Forum Settings
       
Reply To Thread

Breaking teh interwebz - NSA styleFollow

#27 Sep 11 2013 at 8:05 AM Rating: Good
Skelly Poker Since 2008
*****
16,781 posts
angrymnk wrote:

Ok, time to head for the azbestos factory; not all of us have jobs as network engineers.

Are you Canadian?
____________________________
Alma wrote:
I lost my post
#28 Sep 11 2013 at 8:06 AM Rating: Good
*******
50,767 posts
Uglysasquatch wrote:
gbaji wrote:
Starting with the conspiracy and then working backwards is, well... backwards.
Sound advice. Try it sometime.
Give him credit, he gets half of that equation all the time. Either the conspiracy or the working backwards part.
____________________________
George Carlin wrote:
I think it’s the duty of the comedian to find out where the line is drawn and cross it deliberately.
#29 Sep 11 2013 at 4:46 PM Rating: Decent
Encyclopedia
******
35,568 posts
Smasharoo wrote:
The only thing intentionally creating software backdoors and exploits in commercial software would do is maximize the likelihood that someone would notice this and cause all sorts of problems. This is precisely why we're hearing about this only because some guy who worked at the NSA leaked some documents that speak in really broad terms about gaining lots of data, and actually specifically says not to ask how, instead of some code monkey somewhere going "hey! I found this horrific exploit in 500 different software applications out there, and I traced the network calls using these exploits on a massive scale to this large and suspiciously government looking data farm...". Because that's what would happen if NSA were actually trying to access that volume of data using software backdoors.

You don't write code, do you.


Um... Yes. I do. You do understand that most of the protocols used for security have open source code, right? So you can't put a back door into say SSL and get away with it. Everyone who writes to that protocol knows where every single bit being transmitted is, and what it's used for, and how any application written to that standard will access it. I know that for people like you there's a layer of "magic" involved, but that's just not true.

In order to accomplish any sort of large scale data mining in anything like real time (as described via the bits of document Snowden has released) you can't do it using software backdoors. I mean, you could maybe get away with this on a few proprietary tools out there, but the bulk of what is actually used for encrypted communication on a network is fully understood source. This isn't Ritchie putting a backdoor into C back in the day, where he was literally the only person who'd ever viewed the full source code, and it was only actually being used for OS compiles on like 20 systems at one company. Today, you can't do that, but the myth of the "software backdoor" is ubiquitous.

You put backdoors in appliances, typically about 2-4 layers lower than the kind of software that most people think about when folks mention backdoors. Those are far more likely to be black box deals, far more likely to be small/closed proprietary systems, and far easier for a government agency to influence. And, most importantly, far far harder for any one of the million or so guys out there who actively look for signs of these sorts of things to find them. Combine that with parallel construction of government only backbone networks, and you can seamlessly slurp up arbitrarily vast amounts of data without leaving a single trace.

Any method done at a higher layer will leave signs, most obviously the massive amount of additional network traffic. Aligning your entry point to physical layers means you can avoid that. This doesn't preclude *also* using software hacks to get data, but by necessity that would have to be smaller scale and more of a per-use thing.
____________________________
King Nobby wrote:
More words please
#30 Sep 11 2013 at 5:18 PM Rating: Decent
Encyclopedia
******
35,568 posts
Let me add, before you go there, that I'm not a coder by profession. I don't sit around writing application code all day long. However, and perhaps more significant to this conversation, I do have a fairly complete understanding of network protocols, layers, packet layouts, etc. The data structures are relatively static. And since all code that uses those structures has to work within those confines and to those standards, the idea of a software level backdoor allowing one to break network communication security, while not impossible, is highly improbable. Someone would have spotted it. The scope of conspiracy required in order to maintain such backdoors would be ridiculously large. You'd need to have every single person who's written any version of software that utilizes a given security protocol to be in on it. So every guy who is involved in putting out a crypto library would have to be in on it. Or every guy writing an SSL application would have to look the other way (or fail to notice the extraneous code).

