This was an interesting and early revelation, but it wasn't until the Snowden documents that we understood what this closet really meant. We had no idea the government was recording every phone conversation in the u.s., every email, etc... We still had some hope that the rule of law as being followed and that this closet was just a way to make targeted surveillance easier.
> but it wasn't until the Snowden documents that we understood what this closet really meant.
> We had no idea the government was recording every phone conversation in the u.s.
> We still had some hope that the rule of law as being followed
All lies. This was well covered on slashdot when it happened. We all knew exactly what it meant.
Snowden's release was iron clad and incontrovertible, which was refreshing, but it also detailed the extent to which private tech companies outside of AT&T were aiding the federal government in their illegal activities.
Even the most paranoid nutbag commenting on those old slashdot threads couldn't imagine how bad it was going to get. Reality outpaced the conspiracy theorists.
Close, I think that the premise the Bush administration used to obtain this information, "dragnet surveillance", was ruled illegal, which exposed the phone companies to lawsuits. Congress then retroactively indemnified them.
Spying on the u.n. based on terrorism legislation is a revelation. Recording of all telephone conversations in the u.s. is a revelation. Recording of all emails, skype, sms, etc is a revelation.
Before discovery of that room everyone knew that there was close cooperation between the telecoms and the government, but we had no idea it was this close and we were shocked at especially the recording of all phone conversations in the u.s.
Even though we had pretty thorough proof of this with ECHELON? Including the EU parliamen report into echelon; and the stuff about the US using it to provide commercial advantage to their aerospace industry?
Risk assessment has always been part of security. And people have always said that you should probably assume a well funded government can and does read everything. This was more of an assumption, but the fact that governments do listen to everything should not have been a surprise.
No, not really with ECHELON. That would have required all phone calls in the u.s. to be routed outside of the u.s., and really the only cooperating country was the UK, even though Canada was part of the group. It wasn't practical to route all communications from the u.s. through the UK, and it probably would have been noticed.
Hopefully companies and organizations like the UN start moving away from AT&T. AT&T is a publicly traded company and so the only thing they understand is profit and loss.
The snowden releases cost u.s. tech companies $100B+, including a 10% drop in Cisco quarterly revenues. Hopefully this continues as multinationals continue to move their business outside the u.s.
Let the u.s. government spy on Americans all they want since Americans seem to like being spied on, while the rest of us move on. I know that mindset doesn't match many of the people here on HN, but Americans are mostly Authoritarian and seem to like the comfort they feel from programs like this.
> Let the u.s. government spy on Americans all they want since Americans seem to like being spied on, while the rest of us move on. I know that mindset doesn't match many of the people here on HN, but Americans are mostly Authoritarian and seem to like the comfort they feel from programs like this.
What exactly is your source on this? If we're going to stick with anecdotal evidence, I (who actually live in the US) have found most people's reaction to the Snowden revelations to be overwhelmingly negative, particularly among younger people.
If we want to look at some actual data, instead of accusations about public opinion by someone who doesn't even live in the US, it appears that a majority of Americans don't approve of the NSA's actions[1]. On top of that, companies like Apple, Facebook, etc. have been implementing end to end encryption so thoroughly that the government is pushing to make it illegal[2].
So I'd thank you to not decide that all Americans like to be spied on, or that we're mostly authoritarian, just because it fits your ideology.
I live in the US too, and as far as I can tell most people are barely aware of anything to do with Snowden. Of those that are, many have a negative opinion and a very unsympathetic attitude towards privacy or civil rights.
My mom thinks spying is great and my dad thinks the first amendment should have limitations so you can have laws requiring you to be sensitive to particular ethnic groups. They vote every single time. My wife and I disagree with both positions, but we never vote. Neither of those issues really bothers us enough to want to take time off work on a weekday, and we don't think there is a point when the boomers have politics locked up for another few election cycles anyway.
My own mom also doesn't see spying as something that negatively affects her/our cohort, but she probably won't vote because she thinks it protects her from jury summonses. None of my family live in a swing state, and so I'll skip an election unless I care about some of the local candidates. My wife and I have started to take more of an interest in politics recently though and it even looks like my state could flip in 2018 or 2020, maybe even in 2016, but doubtful.
I provided the Pew result because my anecdotal evidence is nearly as suspect as the one given in the post (the only difference is that I actually live in the US now). Do you think there is something wrong with the survey?
>Do you think there is something wrong with the survey?
