Nope, wrote it myself, asshole. But thanks!
...and your comment represents the absolutely fundamental misunderstanding that pervades this discussion.
The truth no one wants to hear:
The distinction is no longer the technology or the place, but the person(s) using a capability: the target. In a free society based on the rule of law, it is not the technological capability to do a thing, but the law, that is paramount.
Gone are the days where the US targeted foreign communications on distant shores, or cracked codes used only by our enemies. No one would have questioned the legitimacy of the US and its allies breaking the German or Japanese codes or exploiting enemy communications equipment during WWII. The difference today is that US adversaries -- from terrorists to nation-states -- use many of the same systems, services, networks, operating systems, devices, software, hardware, cloud services, encryption standards, and so on, as Americans and much of the rest of the world. They use iPhones, Windows, Dell servers, Android tablets, Cisco routers, Netgear wireless access points, Twitter, Facebook, WhatsApp, Gmail, and so on.
US adversaries now often use the very same technologies we use. The fact that Americans or others also use them does not suddenly or magically mean that no element of the US Intelligence Community should ever target them. When a terrorist in Somalia is using Hotmail or an iPhone instead of a walkie-talkie, that cannot mean we pack our bags and go home. That means that, within clear and specific legal authorities and duly authorized statutory missions of the Intelligence Community, we aggressively pursue any and all possible avenues, within the law, that allow us to intercept and exploit the communications of foreign intelligence targets.
If they are using hand couriers, we target them. If they are using walkie-talkies, we target them. If they are using their own custom methods for protecting their communications, we target them. If they are using HF radios, VSATs, satellite phones, or smoke signals, we target them. If they are using Gmail, Windows, OS X, Facebook, iPhone, Android, SSL, web forums running on Amazon Web Services, etc., we target them -- within clear and specific legal frameworks that govern the way our intelligence agencies operate, including with regard to US Persons.
That doesn't mean it's always perfect; that doesn't mean things are not up for debate; that doesn't mean everyone will agree with every possible legal interpretation; that doesn't mean that some may not fundamentally disagree with the US approach to, e.g., counterterrorism. But the intelligence agencies do not make the rules, and while they may inform issues, they do not define national policy or priorities.
Without the authorities granted by the FISA Amendments Act of 2008 (FAA), the United States cannot target non-US Persons who are foreign intelligence targets if their communications enters, traverses, or otherwise touches the United States, a system within the United States, or, arguably, a system or network operated by a US corporation (i.e., a US Person) anywhere in the world. FAA in particular is almost exclusively focused on non-US Persons outside the US, who now exist in the same global web of digital communications as innocent Americans.
Without FAA, the very same Constitutional protections and warrant requirements reserved for US Persons would extend to foreign nations and foreign terrorists simply by using US networks and services â" whether intentionally or not. Without FAA, an individualized warrant would be required to collect on a foreign intelligence target using, say, Facebook, Gmail, or Yahoo!, or even exclusively foreign providers if their communications happens to enter the United States, as 70% of international internet traffic does. If you do not think there is a problem with this, there might be an even greater and more basic misunderstanding about how foreign SIGINT and cyber activities fundamentally must work.
If you believe NSA should not have these capabilities, what you are saying is that you do not believe the United States should be able to target foreign intelligence targets outside the United States who, by coincidence or by design, ever utilize or enter US systems and services. If you believe the solution is an individualized warrant every time the US wishes to target a foreign adversary using Gmail, then you are advocating the protection of foreign adversaries with the very same legal protections reserved for US citizens -- while turning foreign SIGINT, which is not and never has been subject to those restrictions, on its head.
These are the facts and realities of the situation. Any government capability is imperfect, and any government capability can be abused. But the United States is the only nation on earth which has jammed intelligence capabilities into as sophisticated and extensive a legal framework as we have. When the intelligence committees of both houses of Congress, multiple executive agencies under two diametrically opposite Presidential administrations, armies of lawyers within offices of general counsel and and inspectors general, and federal judges on the very court whose only purpose is to protect the rights of Americans under the law and the Constitution in the context of foreign intelligence collection are all in agreement, then you have the judgment of every mechanism of our free civil society.
Or we could just keep laying our intelligence sources, methods, techniques, and capabilities bare to our enemies.
