I was in a Hadoop course with a person who had just left the NSA in mid-June (right when the Snowden bomb dropped). She was in complete denial about his allegations, and was outright hostile to the rest of the room for "actually believing he was telling the truth". A key quote: "Do you really think they just let people access these systems without rules? You really believe that?" (the tone was beyond condescending, implying that we were all naive and ignorant) My argument to her was that my experience dealing with intelligence agencies is that they build stuff very quickly, focusing on capabilities. Anytime systems are built like this, safeguards are an afterthought.
As it turns out, we were all right, and she was all wrong. I would love to talk to her today and wipe that smug look off her face by pointing out that the "safeguards" were nothing more than policy and rules with zero enforcement mechanisms. Hence the guy who spied on his ex for years without being caught.
The fact that, on a personality level, she was one of the more awful people I've been stuck sitting next to in a class, makes me question who the NSA hires. She was hired straight out of college, so I guess the culture was sucked right into her. And man does that culture suck.
Wait, should I believe that the NSA doesn't know what documents were taken? Because I hold the belief that they do know, down to the PowerPoint slide, what resides in Snowden's Cache. I believe that the NSA is either incapable of telling the truth, or believes that lying about what they know is an advantage somehow.
Is there some way to decide this quandry logically?
Because I hold the belief that they do know, down to the PowerPoint slide, what resides in Snowden's Cache.
Why? When it happened, they almost certainly didn't. By now they may have restored all their backups to that point of time, and recreated their network to see exactly what he could have possibly taken, but beyond that it seems likely they don't know..
I'd imagine they are slowly working out what documents he has. Everytime a new one appears they go "oh, shit" and look at what other docs were nearby.
They have probably checked multiple times a few critical documents to see if he had access to them.
Furthermore, whatever safeguards they might put on the data are completely irrelevant. They shouldn't be mass collecting data without a warrant in any case.
You were just arguing about whether their lawbreaking was competently executed or not.
Let's not be naive. Spying doesn't involve warrants. It's called spying because that's what it is, spying, not building a legal case to take to court. Warrants aren't ever going to figure into spying.
You can bound the scope of what spy agencies spy on, but expecting them to spy and to get a warrant to spy before they do it, that's not going to happen. If you truly want warrant based searches for everyone, everywhere, then you have to ban spy agencies world wide and make this all a law enforcement function.
>Let's not be naive. Spying doesn't involve warrants. It's called spying because that's what it is, spying, not building a legal case to take to court.
Except sometimes when the collected information was used for exactly that [1]
Actually, warrantless surveillance goes beyond that. I'm a Norwegian citizen, and I take issue with the NSA having instant access to all the homemade porn me and my girlfriend exchange. So this concern really goes beyond the borders of the US. Saying that this would be all fine and dandy if it was restricted to the 95% of the people who are not in the US is a very good way to piss off all your allies and trading partners.
And the same goes for the rest of us and our respective governments as well, of course.
I think a big part of the problem here is the idea that not only are governments responsible for protecting their own citizens, they are also only required to respect the basic rights of their own citizens. That inevitably leads to one of two conclusions if governments then feel entitled to conduct mass surveillance of everyone else's citizens.
One possibility is that those other people's own governments consider the surveillance a hostile act. Now everyone's government starts a cold war of information with everyone else's, even if they claim to be allies.
The other possibility is that those other people's governments do not defend their own citizens from the mass surveillance, or even actively collaborate in it despite their apparent obligations to their own population. Now people don't just have cause to mistrust foreign governments, even supposedly allied ones, but they can't even trust their own government to protect them.
Obviously neither of these outcomes is exactly taking the political or ethical high ground. But no-one seems to want to take a lead on what to me is the obvious third alternative: everyone accepting that we are all part of a global community today, and that international trade and communications and transportation are in all our best interests, and that which country's flag was flying when you were born probably has very little to do with whether you are a good person (probably) or a real danger (in which case everyone has legitimate grounds to go after you and already has processes in place to do so), and that because of that same level of international infrastructure and modern technology it should be just as possible to recognise everyone's basic rights by default and collaborate to go after legitimate surveillance targets anywhere instead of drawing artificial borders that are mostly accidents of history and creating a them-and-us culture that serves no-one.
Modern politics reminds me of a Babylon 5 episode, which seemed amusing at the time:
Interesting, are you using the word "warrantless" as a synonym for "baseless" or as meaning "without a warrant granted by a court of law"? If it's the first, I agree wholeheartedly - it's both unethical and just plain stupid for my government to spend time, money, political capital, and the ability to look itself in the mirror without cringing on being able to access the pornography of private citizens of ally countries. If it's the latter, I disagree - I don't think countries (the U.S., Norway, whoever) should be required or require themselves to get warrants to surveil citizens of other countries.