I'm not going to criticize a Pew survey, much, but, I do think that the set of survey participants may be distinct from the people who vote. I also think that when people are answering a survey there is very little emotion involved as opposed to when they are voting; where people are barraged with messages fully intended to stimulate emotional responses. Those are a couple of things that might explain a difference. I'd also note that it has a relatively small sample size (475). So, I don't think the survey is the last word on the matter.
First, I'm American. I've worked on NSA and DoD projects, and I've worked for PGP. I now live in Switzerland.
You only have to look at the consequences of the Snowden revelations. Nothing has really changed - some meaningless legislation was passed that moves the phone metadata recording to the phone companies from the NSA, but even then it's not clear that its stopped - the NSA data center in Utah where those conversations were recorded doesn't seem to be shutting down. I would bet the phone conversation, skype conversation, etc recording is still going on since it was never explicitly addressed anywhere in legislation.
And my comment about Americans being Authoritarian is nothing new - they've long considered to be Authoritarian.
> You only have to look at the consequences of the Snowden revelations. Nothing has really changed...
So your evidence that the public doesn't care about the revelations is that the government (who are the perpetrators of the spying) haven't changed their ways? Could it instead be because when selecting candidates to vote for (for the minority that do vote, which is a separate problem), Americans have prioritized other issues? Do you think that the survey I cited was methodologically unsound, or that people were simply lying?
How about the fact that private companies are responding by changing their platforms to be more resistant to such data collection even under warrant, and publicizing the fact? Why do you think they are doing that, if not to appease the public?
> And my comment about Americans being Authoritarian is nothing new - they've long considered to be Authoritarian.
By who? You? And whether or not the government is authoritarian, how does that imply the people like it?
> Could it instead be because when selecting candidates to vote for (for the minority that do vote, which is a separate problem), Americans have prioritized other issues?
Sure, so you basically admitted to his first point being right. That Americans don't care so much when it comes to their privacy.
> How about the fact that private companies are responding by changing their platforms to be more resistant to such data collection even under warrant, and publicizing the fact? Why do you think they are doing that, if not to appease the public?
Those are PR stunts. From companies like FB that are on record founded by CIA, and having same investors as companies such Palantir, I'm sure bunch of data exchange is happening behind the curtains.
> By who? You? And whether or not the government is authoritarian, how does that imply the people like it?
Unless you are really this dumb, or you just plain trolling, how about the last 20 years of America's political history, for a start?
> Sure, so you basically admitted to his first point being right. That Americans don't care so much when it comes to their privacy.
It means that they either don't care, or that they care about other issues more (foreign policy, economy, etc.). Even sticking to issues with technology, I am far more concerned about banning end-to-end encryption without key escrow than with legislation to ban wiretapping. The US government has a long history of doing illegal wiretapping anyway, so I think the better solution is for private companies and citizens to make it more difficult practically, not legally. Does that mean I don't care about privacy?
> Those are PR stunts.
Which is exactly my point. Why would they perform such stunts if the public at large didn't care about wiretapping, or if they mostly supported it?
> Unless you are really this dumb, or you just plain trolling
Thanks. That was a great rebuke to the way I personally insulted you and everyone else who has been a part of this conversation.
> how about the last 20 years of America's political history, for a start?
That is definitely evidence that America's government was and is authoritarian in many aspects, which I wholeheartedly agree is the case. It is also evidence that the voting segments of the population for the past 20 years (and further) have a similar bent. However, my issue with the original post is that he made a blanket statement about Americans in general. I don't think it's a great thing that the majority of Americans don't vote, but as a result this can only possible suggest the attitudes of a minority of Americans. That is why I prefer to judge what the public thinks about an issue by a poll, not by elected officials, or by anecdotal evidence (mine or anyone else's).
Or maybe it is just that the segment of the public that is expected to vote doesn't care.
I don't vote, and I care about this issue. Why don't I vote? Mostly because the things I care about are not made campaign issues. That might be common.
You don't have to vote on every issue, candidate, or seat – there's no penalty for skipping questions. I do this routinely for issues where I either (a) don't feel qualified/informed enough, or (b) only a single candidate is available (writing in "no confidence").
If you care, please vote – even if it's just for the one guy who pledges to hold the NSA accountable for its actions.
> So your evidence that the public doesn't care about the revelations is that the government
OP thinks that because the people are supposed to be in charge of the government. If the people really want to change something, they should be able to change it - i.e. see what happens in France when an elected leader tries to take away a single day of maternity leave or change benefits - literally millions of people rally in the streets, then that person gets voted out, almost immediately.