Network communication is not magic. It uses very strict rules and structures. There are potential exploits to be used of course, but again, when we're talking about massive collection and decryption of data in near real time, you just can't do it at the software layer. Too slow. Too many variables. Too many fingers in the pie. And too many signs that you're doing it. It's one thing to "hack in" and rummage around looking for something. It's a completely different matter to duplicate everything on a network and route it to some data farm somewhere. Even if you could get in via some backdoor in a software level security protocol, there's no way the site you're taking data from wont notice the massive increase of bandwidth usage required. Because to do it in software means you have to be physically accessing their site and pulling data out. If you do it at (or near) the hardware layer along the backbones, you can pull the data out at juncture points that physically intersect with your own physical cables. And if those juncture points are also encrypt/decrypt points, you can get that data "in the clear", and then only have to worry about the relatively small percentage of data traveling those links where the data itself is encrypted (usually using much weaker/faster on the fly encryption, so probably breakable).


I obviously have no clue how exactly the NSA collects data. But if we assume that they are collecting massive amounts of data and decrypting it in near real time, this is how they would likely do it. Not because I know that's what they're doing, but because it's how I would do it if I were tasked with collecting that much data in a useful manner. You just have to understand how data transfers across the net works to see this. But most people's understanding is based on watching TV and films, where it's always about "hacking in". But if you have the money and resources to physically layer yourself along the backbones of the internet, you don't need to do that. And as I said, that's what I would do if I were asked to build a system to collect as much internet traffic as possible in near real time. It's completely invisible.
____________________________
King Nobby wrote:
More words please
#31 Sep 11 2013 at 7:20 PM Rating: Decent
Lunatic
******
30,086 posts
Um... Yes. I do. You do understand that most of the protocols used for security have open source code, right? So you can't put a back door into say SSL and get away with it. Everyone who writes to that protocol knows where every single bit being transmitted is, and what it's used for, and how any application written to that standard will access it. I know that for people like you there's a layer of "magic" involved, but that's just not true.

You mean TLS, right? I had a mystic vision that SSL has been crackable by $1000 hardware setups for years. Regardless, both are cipher dependent. I'm not sure if you picked this example because it's idiotic to demonstrate what people don't understand or if you're just stupid, but we'll assume it's the former. That said, it would be fairly trivial for NIST to make AES-256 (or whatever) vulnerable to fast novel attacks. You don't understand cryptanalysis well enough for me to bother with going into this more deeply, but, basically, yes, if given sufficient influence over a standards body, ciphers can be modified to be easily breakable in ways that will not be apparent.
____________________________
Disclaimer:

To make a long story short, I don't take any responsibility for anything I post here. It's not news, it's not truth, it's not serious. It's parody. It's satire. It's bitter. It's angsty. Your mother's a *****. You like to jack off dogs. That's right, you heard me. You like to grab that dog by the bone and rub it like a ski pole. Your dad? Gay. Your priest? Straight. **** off and let me post. It's not true, it's all in good fun. Now go away.

#32 Sep 11 2013 at 8:32 PM Rating: Decent
Scholar
***
1,323 posts
gbaji wrote:
Let me add, before you go there, that I'm not a coder by profession. I don't sit around writing application code all day long. However, and perhaps more significant to this conversation, I do have a fairly complete understanding of network protocols, layers, packet layouts, etc. The data structures are relatively static. And since all code that uses those structures has to work within those confines and to those standards, the idea of a software level backdoor allowing one to break network communication security, while not impossible, is highly improbable. Someone would have spotted it. The scope of conspiracy required in order to maintain such backdoors would be ridiculously large. You'd need to have every single person who's written any version of software that utilizes a given security protocol to be in on it. So every guy who is involved in putting out a crypto library would have to be in on it. Or every guy writing an SSL application would have to look the other way (or fail to notice the extraneous code).

