According to the first paragraph of the article you linked:
"NSLs can only request non-content information, such as transactional records, phone numbers dialed or email addresses mailed to and from."
According to the sample NSL from the article you linked:
"We are not directing that you provide, and you should not provide, information pursuant to this letter that would disclose the content of any electronic communication. [...] Subject lines of emails and message content are content information and should not be provided pursuant to this letter."
So NSL is not the USA "reading your email."
I'm not defending the NSL, but I am opposed to misinformation, as well as the frequent attempts to paint the USA as being just as bad as China.
NSLs can't legally request ANYTHING. They are UNCONSTITUTIONAL. The government has NO AUTHORITY to issue them. The fact that they are presently limiting themselves to illegal request x instead of illegal request y is not relevant.
Let's skip the abuses of the FBI et al and talk about the government as a whole for a minute.
Are you aware that the NSA monitors _all_ traffic at major exchanges in the US?
'haberman's comment includes actual information. Can we not punish people for posting information? I doubt very much that 'haberman approves of NSLs, especially since he said as much.
Moreover, your comment may actually be incorrect; a good chunk of all the mail Gmail handles is never on the wire in a format that can be decrypted with any known attack without access to Google's (often pinned) secret keys. The NSA's ability to snarf it off the wire, stipulated, does not connote their ability to read it.
when I receive email from people on non-Google hosted domains, I sometimes check the headers and see that mail was delivered to my gmail with ESMTPS, using TLS. so a lot of non-google hosted mail on the internet will use ESMTPS for delivery between servers, silently.
you can check this too by looking at the SMTP headers on some mail in your inbox.
The PKI is broken, and I bet a lot of client SMTP plays fast and loose with certificate checking anyway, even if it wasn't. DNSSEC can't come fast enough.
It helps against passive adversaries, but if someone's got access to the sending mailserver's network there are active MITM attacks that will probably defeat this.
Option 1: Try doing MITM and sending a self-signed cert for Google. The client smtpd may accept it anyway. (Cost: free)
Option 2: Spend resources to obtain a legitimate intermediate CA cert, and issue a valid cert for Google's mailserver, and MITM with that. (Cost: ca $25k-$100k, maybe less with proper connections.)
The only thing worse than self-censorship after assuming an insecure channel is a false sense of security.
DNSSEC is a PKI run by governments. If DNSSEC had been deployed and used to run the TLS PKI a couple years ago, Ghadafi would have effectively controlled Bit.ly's SSL keys.
DNSSEC is a debacle. Reprising an older comment:
* Amazingly, contrary to everything you'd expect about "secure DNS", DNSSEC does not in fact secure DNS queries from your machine. Instead, it delegates securing DNS to DNSSEC-enabled resolver servers. For securing the actual queries your computer makes, your browser is on its own. There's a whole different protocol, TSIG, intended to address that problem.
* DNSSEC has zero successful real-world deployments, and no existing integration with any TLS stack. DNSSEC obviously does nothing to secure your actual traffic; all it does is try to protect the name lookup. TLS protects both.
* DNSSEC does nothing to address all the other intercepts, from ARP to BGP4, that real traffic has to contend with. Once you go from name to IP address (or "cert" in the fairytale world where DNSSEC has replaced the CAs), you're on your own. TLS addresses all of these issues except for CA configuration.
* DNSSEC actually reduces the security of DNS in some ways: in order to authenticate "no such host", DNSSEC publishes a sort-of-encrypted list of all your hosts. There's a whole other standards group drama surrounding the proposals to resolve this problem (NSEC3, whitelies, etc).
* DNSSEC fails badly compared to TLS. When keys inevitably get screwed up in TLS, you get a browser click-through. There is no API support to recover from a "gethostbyname()" failure caused by DNSSEC. This sounds like a reliability problem, but it's actually a security problem, in the same sense as "the little blue key icon isn't big enough" is a security problem for SSL. We just don't know what the exploit is, because nobody has designed the "solution" for this problem.
* TLS has 15+ years of formal review (it is the most reviewed cryptosystem ever published). We still find things in it. DNSSEC has received nothing resembling the same scrutiny. It's ludicrous to believe we won't find horrible problems with it. You'd be asserting that a protocol co-designed by Paul Kocher will eventually fare worse than one designed by the IETF DNS working group. The IETF DNS working group would basically have to crush some of the smartest practical crypto people in the world.
* TLS is at least configurable (virtually all TLS problems are in fact user interface and configuration problems, not problems with the underlying system). You can nuke untrustworthy CAs. There is no clean way to opt in or out of different DNSSEC policies, as the drama surrounding DLV illustrates.