Now, if the people of the United States are not in control of their government, you have a whole 'nother issue to solve.
It's very hard to move away from telecom companies. You may switch your direct services, but whoever you switch to will still use AT&T backbones and the like. All the big telecoms are guilty of being complicit with the government, what would make a difference is one taking a stand like Apple/Google has regarding encryption. That would put pressure on the others to follow suit.
There is no sense in trying to bend all the middle men to our will. The problem is broadcasting anything in the clear. Being able to effectively encrypt data at the IP level is what really needs to happen.
Google and Apple are still subject to the same pressures applied by warrants, subpeonas and national security letters.
I'm not really sure what you mean by encryption, though. Apple's iMessage may be encrypted, but their key exchange can be MitM'd easily.
Realistically you wouldn't use a service that exists because of the profit motive or is in the US. It will continue to operate to drive a profit while working with the government to stay in business.
Google Fiber is for the last mile, consumer/business users.
I'm suggesting a non-profit organization or entity that is a holding company for dark fiber assets for tech companies, with a charter that specifically protects the privacy and integrity of the packets that travel over it.
If your packets run over AT&T, you clearly have lost. But if you control physical access, the only way the government is going to gain unlawful access is through someone who has integrated themselves into your org or through an illicit fiber tap. You've significantly reduced your attack surface.
EDIT: You could even go so far as to require different orgs to travel over physically diverse strands, thereby preventing any sort of multi-tenant shenanigans, with the cable being shared ownership.
They maybe could, but that probably wouldn't stop the NSA from gaining access through other means.
More importantly, they probably wouldn't. All those companies you previously listed have been identified in documents leaked by Edward Snowden as supporting the NSA with backdoors.
Who are these lucky "rest of us" fellows who have both advanced technical infrastructure and no government spying? They don't live in the EU, Russia, and I guess most of Asia.
The idea that Five Eyes is unique in its pursuits and "any Western country besides the u.s." isn't monitoring everything that is technically possible is so naïve that I'm amazed you worked for PGP. I don't normally go after people for being anti-American, but I'll make an exception here because your ideology is making you look comical.
You're a foreign national with an interest in cryptography living in Switzerland. Of all the people in the world who shouldn't be so absolutely clueless, it's you. They're on you like stink on shit, and suggesting otherwise is laughably stupid. What do you think, Switzerland became a discreet financial haven out of a measure of luck, while Swiss intelligence sat around being good, decent, idle people?
For all of my extensive problems with U.S. intelligence, they at least made an effort to uphold the law. They failed, yes, but so many pivotal decisions were around the legal framework. I wonder how such a conversation goes in Ukrainian intelligence, or German, or Mexican. "We have a lead on El Chapo but we can't follow up because it's illegal to wiretap." Yeah, okay.
Well, how about the French government passing a law to make legal the very SIGINT practices French intelligence had been doing for years with no legal supervision?
Or the German intelligence collaborating with the NSA? I won't even mention the British GCHQ, because they almost make the NSA look good.
And that's just Western Europe. Let's not talk about the way Chinese citizens can enjoy frank exchanges of views on the Internet without fear of repercussions.
So just to be clear, here, you claim to have worked for PGP, so you've been in the security industry at least a day or two, and yet you consider the opinion that the United States cannot possibly be the only bad actor rhetoric? I'm disputing your claim that other Western governments aren't as bad as the United States. Nobody knows that, everybody with half a clue assumes otherwise, and the irony of you going after my lack of substance in doing so is palpable.
I'm going to reiterate, because I can't believe I'm having this conversation: you said, nearly verbatim, the other Western governments do not spy like the United States. And you consider that a sane opinion in the wake of these disclosures, and call me a shill for disputing it.
The retroactive immunity to which you refer is one disclosure we know about. What I was speaking to was President Bush's PSP, which they made a significant effort to satisfy legality on. Everyone is in accord on that: them, Poitras, Snowden. They were wrong, particularly Gonzales, but they still tried to base it in the law until they lost the Justice Department. Even the FISA court is an attempt at legality. I'm not saying I agree, I'm saying the government made a conscious choice to try to play by the rules, even though their rule book was absolutely bananas. I'm making the case that in other governments, that same zeal might not apply, and there are probably governments wherein rights are more freely trampled upon.