Network communication is not magic. It uses very strict rules and structures. There are potential exploits to be used of course, but again, when we're talking about massive collection and decryption of data in near real time, you just can't do it at the software layer. Too slow. Too many variables. Too many fingers in the pie. And too many signs that you're doing it. It's one thing to "hack in" and rummage around looking for something. It's a completely different matter to duplicate everything on a network and route it to some data farm somewhere. Even if you could get in via some backdoor in a software level security protocol, there's no way the site you're taking data from wont notice the massive increase of bandwidth usage required. Because to do it in software means you have to be physically accessing their site and pulling data out. If you do it at (or near) the hardware layer along the backbones, you can pull the data out at juncture points that physically intersect with your own physical cables. And if those juncture points are also encrypt/decrypt points, you can get that data "in the clear", and then only have to worry about the relatively small percentage of data traveling those links where the data itself is encrypted (usually using much weaker/faster on the fly encryption, so probably breakable).


I obviously have no clue how exactly the NSA collects data. But if we assume that they are collecting massive amounts of data and decrypting it in near real time, this is how they would likely do it. Not because I know that's what they're doing, but because it's how I would do it if I were tasked with collecting that much data in a useful manner. You just have to understand how data transfers across the net works to see this. But most people's understanding is based on watching TV and films, where it's always about "hacking in". But if you have the money and resources to physically layer yourself along the backbones of the internet, you don't need to do that. And as I said, that's what I would do if I were asked to build a system to collect as much internet traffic as possible in near real time. It's completely invisible.


Well, I ,for one, am convinced. Obviously, if Gbaji, our world renowned network expert ( to the extent that he has
Quote:
a fairly complete understanding of network protocols, layers, packet layouts, etc.
) then everything is fine. Go back to bed America. We figured it out.The government is in control again. Lets go home. Obviously, undermining the world wide network standards is nothing to worry about; Gbaji himself declared it to be so. Gathering data that the NSA supposedly was not supposed to gather, lying about the scope of the gathering to congress, and then, probably for sh*t and giggles, sharing it with Israel.

You are right. It is definitely worth a shrug. Could you tell me at what point would you consider any of it an issue? At this point, I am really curious.

As a side note, could you stop with discussion of the perception of hacker in the general populace. That perception, admittedly, does not help, but the general US populace is.. well, lets just say, I occasionally question whether Flynn effect is actually true. Speaking of a lone evil hacker, how about Snowden? Would you qualify him as such? After all, as far as we know, he merely used his sysadmin rights ( to pretend he is someone with more rights:P).

Edited, Sep 11th 2013 10:32pm by angrymnk
____________________________
Your soul was made of fists.

Jar the Sam
#33 Sep 12 2013 at 7:25 AM Rating: Good
*******
50,767 posts
gbaji wrote:
However, and perhaps more significant to this conversation, I do have a fairly complete understanding of network protocols, layers, packet layouts, etc.
So you're telling us we should disregard what you're saying here. Got'cha.
____________________________
George Carlin wrote:
I think it’s the duty of the comedian to find out where the line is drawn and cross it deliberately.
#34 Sep 12 2013 at 7:28 AM Rating: Excellent
Liberal Conspiracy
*******
TILT
His fancy book & job learnin' ain't no match for my common sense and intuition on what's really what!
____________________________
Belkira wrote:
Wow. Regular ol' Joph fan club in here.
#35 Sep 12 2013 at 8:38 AM Rating: Decent
Lunatic
******
30,086 posts
So you're telling us we should disregard what you're saying here. Got'cha.

He's basically telling you he's a plumber who works with cables and less complex systems. When he claims to use code, he's talking about command line data entry from a manual or at best BASH scripts. Which is fine, and most people can't do that much, but it really doesn't offer much insight into cryptography any more than a the guy who pumps your gas has special insight into electric cars.
____________________________
Disclaimer:

To make a long story short, I don't take any responsibility for anything I post here. It's not news, it's not truth, it's not serious. It's parody. It's satire. It's bitter. It's angsty. Your mother's a *****. You like to jack off dogs. That's right, you heard me. You like to grab that dog by the bone and rub it like a ski pole. Your dad? Gay. Your priest? Straight. **** off and let me post. It's not true, it's all in good fun. Now go away.

