Separate names with a comma.
Discussion in 'Politics, Religion, Social Issues' started by Vip, Oct 29, 2013.
Would you have a private detective to spy on your best friend?
A good question; one that should have been asked back in 1930, as it's been going on since then, if not earlier.
The way things are going, at least we have a bill in Congress with bipartisan support to prohibit the NSA from spying on its own people. That takes care of us domestically, but says nothing of internationally.. it's up to the leaders of those countries to come down hard on us and the NSA (as they well should) to make sure this stops.
I will say that this is starting to cast Snowden in a much better light, now.. Whether it stays that way remains to be seen.
If he has nukes and/or an army? Yup. Especially if I created an Executive agency to do just that.
Am not so sure what the US would think of being spied upon, but ok, if you say so.
We don't like it, but I'm sure it's being done to us as well. Everyone spies on everyone, you'd be at a disadvantage if you didn't.
You really think nearly every embassy in every country in the world is bristling with antennas for no real reason?
I don't for a second believe this bill is going to do anything to limit NSA from doing what it wants. I don't care what administration is in office there will alway be some off the radar, back room or under ground surveillance programs going on. All this is, is a feel good bill.
As long as we are human it is human nature to gather and digest information. I mean for pete sake we are on a rumor site that all it does is gather and report information from people spying on Apple.
to an extent, you have a point, but in the latter situation, people are banking on analysts' guesses, not actual corporate espionage.
And even if it were true spying, corporate espionage = espionage, and espionage =/= legal.
And I think it's a big thing, especially since the author of the bill is the author of the PATRIOT Act, and is amending his own bill to add this in. That says a lot, considering how he missed this nearly 12 years ago, which that was supposed to be a 'feel good' bill. That bill eroded our 4th amendment rights, which it shouldn't have taken 12 years to gain back.
I really don't know what to think of it other than I disagree with it. I hope this all kicks off. I'd love to see the NSA shut down.
But chances are, all countries have their equivalent. They just haven't been stupid enough to be caught yet.
To sum up my position:
Spying on Americans: Not cool. I can understand some records on Americans getting occasionally scooped up, but they had better get purged ASAP. And none of this "we'll collect everything and then purge later" nonsense.
Spying on non-Americans: Not only is it OK, it's their job. Friendly nations included.
Is it their job to spy on everybody and their grandma? Or is it their job to generate intelligence on foreign nations in general and especially their political/military leaders?
The latter was for a long time regarded as the generally accepted task of intelligence agencies around the world.
But the NSA stores all data it can get to produce intelligence. And there is a distinct lack of oversight what happens with the data from which the intelligence was produced. The NSA (and agencies in other countries as well) use their surveillance technology like a cluster bomb against large target areas. And they seem not to care about collateral damage, like a general loss of trust, loss of business or loss of international reputation.
While on the technical level their feats are impressive, in it's core mission, I think the NSA has failed (from nsa.gov):
"The NSA/CSS core missions are to protect U.S. national security systems and to produce foreign signals intelligence information."
How does weaking encryption standards protect U.S. national security systems? How could anybody think the blunt mass data copying would go unnoticed forever? An operation on this scale will leak sooner or later to the outside because of the number of people involved. Did anybody think of the fallout?
A true spy master would gather information in a way the target never have a chance to notice the eavesdropping. They would reduce their risk of exposure at any costs - in order not to burn their agents, their contacts, their friends, their enemies.
I've never understood why this is really becoming a big deal right now when it's kind of common knowledge/common sense that it's been going on for a long time and it's nothing new.
The latter has been the traditional role (which is why I don't know why *anyone* is surprised we're spying on friendly leaders). But now that threats are so decentralized, it seems like they've taken it to another level...once they find out who a "bad guy" is, they trace his contacts and communications 6 ways to Sunday. I don't think it's outside their mandate, but it *is* rather new. Or at least we think it is...
Is there a distinct lack of oversight? Totally playing Devil's Advocate here. A few guys checking their girlfriend's/fav celebrity's records does not constitute a distinct lack of oversight, in my opinion. The very fact that we caught them implies otherwise.