Again, that you think I'm a shill for presenting the completely normal security industry philosophy of don't trust anyone is just hilarious. I've been charged with multiple felonies by the United States justice system for CFAA-related offenses and convicted of one. I have the most stake in criticizing the way we do things. You're laying down smoke to cover your own opinions going after my "shill" status, and I want you to know that it's entirely transparent.
Sometimes I think Hacker News is just trolls trolling trolls.
Tomorrow, after your meds, read what you wrote and you will see that you are arguing against yourself. I'm only responding to you so that others here can see how insane you are.
Tomorrow if you wish to continue this debate we can do so in person with Roberts rules of debate, the loser with their head between their knees.
It's all hostile territory. While it's rational to punish quislings, it's irrational to think anyone handling a large amount of communications isn't a quisling. Certainly nobody is making claims that they are working to secure your data against state surveillance.
It's also long past time when providers like Google, Microsoft, Yahoo, etc. could have been offering secure communications and storage. At some point you have to suspect they are in with the surveillance state as much as the telcos are.
This is a standard trope, but it requires that you be willfully ignorant that 1) all western countries are sharing intel 2) the US does most of its spying on foreign countries 3) there is no European politician that has even tried to run on an anti US platform. I wonder why?
The FCC has been cracking down on companies using long codes for SMS services because those long codes aren't required to follow the normal SMS rules concerning opting in, opting out, opt less keywords (help messages). For short codes the phone companies each test the short code to confirm it's following the rules.
Further, these long codes switch companies frequently as they get reused when they're no longer in use, and SMS user numbers have been spammed with sms messages as a result.
Makes sense. Notably, however, this is an alpha product, very much a way to see user engagement and figure out what works and what doesn't, and what people want it to do. Once those questions are clarified, all the rest of the infrastructure will definitely be built up adhering to established standards.
In that respect, it absolutely makes sense to use a shortcode where you can conform to regulations.
It's important to note though that Myra only responds when asked for information, and never without. So, it makes sure not to spam at all.
On the spam thing, I believe what they're saying is that companies set up a service, then they disappear, the phone number they used gets reassigned to some Joe Random, and then poor hapless Joe gets spammed by all the company's former customers who think the number is still hooked up.
He's just saying its more impressive to make a ball from scratch and get it rolling than it is to keep a ball rolling. Extra-ordinarily hard to do either one imo.
What do you mean by the communist parts of India? Do you mean Nepal? WTF are you talking about? What you are saying has nothing to do with reality.
Most of the c-level Indians I know are from Hyderabad, including the former ceo of Microsoft India, the Eco of Adobe... Hyderabad is like Texas in India.
One is from chennai, the finance hub of India. The other is from almost the Nepal region but I've never heard of him.
There is a population of radicals in India - separists, communists, but they are separate from the western tied Indians. They are separate because they never were in the group that has close ties to the west, and they are a loud but weak minority.
There are 1.2B Indians and 300M Americans. And there are strong ties between the Indian middle class and the u.s. In education and business. The indian middle class is around 300M. It's surprising that there aren't more Indians in high corporate roles considering how many there are in universities, for example.
Something that is disturbing long-term is the low number of Chinese nationals in corporate roles in the u.s. China is arguably ahead of India socially and economically. They have 500M in the middle class. But we don't have strong ties with mainland China like we do with India. We run the risk of continuing to diverge.
Couldn't it be that the perception of China being ahead of India socially/economically is why you don't see as many Chinese nationals in corporate roles in the US?
I've talked to a number of Indian workers in IT here in Japan who've said that they'd do "anything" not to have to go back to their family homes. But Chinese IT workers I know don't seem to mind the idea; in fact, they usually go back a couple of times a year.
If you replace "Chinese nationals" with a first-world European country, does it sound disturbing? e.g.: "the low number of German nationals in corporate roles in the u.s." It doesn't to me.
I chat with my Indian friends all of the time about this. A few of the reasons we came up with are:
1) China has a better infrastructure so it is more attractive for a talented Chinese person to return to China than an Indian person to return to India.
2) Indians immigrants speak better English on average.
3) There might be some cultural difference or inheritances. But I haven't figured them out yet.
The trend holds in the other direction as well. There are large Indian companies lead by foreign executives, but foreign executives do not get far in Chinese companies.
I always assumed this was due to the language barrier. China has roughly 10 million English speakers while India has hundreds of millions. To me, language appears to be one of the largest causes of cultural divide.
It's still pretty weird to see someone running in New Delhi, for example. I know heat and air quality are part of it but there are days where it would be perfectly fine. I think it's just considered weird to run.