In the '90s, we designed web security to assume that DNS was insecure. That was a smart decision. "Security" means different things to different people. It's a policy decision. The end-to-end argument strongly suggests that it's something that can't be baked into the lower parts of the stack. DNSSEC is a step backwards. I think you can already see the indications of the problems it will cause just by looking at the places it already falls down.
What we need is a concerted effort to solve the security UI and policy problems that browsers have.
If you're looking for protocol-level remediation for TLS's current CA policy problem, you want to pay attention to TACK:
"Before yottabytes of data from the deep web and elsewhere can begin piling up inside the servers of the NSA’s new center, they must be collected. To better accomplish that, the agency has undergone the largest building boom in its history, including installing secret electronic monitoring rooms in major US telecom facilities. Controlled by the NSA, these highly secured spaces are where the agency taps into the US communications networks, a practice that came to light during the Bush years but was never acknowledged by the agency. The broad outlines of the so-called warrantless-wiretapping program have long been exposed—how the NSA secretly and illegally bypassed the Foreign Intelligence Surveillance Court, which was supposed to oversee and authorize highly targeted domestic eavesdropping; how the program allowed wholesale monitoring of millions of American phone calls and email. In the wake of the program’s exposure, Congress passed the FISA Amendments Act of 2008, which largely made the practices legal. Telecoms that had agreed to participate in the illegal activity were granted immunity from prosecution and lawsuits. What wasn’t revealed until now, however, was the enormity of this ongoing domestic spying program."
Its a recent article outlining what's ahead (and presently implemented) for the NSA. Given what is already known, the U.S. Govt already has access to your e-mail, and they have the capabilities to decrypt it should your e-mail become high priority.
NSA ability to sniff traffic at major telecom exchanges is real. NSA ability to break $cipher or $hash based on the hearsay journalism involving an interview of (ex-)NSA employees (who would certainly be barred from talking about any real non-public attacks) is not real [1]. It's possible the NSA is setting up real systems that will brute force or factor or find collisions for known borderline algorithms/keysizes. Maybe they have a collection of old DES-encrypted traffic and they are building enough computing resources to do large-scale cracking of DES keys.
The idea that they can create collisions for hashes or crack ciphers believed to be relatively secure in the near to mid future is paranoid speculation.
However, if you're going to be paranoid, direct your attention to RSA and DH (plain, not ECDH). In Suite B, which the NSA recommends for use by government, RSA and DH are absent. If the NSA knows of a weakness in anything currently believed to be secure (I think that's unlikely), I would bet that it's RSA and DH, because the NSA no longer recommends them. I think RSA and DH are superseded by ECDSA/ECDH simply because of speed at comparable key strengths, not because the NSA knows something the public doesn't. As an aside, it indicates that the NSA has a fair amount of confidence in ECDSA/ECDH.
I do not think the NSA is stupid enough to play chicken with the public crypto community by recommending encrypting classified information with ciphers NSA knows to be weak. The public could discover those weaknesses tomorrow. The most sensitive information inside the U.S. government and military is presumably protected by the NSA's Suite A algorithms, but other important information is not, notably military communications between U.S. allies, for which Suite B is recommended.
I heard a story somewhere that public key cryptography was known to the NSA long before the 70s. Maybe they are 30 years ahead in cryptographic number theory? Maybe prime factorization isn't actually hard? Maybe...
What was essentially RSA was known to Britain's GCHQ (Government Communications Headquarters) in 1973. Is this what you were thinking of? Rivest, Shamir and Adleman rediscovered it in 1977.
But it's worth acknowledging such programs exist and don't appear to be going away.
Beyond the AT&T incident (and following legal ruling dismissing, retroactively, carriers from wrongdoing in wiretapping).... there's also the 'TrailBlazer Project'[1] with public accounts from William Binney (NSA , 'Director of World Geopolitical and Military Analysis Reporting Group')and Thomas Drake [2] (NSA) regarding the overreach of such projects....that it's kinda hard to exclude data and so forth.
Jacob Applebaum (Tor, etc) recently dragged William Binney around NYC to gather publicity [3] - but few outlets paid much attention.
Try reading critically. To process 1 yottabyte of data assuming you have 128 bit registers you would need 100,000,000 petaflops.(See http://www.wolframalpha.com/input/?i=%2810%5E24+bytes+%2F+12...) Therefore, there must be a great deal of preprocessing using classifiers to basically eliminate a great deal of useless information. Just because you store it doesn't mean you will listen to it.