#36 Sep 13 2013 at 4:23 PM Rating: Decent
Encyclopedia
******
35,568 posts
Smasharoo wrote:
That said, it would be fairly trivial for NIST to make AES-256 (or whatever) vulnerable to fast novel attacks.


Not without about 10,000 people (at a minimum) knowing it though. Hence the problem.

Quote:
You don't understand cryptanalysis well enough for me to bother with going into this more deeply, but, basically, yes, if given sufficient influence over a standards body, ciphers can be modified to be easily breakable in ways that will not be apparent.


Er. It really sounds like it's *you* who doesn't understand cryptography though (which is what we're talking about here). The encryption itself is just math. Math doesn't have "backdoors". In this context, it does have stronger and weaker though, but those attributes are directly visible to anyone looking at the math function itself. What you seem to not understand is that from a software perspective, it's the crypto libraries that matter, since they actually implement any particular encryption for applications to use. But those are written by thousands of different people and backdoors would be spotted.

I am not arguing that the NSA couldn't influence standards to increase the adoption of weaker encryption. I'm saying that this is not the same as putting backdoors in place. A backdoor is something that is part of a larger system which allows anyone who knows where it is to bypass normal security. It can literally be a backdoor in a structure, or an open port built into a hardware device, or a listener app that allows specifically coded communication keys to gain entry to a software program.

Convincing the piggies to build their houses out of twigs instead of bricks is not the same as building a backdoor into their homes. I'm just pointing out your misapplication of the term.

Edited, Sep 13th 2013 3:42pm by gbaji
____________________________
King Nobby wrote:
More words please
#37 Sep 13 2013 at 4:41 PM Rating: Decent
Encyclopedia
******
35,568 posts
angrymnk wrote:
You are right. It is definitely worth a shrug. Could you tell me at what point would you consider any of it an issue? At this point, I am really curious.


Um... At the point where law enforcement begins doing it to charge people with crimes not related in any way to national security. I'm far less concerned about a super secret government agency slurping up massive amounts of network traffic and then sifting through it to look for folks the rest of the intelligence agencies should focus on than I am with say CCTV cameras being installed in cities so that police can watch where everyone goes, or our penchant to hand over so much information about ourselves that any investigator can find out exactly where you went yesterday, what you ate, who you spoke with, what purchases you made, etc, all without needing any massive computer farms anywhere. I'm far more concerned with a government that manipulates our environment in order to manipulate us than one that collects information about us.

What made Big Brother authoritarian wasn't that it was watching you all the time. Because that part of the story was demonstrably ineffective. It was Big Brothers control of media and information and even language that allowed it to control the people. I think a lot of people fail to grasp that. The real threat isn't information the government has about you, but government control of information you receive. We live in an age where we leave digital footprints everywhere we go. Trying vainly to secure that somehow is probably counterproductive. I'd much rather focus on making sure that the information we're exposed to is "free" in the sense that anyone can communicate what they want to anyone they want.


The day to be concerned is when you start seeing clamp downs on what you can read or watch.


Quote:
As a side note, could you stop with discussion of the perception of hacker in the general populace.


I'll stop the moment people stop assuming that an agency like the NSA gains information via the same methods.

Quote:
Speaking of a lone evil hacker, how about Snowden? Would you qualify him as such? After all, as far as we know, he merely used his sysadmin rights ( to pretend he is someone with more rights:P).


Of course he's not a hacker. He was given access to the data he stole. I don't consider him anything more than a guy who read a bunch of 10,000 foot documents about a subject he only half understood, and decided to panic and light his hair on fire and run around the room screaming that we're all going to die.
____________________________
King Nobby wrote:
More words please
#38 Sep 13 2013 at 5:42 PM Rating: Decent
Scholar
***
1,323 posts
gbaji wrote:
angrymnk wrote:
You are right. It is definitely worth a shrug. Could you tell me at what point would you consider any of it an issue? At this point, I am really curious.