Fair enough. Of course, all this is *supposed* to be secret, so in that case their would be no damage. You can bet your bottom dollar other nations are doing (or trying to do) the exact same thing.
They didn't weaken any encryption algorithms. They simply managed to get the private signing key of lots and lots of websites/other entities so they could impersonate "trusted" sites/people. If you set up our own key pair and don't screw up distributing it to your buddy (or somehow getting it copied off your machine), it's still virtually uncrackable. Algos are still fine.
Well, people have been complaining about it since, what, 2004 (secret telco closets and all that)? Took a while to really break open.
Agreed. The NSA is huge, and all it took was one guy to blow (some of) it wide open. If you want to keep it a secret, tell as few people as possible, etc etc.
They did more than just get private keys. At least once, they covertly inserted a backdoor into a published crypto specification:
The Guardian and The New York Times have reported that the National Security Agency (NSA) inserted a CSPRNG into NIST SP 800-90A that had a backdoor which allows the NSA to readily decrypt material that was encrypted with the aid of Dual_EC_DRBG. Both papers report that, as independent security experts long suspected, the NSA has been introducing weaknesses into CSPRNG standard 800-90; this being confirmed for the first time by one of the top secret documents leaked to the Guardian by Edward Snowden. The NSA worked covertly to get its own version of the NIST draft security standard approved for worldwide use in 2006. The leaked document states that "eventually, NSA became the sole editor." In spite of the known potential for a backdoor and other known significant deficiencies with Dual_EC_DRBG, several companies such as RSA Security continued using Dual_EC_DRBG until the backdoor was confirmed in 2013.
One of the primary purposes of a PRNG in cryptography is to generate bits for making keys. If your PRNG has a predictable sequence, and only your adversary knows this (the backdoor), then it makes it far easier (i.e. faster, simpler) for them to brute-force your keys. What you think will take eons might actually take only hours or minutes.
From a long-term perspective, this undermines the credibility of future NIST standards, as being independent or "best known".
Well, at least we used to do it better than the Ruskies, who slipped a few bugs into the goodie bags distributed at the G-20 summit.
Yikes!! That's news to me! I stand corrected.
This cat n mouse IT cold war is the future.
Its either a brave or stupid country that doesn't try to make itself aware of as much information about other countries as it can, its going to be a matter of future self preservation.
But is it "fair and just"?
I certainly wouldn't describe it that way.
As you imply, I'd choose "inevitable" as the best description.
You seem willing to embrace cyber warfare as inevitable, but are you also willing to accept atomic warfare, biological warfare, and chemical warfare as being unavoidable?
If not, why?
The real question is whether it is moral to circumvent legal prohibitions against spying on one's own citizens by asking another government to do it for you, which seems to be the pattern emerging.
Also, one might ask if it sensible to perform widespread spying in an incompetent way, say, for instance, by hiring an unreliable contractor who was a security leak waiting to happen.
It's a reflection of the Cold War mentality of the powerful elite.
No wonder the world is a shambles.
You can have spying without inevitably resorting to atomic warfare, biological warfare, and chemical warfare or cyber warfare.
The NSA's spying is cyber warfare.
For example, from Cyberwarfare:
"Cyber espionage is the act or practice of obtaining secrets (sensitive, proprietary or classified information) from individuals, competitors, rivals, groups, governments and enemies also for military, political, or economic advantage using illegal exploitation methods on internet, networks, software and or computers."
Via treaties/agreements, atomic, biological, and chemical warfare is restricted/limited, etc. Why not set similar limits on cyber warfare?
Food for thought:
We Need a Geneva Convention on Cyber Warfare
I don't know the details about what the NSA is actually engaging in.
I was saying that spying or eavesdropping, is most effective when the "victim" has no idea they're being spied upon.
Engaging in cyber warfare would seem to me to be counter productive to eavesdropping as it calls attention to itself and could risk the secrecy that eavesdropping thrives on.
I'm not suggesting that the U.S. doesn't engage in cyber warfare, just that it doesn't follow that if one eavesdrops then it's inevitable that cyber warfare will follow.
You seem to using a very narrow and limited definition of cyber warfare.
NSA's spying is electronic eavesdropping, which is a form of cyber warfare.