I'm a privacy researcher, specifically focusing on government access to data held by Internet companies.
Google, your employer, will not confirm, on the record, what they will or will not disclose when they get an NSL. The NSL statute does not authorize the disclosure of transactional records.
18 USC 2709(b)(1) states that the government can only get "the name, address, length of service, and local and long distance toll billing records"
Furthermore, a 2008 opinion from the Office of Legal Counsel at DOJ specifically confirmed that the FBI cannot use NSLs to get email to/from data, even though the government has asked for it in the past. See: http://www.justice.gov/olc/2008/fbi-ecpa-opinion.pdf
NSLs are gagged, and so Google cannot confirm when it gets NSLs, or for which customers the government is seeking data. However, Google could very easily provide information to the public confirming what it will and will not deliver to the FBI when it receives an NSL. I have asked Google's legal and DC policy team for this info, repeatedly, and hit a brick wall.
I'm not a privacy researcher, but my guess is this is probably less "they won't answer because all your worst fears are true" and more "they won't answer because they don't want to narrow their future options and political maneuvers".
I understand as a hacker that you want to provide the truth, but the way to stop these letters isn't to downplay their danger, but to make people scared to death of them.
If someone appeals to me to care about X but lies about the facts of X, their credibility is damaged in my eyes and I am inclined to think that they are overplaying the danger.
For example, "sneak" replied to my comment with lots of CAPITAL LETTERS and links to other information. But I'm already less inclined to trust sneak, since he/she is already known to play fast and loose with the facts.
I don't mean to appear to be playing fast and loose with the facts. Certainly, the NSA tapping exchanges is a different issue than whatever restrictions the government has placed on itself when issuing NSLs for message metadata.
The fact is, message metadata is enough. I have friends and acquaintances that have been harassed and detained by officials based on their names appearing in contact lists of other suspected-but-not-charged-with-anything individuals. We're not even talking about evidence of actual communications such as message headers or metadata.
The fact that they can (and do) pull thousands of people's message headers and have access to the communications graph and traffic frequency without ANY JUDICIAL OVERSIGHT WHATSOEVER means that their ability to conduct state-sponsored extrajudicial harassment is way out of control.
It truly doesn't matter if NSLs allow them to get the body of the messages or not. If you're on the radar, you and everyone you communicate with regularly is a target. There are no legal remedies for this sort of stuff anymore.
If you do anything of import non-anonymously, you can expect to have your hardware stolen and never returned (under the guise of a search), your travel impeded, your accounts inaccessible (google "civil asset forfeiture"), your social network harassed and detained similarly, and your access to legal remedies hindered in every conceivable way.
A half-dozen examples known to me personally come to mind immediately. I'm sure there are more that I don't know about.
The threat is very real, and trying to split hairs about whether or not "reading your email" means message bodies or just headers is not productive.
I disagree that "It truly doesn't matter if NSLs allow them to get the body of the messages or not". It truly matters a whole hell of a lot to me if someone can see my messages, as versus my email headers.
I don't wish to open a whole separate thread, but...
The strategy you advocate is what many environmentalists, notably Al Gore, have been employing.
It turns out that most people aren't as dumb as you think. They pick up on the fact that they're being misled. And that tends to turn them against your mission.
Thus, many people are now desensitized to warning of climate change. They've seen the scientists lying and conspiring to gag dissenting views, and cherry-picking studies to highlight the worst possible outcomes. And if those scientists (rogues that they might be) need to gag the dissenters, they must not have very strong arguments.
Please note: I don't mean to take a side here in the climate debate, only to illustrate how one strategy used in that debate is having an effect opposite to what was intended.
I'm sorry if the truth is inconvenient, but that's no excuse for suppressing it and spreading lies in its place. If they really are so bad, you shouldn't need to subvert the truth in order to prove it — because their badness is the truth. If they aren't that bad, I don't see why it's so important to make people scared to death of them that I'd sacrifice my good name to do so.
You assume that people agree with me. Most people are far more interested in security than freedom. Which a valid choice so long as that choice is made for them alone, and they don't make it for me.
I don't have the speaking skills to convince the world of this, but coming of age after 9/11, I have seen first-hand the awesome power of fear.
[edit] So, and correct me if I'm wrong here, you are saying that after seeing the damage that fear has done to your culture (which I would say is far, far greater than the damage done to New York on 911), you then think that you should stir more fear and use it to achieve your political desires. In a just cause, of course. Everyone has a just cause. And your justification is that you don't think you are eloquent enough to convince people by other means? That is a fucking repulsive attitude.