âMany forms of Government have been tried and will be tried in this world of sin and woe. No one pretends that democracy is perfect or all-wise. Indeed, it has been said that democracy is the worst form of government except all those other forms that have been tried from time to time." - Winston Churchill (1874-1965), Speech in the House of Commons, November 11, 1947
"The necessity of procuring good Intelligence is apparent and need not be further urged â" all that remains for me to add, is, that you keep the whole matter as secret as possible. For upon Secrecy, Success depends in most Enterprises of the kind, and for want of it, they are generally defeated, however well planned and promising a favourable issue.â â" George Washington, our nation's first spymaster, in a letter to Colonel Elias Dayton, 26 July 1777
A Russian geopolitical analyst says the best way to attack the United States is to detonate nuclear weapons to trigger a supervolcano at Yellowstone National Park or along the San Andreas fault line on California's coast.
The president of the Academy of Geopolitical Problems based in Moscow, Konstantin Sivkov said in an article for a Russian trade newspaper on Wednesday, VPK News, that Russia needed to increase its military weapons and strategies against the "West" which was "moving to the borders or Russia".
He has a conspiracy theory that NATO - a political and military alliance which counts the US, UK, Canada and many countries in western Europe as members - was amassing strength against Russia and the only way to combat that problem was to attack America's vulnerabilities to ensure a "complete destruction of the enemy".
"Geologists believe that the Yellowstone supervolcano could explode at any moment. There are signs of growing activity there. Therefore it suffices to push the relatively small, for example the impact of the munition megaton class to initiate an eruption. The consequences will be catastrophic for the United States - a country just disappears," he said.
"Another vulnerable area of the United States from the geophysical point of view, is the San Andreas fault - 1300 kilometers between the Pacific and North American plates
Considering that nuclear power is the safest form of power the world has ever known, I'd say it's worthy of recognition for offsetting carbon more than anything else. To borrow a phrase, "It's the energy density, stupid."
There's a reason why China has 30 nuclear plants under construction, while the US just approved its first new plant in 30 years.
...but they get our shit to space.
Your (and my, and any individual citizen's) personal interpretation of the Constitution is not the measure. It is the interpretation and implementation by our three branches of government. I realize that some reading this believe they have all been compromised, or that they think some particular thing is "obviously unconstitutional" (even though the judicial, legislative, and executive branches say otherwise), but the fact is we have the system of government we have. So how about you consider the alternative: one where you don't assume that everyone working at every/any level of government, e.g., NSA, doesn't have the worst motivations and is actually trying to do their best to honorably, legally, and Constitutionally, protect our nation and its people instead of the opposite. How about that?
If you would actually like to have a discussion, I am more than happy to engage. I have articulated these views (not on this specific topic, of course) long before I ever served in uniform, and they have nothing to do with a "paycheck" -- in fact, it's the inverse: the reason I chose to serve is because of my personal desire to do what I can to support things I believe in, and believe are important for our nation and my family and fellow citizens, not the other way around. Yes, our system of government is imperfect...grossly so -- but I choose to support it over any and all alternatives, warts and all. (And that is not to say that there are not things that cannot be improved.)
And again -- and I sincerely mean this -- if you are actually serious about engaging in a dialogue, I am happy to.
Yes, where to even begin...
Do you realize that over 70% of FOREIGN internet traffic enters, traverses, or otherwise touches the US?
Do you understand that an individualized warrant is required to target, collect, store, analyze, or disseminate the communications content of a US Person anywhere on the globe, and that the current law on the issue is stronger and more restrictive with regard to US Persons than it has ever been?
Do you understand that the FOREIGN communications we are going after are now intermixed with the communications of the rest of the world, including that of Americans?
Do you understand that when terrorists use Gmail, Facebook, Yahoo, WhatsApp, Hotmail, Twitter, Skype, etc. etc. etc., or Windows, or Dell computers, or Android phones, or Cisco routers, and so on, that there is no technical distinction between your communications and theirs, yet -- surprise -- we still would like to access those communications, and have legal, policy, and technical frameworks to do so, even if you have not personally inspected them yourself?
If you are a US citizen, and not covered by any warrant, no one cares about your communications. And almost by definition, no foreign intelligence agency (NSA, CIA, DIA) remotely gives a shit about your communications, and would greatly prefer to avoid it altogether, unless you have some kind of connection with foreign intelligence targets -- in which case any collection or monitoring of your communications would require an individualized warrant from FISC or another court of competent jurisdiction. I realize you think this isn't the case, and that all of your communications are being mined and monitored (illegally, no less), and since proving a negative is impossible, I won't be able to help in that regard.
My motivation for commenting on these topics on slashdot may be informed by my position, but has nothing to do with it beyond that.
No. The trigger for this isn't that companies are holding data...it's that users have data, and the NSA wants to force the companies to keep/get access their users data even if the company doesn't want to, so that the NSA can access it also. This is a *very* different proposition. If Apple doesn't want to hold its user's data, why should the NSA force them to just so that the NSA can read it? That seems to be the NSA's problem, not Apple's.