You should be pissed, and it pisses me off that my government is pissing you off, but that doesn't mean I think it needs to get warrants to spy on other countries.
I don't think countries (the U.S., Norway, whoever) should be required or require themselves to get warrants to surveil citizens of other countries.
And where then does it stop? Should countries also not be required or require themselves to provide due process to citizens of other countries when they visit? How about not recognizing property rights, and confiscating their belongings? Why not go the whole way and just shoot the ones you don't like?
The reason that international human rights treaties exist is that adopting isolationist policy in the area of human rights is a move that creates no winners. We just seem to have forgotten that in the context of the Internet, because the violations take place at home while the immediate victims are abroad. But the indirect consequences will probably come back to haunt those who don't respect citizens of other nations all too quickly, whether it is in loss of tourist trade, or loss of control of technologies like the Internet because a single nation is no longer trusted to administer that technology impartially, or more direct consequences to the bottom line if for example technology companies with cloud-based offerings are no longer trusted by foreign customers.
The US seems to be particularly at risk today, because it has been a natural leader in some of these fields and has been trusted to act responsibly in that capacity. That trust is rapidly being eroded, and the US has more to lose as a consequence than most. Still, the general us-and-them attitude in today's international politics is a plague on all our houses.
"And where then does it stop? Should countries also not be required or require themselves to provide due process to citizens of other countries when they visit? How about not recognizing property rights, and confiscating their belongings? Why not go the whole way and just shoot the ones you don't like?"
Well, something like that is already considered quite legal, right? A Uruguayan citizen who buys some pot from his local government store and then boards a plane to Singapore isn't going to have a nice time in Singapore, even though by Uruguayan standards he's done nothing wrong: his property rights in that pot will not be recognized, at the very least, and probably he will be severely punished for something not considered a crime in his home country.
When country A is doing violence to the citizens of countries B and C inside country A, the usual response is merely that B and C recommend that their citizens not go to A. If the citizens were considered important, sometimes there's a protest of some sort.
> I don't think countries (the U.S., Norway, whoever) should be required or require themselves to get warrants to surveil citizens of other countries.
I think there is a difference between committing illegal actions when they are inevitable (I can understand that, eg, the US would want to conduct targeted surveillance on known AQ members abroad). It's another thing to make it into an all-encompassing, industrial activity. And clearly, the distinction between "national" and "foreign" is rather... blurry. The US, the Europeans, the Australians, I assume Japan, Korean, Taiwan... look like they have a good working relationship, in which everybody can spy on everybody else, as long as you can pretend it's about security.
it should be like in war, bombing civilians is a war crime, spying on even foreign civilians should never be legally accepted. ever. otherwise we re on the fast track toward another catastrophe for the human race and one of its unique features, freedom.
It would seem to me that it's two orthogonal questions, where the probable harm is related to their product. They shouldn't be mass collecting data; they should be competently protecting data they collect.
She was probably right about the systems she used. I clearly remember be stunned, and initially not believing, that any one person, even a sysadmin, would have such broad access to systems at the NSA. It goes against everything that intelligence agencies have learned about compartmentalization of information and "need to know" access controls.
"Need to know" apparently is no longer in fashion in either the civil or military intelligence communities, in any way whatsoever. Bradley Manning convinced me of that. As a low-level private, he was able to download megabytes of sensitive material completely unrelated to his job, and that he couldn't possibly have had any need to access. Regardless of whether you think he (she) did the right thing, it's just insane that it was even possible. It speaks of outrageous incompetence at the highest levels of the organization, incompetence that's likely to be a greater security threat than anything else under discussion.
Same story with Snowden, a low-level contractor who was apparently able to walk away with the whole store. Love him or hate him, he's not the Agency's real problem.
Much much more amusing to see how random college drop outs can so deeply compromise national security. Imagine what trouble we'd be in if a motivated nation state tried to get the USA's secrets?
She's probably right in thinking that policies and procedures exist for these things. She's woefully naive if she thinks the systems used to insure those policies and procedures are followed are up to the task, or that the executives and project managers who sign off on them give a shit whether they actually work or not (they don't--they get paid either way, and keep the gravy train rolling).
My experience with DoD contractors is that they are the worst sort of government contractors. They'll do anything to get extensions, add-ons, and other lucrative contracts while providing the absolute bare minimum necessary to meet the strict letter of existing ones.
As long as our government contracting system is run as a font of graft and corporate welfare, all the policies, procedures, and regulations in the world aren't going to stop the Snowdens and Private Mannings of the industry from having access to things they may not need to have access to.