You say you want to use fear to influence the society of which you are a part, because you think that it's general attitude towards security impinges too much upon your own personal freedom and you also don't trust anyone else to be able to deal with honesty. And so you are actually attacking others who are trying to be honest, for not just ramping up the fear in the direction that you perceive would most satisfy your own self interest.
Remind me where the surgeon metaphor fits into all of this horseshit.
Spreading more FUD on the internet is not likely to help a cause in the long run, it won't even make it stand out from the background noise. And you aren't really scaring the shit out of people by telling them that the government can read their emails, which they already think anyway, when they also know that the same government has nukes and has been happy to play brinkmanship with them against other countries with nukes, for well over a generation.
Does reading your library records count... How do you know the same hasn't been done with your email? You don't. Because it's secret. Is this an open society? A free society?
The difference between rights in America and China are vast. Criticizing legitimate American counter-terrorism and counter espionage and suggesting that it's equivalent to China's suppression of thought of its citizens (and people in occupied zones like Tibet) are disingenuous. Dissent in China will get you a prison sentence or worse. Dissent in America will get your karma modded down. (Q.E.D) Want more relevant wikipedia links? click here : http://en.wikipedia.org/wiki/September_11_attacks AND here http://en.wikipedia.org/wiki/Internet_censorship_in_the_Peop...
Actually in the USA we have 5x the prison rate of China.
Of course the official rates ignore people in "administrative detention" which is what China does to a lot of its political dissenters. But even if you add those back in, the USA has 4x the detention rate of China. (We are also ahead of every other country in the world.)
It would seem that if you're afraid of landing in prison, the USA is a much worse country to be in than China. Not slightly, much. (And a brief glance at the jail statistics will convince you that our justice system is not color-blind. For instance I've seen no data indicating that drug use rates are significantly different among whites and blacks. But incarceration rates for drugs are very, very different...)
There are certainly examples of persecuted dissidents in both countries. What I'm missing in China is any examples of dissidents who've achieved any success, comparable to American examples of dissidents in prominent, even state-sponsored roles. And, in particular, any ability of ordinary people to read and discuss what dissidents write. You and I can discuss Bradley Manning here. And I'll agree he is not being treated in a justifiable manner. Can Chinese citizens openly discuss dissidents, and criticize their governments' treatment of them?
For example, after Angela Davis (Black Panther activist) was acquitted, she became a tenured professor at the University of California, where she has, for several decades, continued to unapologetically oppose the United States government. And she's hardly the only one; there are many dissidents who are professors at American universities, some of which are even state-run universities. Noam Chomsky, of course, has not been removed from his professorship at MIT, despite his political views.
Are there any prominent Chinese dissidents who are now tenured professors at Chinese universities, without recanting? If we compare to Davis's role as a minority-group activist--- can you imagine a Tibetan or Xinjiang activist, who opposes the Chinese government's rule over those regions, becoming a tenured professor in China? Being able to teach courses openly about those disputes? Being able to publish critical books through the university press, which any ordinary person can order online with a few clicks? All of that happens in the United States, but doesn't happen in China.
I'm not hugely into political theory, but I read some of it, mostly tending towards the leftist side. And I am able to buy any of this in the United States, completely openly, even stuff much more radical than what I typically buy. Not even in backrooms or dark alleys, but from Amazon, delivered to my home address with my real name on the label! I can buy manifestos openly urging the overthrow of the United States government (under Brandenburg v. Ohio, these can't be prosecuted as treason). Can Chinese citizens openly buy manifestos urging the overthrow of the Chinese government?
Not directly relevant, but one should also recognize that there are examples of modern-day American academics who do suffer censure for being outspoken dissidents -- Norman Finkelstein being an example (http://www.americanradicalthefilm.com/).
There's a difference between "dissent" and "passing classified information to unauthorized sources". You can get away with criticizing the government here; you can't get away with espionage.
Playing fast and loose with facts continues to hurt your case.
Sklyarov - charges dropped.
Manning - U.S. soldier deliberately mishandled diplomatic cables.
Assange - I'm aware of no official charges or actions by the U.S.
I have a friend who's life was completely ruined by a federal criminal case before charges were ever even filed.
I'm not sure you understand the implications of "charges dropped". Sometimes that can consume 5+ years of one's life, sometimes part or all of that imprisoned. It always costs a fortune, too.