And? NSA may "want" a lot of things. That doesn't mean they are going to get it. But if a US-based company is holding encrypted data to which they also have access, you had damned well better believe the government is going to seek access to that data if it is supported by law. If companies want to take the direction of removing themselves from the encryption picture altogether, that is their prerogative. And guess what? There are other technical ways to get that data, such as before it's encrypted in the first place.
Saying "encryption" does not make the data magical, but it also doesn't entitle the NSA to special treatment. If they can break it, fine. If they can't, there is no valid reason for me to make it easy for them.
No, there isn't. And I didn't say there is. I was stating a set of facts, as are you. See? We can talk like adults.
Do we really believe that the US is the only one who has the "right" to access any backdoor/golden-key/whatever? That's absolute nonsense. If the US forces Apple, Google, MS, etc to build key escrow into their devices so that the NSA can read the data on them, then that key will be used by every government on the earth. If you really believe that the NSA will manage to keep exclusive control of a master key for all encryption for a given major vendor, then I'm going to call you delusional.
No...you are completely misunderstanding my point. If you reread what I said, you will note that nowhere did I argue that anyone should build a backdoor for anything...but the fact is that some US-based companies DO have the ability to decrypt stored encrypted data, which they sometimes do for any variety of reasons, and, if when those services are storing the foreign communications of adversaries of the United States, which they are, then we should have a legal framework that allows access to said data. That is all.
Arguing for a master key -- which is what you THINK ADM Rogers is arguing for, but actually isn't -- is antithetical to the security interests of the United States, our people, our military, our intelligence community, and anyone else who requires secure communications in any form. But if you have already formed your conclusions, that is fine. What ADM Rogers is arguing for is a legal framework for data access of entities that operate within and under a US legal construct...and if there is encrypted data present that the data holder cannot access, that is just the way it goes. But as you know, there a number of ways to access the contents of what is ultimately encrypted data without breaking the encryption...ways that are as old as this decades-old discussion.
And we are going to seek those ways, and I will say something that is offensive to many slashdotters' sensibilities: if you support the principles that you claim to -- things like freedom, of speech, of choice, of anything else -- then you should support the abilities of one of the strongest powers in the world at actually, materially, and in reality (not in your little internet fantasy) of actually protecting and projecting those ideals. Actually judging the actions of the US Intelligence Community based on facts, to say nothing of having some perspective on history and reality beyond what self-styled internet tech-libertarians tell you, would be helpful also.
OMG, that must invalidate everything I have to say!
Sorry, been there, done that, been through all the logical fallacies you can lob my way.
The point is the exact reverse of what you are saying.
This is not about whether the Germans or Japanese should have incorporated "backdoors" that any external entity would have required.
This is about the fact that US adversaries, today, as you and I speak, are using the EXACT SAME systems, networks, devices, services, OSes, and encryption standards and protocols, as you and I and innocent Americans and many others in the world. THAT is the issue...does this fact put those communications off limits?
Please. Your comment proves just how deep the misunderstanding of this situation actually is.
Good for you. And if you are a non-US person outside the US (which covers about 99.9% of the communications that foreign intelligence agencies -- key word being foreign -- actually care about) engaged in activity that is a national security threat to the US, as defined by the valid mechanisms (even if you personally disagree with those mechanisms) that democratic nations such as the US develop, then we will try to access your communications. I don't see how this is possibly shocking. Shocking, perhaps, if you are a US adversary, or someone who believes that it's all an overarching plot by the US and other free Western nations to illegally access everyone's communications, especially that of their own citizens to solidify power, or serve corporate/elite/shadowy overlords, but otherwise...yeah, no.
1. "Secret courts". The Foreign Intelligence Surveillance Court is the very court whose sole purpose is protecting the rights of Americans under the law and the Constitution in the context of foreign intelligence collection. Secrecy is required for the conduct of foreign intelligence, even in free societies. That you may disagree with this does not invalidate this fact. That you may see 3-4 pieces of a 1000 piece puzzle and believe you have the full picture does not invalidate this fact.
2. "Spying on everyone". Not sure what you mean, but if you could possibly be referring to metadata collection, that has been affirmed by a Supreme Court ruling that is 35 years old.
And if even the US Supreme Court ultimately renders the phone metadata collection "unconstitutional", it won't mean that it was unconstitutional, or even is unconstitutional at this very moment. The program, to date, is factually lawful and constitutional as the law and existing case law stand -- even including Judge Leon's ruling, which he himself immediately stayed, and was countered by another federal ruling of the same standing.