Um... At the point where law enforcement begins doing it to charge people with crimes not related in any way to national security. I'm far less concerned about a super secret government agency slurping up massive amounts of network traffic and then sifting through it to look for folks the rest of the intelligence agencies should focus on than I am with say CCTV cameras being installed in cities so that police can watch where everyone goes, or our penchant to hand over so much information about ourselves that any investigator can find out exactly where you went yesterday, what you ate, who you spoke with, what purchases you made, etc, all without needing any massive computer farms anywhere. I'm far more concerned with a government that manipulates our environment in order to manipulate us than one that collects information about us.
.


So are you ok NSA grunts spying on their exes? I mean it is not like anyone is suggesting any kind of slippery slope argument here... People are just people. If you give them vast, unchecked power, they will use it. I take it, LOVEINT is acceptable use of taxpayers money?

The fact, that you even draw a line crimes related to national security makes me chuckle. These days and age... everything is about national security. If you don't believe me, try submitting FOIA what is the most common excuse not to do anything. In case you did not notice, "because National Security" has long since replaced "because Communism!" .

As a side chuckle, for you to consider, I will add that national security made it kinda hard to know what is happening, what with secret courts and all that. Note that people who, for example, receive NSL, happen to receive, gag orders on the side. Yay, right?

Gbaji, when you started talking about network protocols, I figured I would spend some quality time with you, because if you were just some common ******, even if you spread this stupidity, it would not have mattered as much. Granted, you seem to behave more like a middle management type than an actual engineer, but we can't have you pollute other minds with this kind of filth. Or at least, make your filthy habits less palatable for the naive virgin non-asylumites that enter this forum by mistake.
____________________________
Your soul was made of fists.

Jar the Sam
#39 Sep 13 2013 at 5:53 PM Rating: Decent
Scholar
***
1,323 posts
Quote:
he only half understood, and decided to panic and light his hair on fire and run around the room screaming that we're all going to die


Well, long term, we are all going to die. So you are wrong there as well. As for the half-understood comment, he only avoided detected doing something fishy in the NATIONAL SECURITY AGENCY; complete with rigorous checks, reviews, red flag alerts for farting, you name it.

Obviously, he also half understood what he was doing when he managed to show all this information to the journalist by being, at the time it would seem, mildly paranoid.

You were saying?
____________________________
Your soul was made of fists.

Jar the Sam
#40 Sep 13 2013 at 6:53 PM Rating: Decent
Encyclopedia
******
35,568 posts
angrymnk wrote:


Of course not. I'm also not ok with cable guys installing hidden cameras in people's dorm rooms. Or food preparers spitting in people's food. Or any of an endless list of ways that people can abuse their positions to engage in nefarious behavior towards other people. Point being that they're not supposed to be doing that and if caught can suffer loss of job and/or legal charges. I *could* browse though people's documents, email, etc at work. I don't because even though I have the power to do so, I'm not supposed to do so without permission. Same deal IMO.

Quote:
I mean it is not like anyone is suggesting any kind of slippery slope argument here... People are just people. If you give them vast, unchecked power, they will use it.


Er? Isn't that exactly what you're doing? Hey. We give cops the authority to pull people over too. And guess what? Every once in awhile a cop abuses that authority and rapes/kills someone. The problem is that we don't have an all or nothing solution to that problem.

Quote:
I take it, LOVEINT is acceptable use of taxpayers money?


No. But if we assume that there is a need to have intelligence agencies which must have access to "secret" data, then we have to have people who have access to that data. Which means opening ourselves up to the possibility of those people abusing the data they have access to. There's no way around that. You put what precautions you can in place, but that's all you can do.

Quote:
The fact, that you even draw a line crimes related to national security makes me chuckle. These days and age... everything is about national security. If you don't believe me, try submitting FOIA what is the most common excuse not to do anything. In case you did not notice, "because National Security" has long since replaced "because Communism!" .


Um... The national security excuse has been used since before either of us were born and will continue to be used long after we're both dead. This is nothing new. We're not talking about what you or I can find out about what they know, but how they can legally use the information they obtain. Currently, you can't use any information gained "illegally" to file criminal charges. It's why there's such a problem with the whole "treat terrorists as criminals" approach. Our legal system is not designed to work that way. We have very strict rules about evidence that can be used in a trial. Those rules require that data collected be collected legally. So you need warrants for searches of any kind (including electronic).