If you aren't aware of what the US is planning for Assange, you're not paying attention. This is the same government that thinks that people at the New York Times should be indicted for espionage.
Would you hire someone who was facing charges of abusing children to look after your children? I probably wouldn't. The charges sometimes stick, no matter what happens after they are filed.
As for Assage, I assume you're aware of the way some US politicians have behaved.
http://abcnews.go.com/blogs/politics/2010/11/does-palin-want...
> Criticizing legitimate American counter-terrorism and counter espionage and suggesting that it's equivalent to China's suppression of thought of its citizens (and people in occupied zones like Tibet) are disingenuous.
However, what is not disingenuous is characterizing American behavior vis-a-vis the propaganda it espouses. That is a good test for any institution or country. Don't even need China here. Compare what happens in US and what US does internationally vs. what US govt and many of its citizens believe or tell others about America. "We are a beacon of democracy " that's a common idea. So now let's see how is the power distributed in US? Does the average citizen have the power to make decision and is that comparable to what the propaganda fantasy is promoting. How about another one "US Constitution protects us from unreasonable searches and severely restricts the power of the government from invading our privacy". A lot of people believe that (doesn't matter if they are Americans or not). Is that true compared to the number of people believing in that? I say it is not. A lot of people are living a lie, believing in a fantasy about the government that is not based in reality. I say that is unhealthy.
Something similar is happening in China or other repressive governments. People are lead to believe in things that are divorced from reality. "We are a paradise". "American Imperialists are out to destroy US" and so on.
There is actually one difference. In some countries (and I can speak for the former Soviet Union during its last days) people knew propaganda was lie and they laughed at it in private. We knew the image we were supposed to have about our country was false. Many Americans are not aware of it. The brainwashing is so effective, they actually believe we are exporting democracy in the Middle East. They believe we have the best health care system . Heck, many believe evolution is a big lie. There is a great amount of self delusion and self censorship. That is unhealthy.
So going back to the comparison. You are right, comparing US to China in absolute terms in certain areas, is like night and day. Say, when it comes to freedom of speech. You can grab a megaphone and go yell out crazy conspiracy stuff right by Obama's front gate. But if you look at the level of delusion, the situation, I think is not as great.
The philosopher Zizek has a great bit about the "unknown knowns" (the quadrant Rumsfeld wasn't smart enough to articulate). Meaning, of course, the unperceived fabric of Western ideology -- that works far better than explicit propaganda ever could.
Gmail has state mandated backdoors. No combination of increased password complexity or multi-factor authentication will prevent these backdoors from being used (or abused) to access your account. Have a nice day.
In other news: I offer 50 bitcoins to anyone who can get me at least 5 or 10 good screenshots of the features and UI of the (presumably web) interface that Google provides to the feds for NSL/PATRIOT (un)"lawful intercept". 10 bitcoins for each of any other Alexa-top-50 provider (e.g. hotmail, FB, etc).
Anonymous mails accepted at sneak@datavibe.net. Include bitcoin address for payment. Don't bother with fakes - I've seen quite a few 'shops in my time, and can tell from some of the pixels.
Wasn't the core of the ThinkSecret lawsuit related to enticing people to break confidentiality agreements? Maybe this offer should be restricted to legally obtained and propagated screenshots.
Because this is an attack that doesn't go through the official legal process Google is required to abide by. If Google were to find that the US gov was distributing malware to hack into Gmail accounts without Google or users knowing I hope they would react the same way. I doubt we will ever find out for sure though.
Well, Google doesn't really have a choice but to follow the laws of the country it's based in. Do they at least explicitly explain this caveat somewhere?
Google is a huge multinational, operating on the internet, which is (at least historically) devoid of specific jurisdictions. They could, at the expense of profits, sidestep this issue - but they don't.
Unfortunately the US is trying to deny that, with less and less success, but that's where we're at today.
I just think it's shitty of them to make such a noise about non-US state-sponsored surveillance, but remain relatively silent on the thousands and thousands unconstitutional USA PATRIOT wiretaps they get every single month.
That wouldn't work. Their tax avoidance strategies are legal with respect to US law. If they operated in the US without honoring DMCA requests, Patriot Act etc, they'd quickly be sued or arrested by the US govt.
Anyone know what the situation is with Google in the rest of the world? I know they have offices in various locations around Europe for example, and they have to comply with the recent EU "Cookie Laws"... which laws apply then?
http://en.wikipedia.org/wiki/National_security_letter
China reading your mail: Big red flag.
USA reading your mail: Business as usual.