What an unconstitutional finding would mean is that things aren't the same as they were in 1979: that, with the rise of digital communications and the ability to track not one, or dozens, but hundreds of millions of call records easily, and because large amounts of metadata can often reveal as much private information about a person as communications content, the balance now runs afoul of the reasonableness doctrine of the Fourth Amendment.
And that would be a perfectly valid finding...which does not in the least impugn NSA's purpose or motives. It is not NSA's job to second-guess the law, case law, both houses of Congress, two Presidents from opposite parties, the Attorneys General of said two Presidents, the courts, and the very court established explicitly to protect the rights of Americans under the law and the Constitution in the context of foreign intelligence collection.
It is NSA's job to conduct its missions as aggressively as possible within the law and its resource limitations. My personal prediction is that, because of the nature of modern digital communications, this kind of mass collection of metadata will be found to be unconstitutional. The interesting thing is that people who think it is "clearly" unconstitutional seem to think things are innately or inherently constitutional or unconstitutional, ignoring incredible and fantastic complexities that already exist in interpretations of the Fourth Amendment, to say nothing of the rest of the Constitution and Bill of Rights.
Things aren't magically constitutional or unconstitutional. They are so based on the application and interpretation of the law and the Constitution by the courts, even in the simplest of circumstances. Certainly basic rules applying to things like, say, vehicle or home searches are well-tested and the officials who implement them (e.g., local LEOs) are well-versed in these topics. But when there is a question, it is the courts that decide -- NOT individual peoples' whims, feelings, or opinions.
The current, indisputable fact is that phone call metadata, as a "business record" provided to a third party, does NOT have an expectation of privacy and is NOT covered by the Fourth Amendment. There is no gray area, and that case law, as embodied by Smith v. Maryland, applies just as easily to one phone call, as to 10, as to millions. Certainly in 1979 SCOTUS never imagined that this principle could be applied in a blanket fashion touching any American with a telephone; conversely, SCOTUS probably also never imagined that terrorists would plot devastating domestic attacks using our own communications systems within our own country.
In any event, it seems likely that bulk metadata collection will no longer be allowed, and NSA and the IC will simply figure out ways to do their jobs within the confines that our system of government prescribes. That's fine, and that is the way our system works. But for people to say that NSA is "obviously" breaking the law or that metadata collection is "clearly" unconstitutional -- when both are not only subjective, but provably false, statements -- is highly offensive to people who see the care that goes into these efforts, all of which are designed solely to protect our Nation and its people.
I have said it before, and I will say it again: adversaries of the United States, be they terrorists or nation-states, increasingly use the same systems, networks, services, providers, operating systems, devices, tools, encryption standards, and so on as Americans and much of the rest of the world. To have the "capability" to target the one necessarily implies the capability to target them all. The distinction is no longer the technology or the capability -- it is ONLY the target; the person on the other end. In a democratic society based on the rule of law, it cannot be the capability, but the LAW, that is paramount.
What he "wants", when US-based companies hold data that still can technically be accessed for legitimate foreign intelligence purposes supported by our system of law, is that a legal framework should allow for it. When it can't be, it's up to NSA to determine other mechanisms to access that data.
If you actually care about our system of government, or that of any Western governments, then you would support that, too.
If, on the other hand, you live in a world where simply crying "Encryption!" is some kind of barrier that magically sanctifies the underlying data, and that it then cannot and should not ever be accessed by anyone other than the data owner...well, then I would ask what you think about the German and Japanese codes in WWII?
Oops...now the the fact is that US adversaries no longer are using their own custom software/hardware/encryption/etc. and now share the same technologies that Americans and the rest of the world use does not magically place these technologies off-limits for exploitation or targeting. It would turn modern intelligence gathering -- yes, of even free nations -- on its head.
The law and Constitution (as interpreted and implemented by our system of government) are the constraints -- not specific technological capability. That these constraints are erroneously believed to not be effective, or that the press and public willfully misunderstand the legal landscape alongside the big picture of SIGINT in the digital age, does not mean the constraints don't exist. The level of constraint on our activities, even activities conducted with respect to non-US Persons exclusively outside the US, rises to a level that I can only compare to a bad joke. An even worse joke is when people believe NSA is operating rouge, with virtually no constraints or oversight (at least any meaningful oversight), juxtaposed with the reality we work in every day.
If we're essentially saying that it was only okay for the US and our allies to, for example, break the German or Japanese codes during WWII simply because Americans weren't also using the same codes, and therefore that is the only reason that the government could be "trusted" to not misbehave or abuse its powers, then we have a serious problem on our hands.
So, take your message content and apply that to yourself. Thanks!