about Anthrax strains, dispersal, etc. after seeing something about it on TV and getting curious.
I realised afterwards it might look a tad suspicious if NSA/GCHQ/etc. picked up on it. Oh well.
Because that's what this leak seems to be implying.
Are you looking at the evidence or the articles written about it? Because the evidence is simply that there exists a method to select Tor-related traffic out of a stream. That alone is nothing. You know very little about what the input is or where the output goes, or what conclusions are drawn by the people analyzing it.
To reach the paranoid conclusions that are getting such traction around here one has to presume that the same institution competent enough to construct this collection apparatus is so fantastically braindead as to make, on a continuing basis, elementary mistakes of analysis on the data that would undermine both their avowed purpose and whatever totalitarian scheming one wishes to imagine is "really" going on. Mistakes which, somehow, miraculously, every single reader with the slightest bit of understanding of the subject matter detects and avoids! I don't buy it.
/*
These variables define terms and websites relating to the TAILs (The Amnesic
Incognito Live System) software program, a comsec mechanism advocated by
extremists on extremist forums.
*/
Linux Journal is listed there, as a ‘website relating to TAILS’, not as an ‘extremist forum’.
// START_DEFINITION
/*
These variables define terms and websites relating to the TAILs (The Amnesic
Incognito Live System) software program, a comsec mechanism advocated by
extremists on extremist forums.
*/
$TAILS_terms=word('tails' or 'Amnesiac Incognito Live System') and word('linux'
or ' USB ' or ' CD ' or 'secure desktop' or ' IRC ' or 'truecrypt' or ' tor ');
$TAILS_websites=('tails.boum.org/') or ('linuxjournal.com/content/linux*');
// END_DEFINITION
... assuming this file is even what it purports to be.
I understand Hacker News users aren't likely to think critically when it comes to stories about the NSA but you would expect more of them could actually read code.
TAILS_terms=(word('tails')
and word('linux' or ' USB ' or ' CD'
or 'secure desktop' or ' IRC '
or 'truecrypt' or ' tor '))
or word('Amnesiac Incognito Live System');
because (1) you need to disambiguate the common word 'tails' but surely not the specific name 'Amnesiac Incognito Live System', and (2) you don't want to miss [tails CDROM].
"the agency is targeting anyone who is interested in online privacy" - not so surprising, is it. I wonder what other similar criteria there are for being considered an "extremist"? No Facebook or other social networking accounts? Uses Linux? Makes certain types of comments online that support privacy (like this one)? ... It's really unsettling.
On the other hand, now that this is out, I think the NSA will suddenly have a ton more "extremists" to look at.
> NSA will suddenly have a ton more "extremists" to look at.
Let's say that in NSA's dictionary, extremist means "Anyone with even a small potential to alter the course of society, the economy, or technology."
Those people, plus a comfortable margin, might be 5% of the population. The NSA probably has the resources to examine all the electronic communications and do high-quality transcription of verbal communications of that 5%.
Even trying to make that targeting more selective would be, in the NSA's worldview "counterproductive."
I'm always curious to hear people talk about "alter the course of society" or "change culture" or whatever, what they think that means. What does the NSA think is the "course" of things? Because ultimately, I see it as a tautology: the course is whatever it is, it is whatever the aggregate of its constituents make it. So please, tell us NSA, what prescience do you have to know what it should and shouldn't be?
Consider this. NSA are the ones who are providing intelligence reports to the different parts of the government. They very likely employ a number of psychologist and sociologists. (I can not verify this, it's just a morbid hunch.)
What is there to prevent them from biasing (or slanting) the intelligence so that they continously keep nudging the perceptions of those reading the reports? The names for this are numerous; thought influence, advertising, even brain washing in extreme cases.
Or in other words - for the NSA, the course of society may well be what they can make the government want.
So now they can legally do targeted investigations of even more people, or was that the FBI who needed their victims to fulfil one of a set of specific criteria? (Such as being n social steps from another victim.)
What I am really keen to know is whether revelations like these have any impact on the "would love to work for the NSA fanboy". Do they continue to be just as keen and rationalize these things away, or does it make them ponder a bit.
Things have indeed been getting scarier by the minute. Interest in Linux is not treason, yet, but I cannot/dont rule out that it could be, for some value of 'Linux'.
Several trends in political/informatic/economic structures does seem to be headed towards the medieval side.