Well they seem to have put enough pieces together to run a training exercise with the same details as 9/11 on the same day, as well as warn the President of the attack a month earlier.
My guess is that compartmentalization was given as an excuse in order for the government to expand power during a time of 'crisis'. Today they lie to you about what the NSA does, 10 years ago it was lying to you about what caused 9/11, including lying about the memo, and the training exercise.
Remember that before the memo and the training exercise were public knowledge that 'no one could have predicted 9/11'.
Funny, that doesn't answer my question. I was already aware of the letter released by Senator Grassley[1] and none of the stories in that letter match those referenced by the GP.
so you're linking to a letter with TWELVE different cases of NSA employees spying on people for "romantic" reasons and that doesn't answer your question? are you playing some kind of semantic game where you narrowly select the meanings of words to exclude the piles and piles of evidence and so "win" some pointless argument?
because if so, i'm thinking you might be keith alexander?
It might be that the person you are responding to is making an effort to enforce a social more against defending spying that is clearly out of control. In which case the necessity of nastiness should be clear.
That said, we know that the US government has carried out propaganda operations "on the homefront" to normalize and legitimize illegal and unconstitutional behavior. And it's pretty obvious when an army of blog commenters and twitter handles are all pushing the same talking points at the same time and don't seem to be active outside of business hours on the east coast...
Being a dick to people on Hacker News is never necessary. If anything it's counterproductive. People used to get downvoted into nothing just for posting a lmgtfy link.
It's definitely the case that the quality of discourse has declined on this site in the last few years. However that has more to do with the fact that it's now seen as an important mechanism for shaping public opinion amongst an important constituency; and it's popularity.
As the person whose comment was singled out, can you explain how was my comment "defending spying that is clearly out of control"? I wasn't intentionally. As pointed out below, I assumed the GP knew of a story that I didn't, so I wanted to learn about it.
One tends to realize only in retrospect that it's a very curious experience to go from normal life to the military before having any other real responsibilities in life. One very much gets the feeling of being a Platonic "guardian" and the access to information only heightens that experience. It is likely quite similar to the way some folks in IT talk perceive "sheeple" and doctors sometimes perceive patients, and even the UPS guy perceives your package as he congratulates himself for the hard work even as he drop kicks your computer into your screen door.
Couldn't I fairly easily replace "military" with "profession"?
I think going to medical school and being indoctrinated into a second professional culture is what gave me an opportunity to see the experience for what it is. The striving, the late nights, the urgency, the aspirations, the sense of responsibility, they all play in to a larger story of self where one paradoxically may not appreciate their own larger role at the time. I also submit your immediate seniors also may not appreciate their own roles.
I submit any differences you saw in her were side effects of the history of the institutions, the policies that govern them, the nature of the work, and the point in time at which your paths crossed.
Look at General Petraeus, compare him to Lincoln's string of generals, or just the number of military officers who will never make general, fired one after the other, and consider, how many months or years of conflict did Petreaus save after the civilian leadership made the decision to go to war? How many soldiers and civilians were killed or saved? How many lives has his work touched?
Look at Drew Houston. Compare him to the many careers burned out in failed startups, the customer data lost in security breaches. How many lives has his work touched?
Look at Paul Farmer. Compare him to the many careers burned out in medicine, the patients who died in clinical trials while they took sugar pills, the failure of relief agencies to effectively coordinate supply chains. How may lives has his work touched?
Look at Fred Smith. Compare him to the many careers burned out in aviation and business. The pilots of passengers who have died in flight, or been affected by the failure of a supply chain to deliver the right item to the right place. How many lives has his work touched?
Now think about the soldiers, the code monkeys, the nurse's aids, the FedEx delivery drivers, living in the shadows of these names. What cultural influences are the same?
If you started on any one of these paths at 18 or 22, are you so certain that you would be mentally and emotionally prepared to resist the onslaught of cultural decisions you would be expected to participate in on a daily basis? Are you so sure that you so reliably see the forest for the trees?
As a matter of interest about whether and how people change their views in light of revealed facts, have you any means of following up with her to see how she new views the matters on which she opined then? I would find this exercise informative and interesting. Tnx.
As it turns out, we were all right, and she was all wrong. I would love to talk to her today and wipe that smug look off her face by pointing out that the "safeguards" were nothing more than policy and rules with zero enforcement mechanisms. Hence the guy who spied on his ex for years without being caught.
The fact that, on a personality level, she was one of the more awful people I've been stuck sitting next to in a class, makes me question who the NSA hires. She was hired straight out of college, so I guess the culture was sucked right into her. And man does that culture suck.