I briefly met a guy who worked for US intelligence (can't remember specifics). I asked him about the NSA. First, he told me he couldn't say much. Then he said "Well I don't wanna brag, but the NSA really has caught a lot of terrorists, and is way more competent than the media makes them out to be." This leads me to believe that either: all these press articles paint a distorted picture; or the level of rationalization is pretty high.
Being stupid suckers for set up set pieces, or searching for pressure cooker based recipes for quinoa (not enough to be arrested, sorry, gitmo'ized, but enough to be questioned)[0].
EDIT: @csandreasen I did not mean to imply that the quinoa incident was NSA related, but to give an example of what could happen as we veer deeper and deeper into a culture of surveillance and assumption of bad faith. Criminalization of sarcasm is another thing that will happen / has happened.
The "surveillance state looking for pressure cooker searches" ended up being complete paranoia and shoddy journalism. Yes, a New York man was visited by the police and questioned by local police regarding his Google searches for "pressure cookers" and "backpacks". It turned out that it was not an Orwellian surveillance state that tracked him down, but rather that the local police were following up when his employer viewed its own network logs, became suspicious and alerted the authorities.
I have also heard many cases of terrorists being caught but most of them were simply searching on the Interner about it and some agent showed up and provided them with moral support the means and opportunity to attempt something thus becoming a terrorist. Indeed there have been many arrests. But most of then were not active terrorists before meeting with the agent. But they were terrorists in the legal sense of the term, since thinking about terrorism makes you a terrorist.
To be honest though, if someone was downloading tails from region of know terrorist activity and such systems are actively promoted amongst terrorist sites then it obviously makes for a good target. But the Linux Journal ..comon.
Nowhere in the evidence is there any indication that the NSA classifies Linux Journal as an extremist forum, or that it considers the readers extremists.
Your employees have probably already been screened as risk averse nerds without a social life outside of the near area. Sure, you'd monitor their movements and those of their family members, but statistically it'd be unlikely they'd move too far from a pretty boring norm. After all, they're prohibited from visiting interesting countries and are probably watched or flagged if they visit even other US states. Is it unlikely that their movements are not routinely monitored by cellular site presence and/or numberplate recognition?
I think you would target high ranking politicians... because the option to blackmail them ensures you an uninterrupted and growing black budget.
You would target communications businesses... because compromising a properly placed employee grants you access to the sum total of customer and peer communications through their networks.
You would target media... because a jump on a popular change in public sentiment is very actionable intelligence, both to multiply funding (through investments prior to predictable market response), and to further control politics.
You would target diplomats... both for tradition's sake, and because borders are the most easily grasped us-and-them (divisive) tool in the post 20th century semantic playground, giving you options for powerful public sentiment manipulation through selective media generation. However, realistically for most embassies worth their salt you'd know these groups are largely not going to do anything remotely surprising that you can pin to them through pervasive communications intelligence gathering.
Probably also, you would target multinationals, because almost all of them are doing something dodgy, somewhere, and that gives you tremendous leeway for behavioral modification.
But in reality, the majority of these can be monitored very effectively on an automated basis with near zero effort once you have full visibility of various domestic financial networks, the SWIFT international financial network, credit and debit card networks, electronic information on intended travel (passenger name records) and border crossing (whoops! I-lost-my ... new passport number, anyone?), and the public switched telephone network.
Email, social network and general web use are cute extras, and probably greatly useful just for delving in to people's character and actions, communicative profiling (grammar, typing style, languages known), interest profiling, waking hour and social network profiling (beyond just phones), etc. But I don't think it's necessary to go to that point most of the time ... the broad metrics are already available and probably extremely reliable unless people are making a concerted effort to bypass dragnet surveillance activity. (eg. By avoiding all of the above networks... damn hard these days, it would seem, for any length of time)
The NSA's problem is that new threats are a form of innovation, but that it's hard to predict innovation, and harder to target surveillance towards people planning a dangerous activity if nobody has seen that activity before. New ideas are a threat.
So perhaps their method is to define Normal, and then monitor everybody Abnormal, on the basis that dangerous innovation is more likely to come from the Abnormal.
Enthusiasm for Linux isn't as abnormal as it used to be, but it definitely puts you in the "dangerous 1%".
I could see a group of analyst deducting that people interested in traffic privacy fall into two groups. Technology intent and nefarious intent. If you were looking for people with nefarious intent, then that would lead you to monitor the tools that those in the nefarious group would use. This article feels very much like link bait for the technology activist.
You don't put a DUI checkpoint outside the library you put it outside the pub.
My point being that they tasked intelligent people with finding "terrorist" and this search pattern is a natural evolution of that task. Policy aside.
But what if they view the technologists as "incidentally" aiding the group with "nefarious intent". Remember a US president in our lifetime said: "Either you are with us, or you are with the terrorists."[1]
The treatment of Jacob Appelbaum[2] and David Miranda[3] suggests that members of US/UK Government may believe that if one provides "incidental help" to the current ideological enemies of the US you are a terrorist/extremist or at the very least targetable under terrorism laws (Miranda was detained under schedule 7 of the Terrorism Act).
Schedule 7 of the Terrorism Act of 2000 does not require a person to be a "terrorist" or imply that anybody detained under its authority is thought to be one.
Notice that I said, "Miranda was detained under schedule 7 of the Terrorism Act", this statement does not contradict your statement.
I am not a lawyer and I am in no way familiar with UK law, but my reading of the law is given below:
tdlr; Section 7 applies people that the officer wishes to determine are terrorists defined in Section 40(1)(b)[1]. It does not require evidence, but the purpose is to determine if the person is, in fact, a terrorist.
Section 7 states: "For the purpose of satisfying himself whether there are any persons whom he may wish to question under paragraph 2 an examining officer may—"
Paragraph 2 states: "An examining officer may question a person to whom this paragraph applies for the purpose of determining whether he appears to be a person falling within section 40(1)(b)."
Section 40(1) (b) states: "In this Part “terrorist” means a person who— (a)has committed an offence under any of sections 11, 12, 15 to 18, 54 and 56 to 63, or (b)is or has been concerned in the commission, preparation or instigation of acts of terrorism."
You also said that "members of US/UK Government may believe that if one provides "incidental help" to the current ideological enemies of the US you are a terrorist/extremist", which you haven't shown at all, and that "at the very least targetable under terrorism laws", which is meaningless, because anybody crossing the border can be detained and questioned by that statute.
This policy is significantly similar to the subpoena policy in most US states. With the exception of the questioning being court ordered. In most states police can detain and question numerous people in the course of an investigation without a subpoena.
If you were to have concern about the JA incident your primary argument should be with the seizure of assets not with the detention and questioning.
The presumed search of material on JA and his partner are the only issue that is not within the norm in the US, but is actively being deliberated about in the courts. The act of searching a cell phone specifically while you are detaining someone for questioning is being actively challenged in the court system.
In reference to schedule 7, the questioning of a concerned party within a specific context that is being used in the commision of crime is commonplace in most if not all policed states. For example a comparison would be the detention and questioning of Target IT department following the breach of their system last year. They are not a suspect but are directly concerned with the commision of that crime.
This is exactly who an intelligent group of analyst would target for completion of their task.
The problem is that you misconstruing the They that are policy makers and the they that are the individuals that wrote these configuration files. The transfer of little theys actions onto big theys policy is flawed logic.
If I told you to find a bug in a large code base, there are two gross options. Scour the code yourself(xkey) or talk to an original author(JA). Those tasked with monitoring TOR obviously chose to try both approaches.
The value of a target always dictates the cost tolerance of the acquisition process. ie detain JA at political cost.
Lastly, the inference that JA detention was something other that a collection action and somehow a "terrorist" designation is disingenuous.
Over the last few months I've googled
Numerous Weapon Systems (I have a fascination with WW1, WWII and Cold War history - stuff like Black Arrow etc).
Insurgencies during the British Empire
Electronics (want to get back into and saw a fun project to make on reddit the other day) - http://www.youtube.com/watch?v=movVFYWheGM
Linux stuff (settings, security, the usual stuff a developer/system administrator would look at).
Programming stuff (relating to security, encryption etc)
NSA related material (following the story closely).
Setting up a VPN (so I can access Netflix US because Netflix UK is basically crap).
The US constitution and some case law.
NSA Report: "User noir_lord has an interest in privacy, weapons, insurgencies and excellent technical skills, user noir_lord should be monitored"
Where in reality I'm a 34 year old web developer from the North of England who enjoys history, techy stuff and playing with my cats.