That's what I was speaking about with regard to national security. As long as those collecting information illegally can't use it for anything within our criminal justice system, I'm not super concerned about it. But if they can use that information to spot attacks before they happen (both traditional and terrorist), that's a good thing. Again, you just can't look at this as all or nothing. It's a matter of degrees. Unless you want to toss out any ability for our government to collect data and examine patterns in that data to spot possible threats to national security you can't ensure that no one who works at such an agency has the potential to abuse the data that they collect.

Quote:
As a side chuckle, for you to consider, I will add that national security made it kinda hard to know what is happening, what with secret courts and all that. Note that people who, for example, receive NSL, happen to receive, gag orders on the side. Yay, right?


Sure. I'm not sure why you feel the need to lump two completely different things together though. The degree to which joe average private citizen can find out what an agency is doing or knows is completely different from what information that agency knows or can access. I guess I just view this as very selective opposition to what is really a fairly normal function of government. By agreeing to be governed we accept that we're giving up some of our freedom in return for protection of the remainder. That's how the whole thing works. When I put a machine gun in the hands of our soldiers, I do with trusting them to use those weapons defending me from enemies and not turning them on me and the rest of the citizens. When I give the power to a legislator to write laws, I do so trusting him to write laws that will serve the cause of freedom/liberty/etc and not pass ones that round us into concentration camps.

Ultimately, governments always have power over the governed. Saying "OMG! They could abuse their power!!!" is somewhat meaningless. You have to put it in the context of what they're actually doing, and some kind of analysis of the relative harm/help of those actions. Hence my /shrug at this. There's an unending list of people saying that the government is stealing their private information for nefarious means. There's a very very very small list of people who can actually show how they were concretely harmed by this.


The question of "who watches the watchmen" should not drive us to eliminate all watchmen. Not unless we're really stupid, that is.
____________________________
King Nobby wrote:
More words please
#41 Sep 13 2013 at 7:00 PM Rating: Decent
Encyclopedia
******
35,568 posts
angrymnk wrote:
Quote:
he only half understood, and decided to panic and light his hair on fire and run around the room screaming that we're all going to die


As for the half-understood comment, he only avoided detected doing something fishy in the NATIONAL SECURITY AGENCY; complete with rigorous checks, reviews, red flag alerts for farting, you name it.


There was no "avoiding" anything. I thought I already said this: He was given access to that information. The difference between him and the other 50,000 people with access to the same data is that everyone else looked at it and said "This is the NSA, of course they collect data". Snowden, on the other hand, suddenly went "What!!!? You mean this agency I'm working for, which exists solely to collect vast amounts of data via clandestine methods and analyzes it for potential security threats is collecting vast amounts of data via clandestine methods? I must alert the media!!!".

He's an idiot. Everyone else "got it". He didn't.

Quote:
Obviously, he also half understood what he was doing when he managed to show all this information to the journalist by being, at the time it would seem, mildly paranoid.


No. He was more than mildly stupid. That's seriously it. He's like the guy who joins the military and then is shocked when he's expected to actually fight. What! You mean I have to hold... a... WEAPON! And shoot it? At people!????

Yeah. He's that dumb. Or perhaps amazingly naive. But I'm going with dumb.

Quote:
You were saying?


Thought I was already clear about what I was saying.
____________________________
King Nobby wrote:
More words please
#42 Sep 13 2013 at 7:18 PM Rating: Decent
Scholar
***
1,323 posts
gbaji wrote:
angrymnk wrote:
Quote:
he only half understood, and decided to panic and light his hair on fire and run around the room screaming that we're all going to die


As for the half-understood comment, he only avoided detected doing something fishy in the NATIONAL SECURITY AGENCY; complete with rigorous checks, reviews, red flag alerts for farting, you name it.


There was no "avoiding" anything. I thought I already said this: He was given access to that information. The difference between him and the other 50,000 people with access to the same data is that everyone else looked at it and said "This is the NSA, of course they collect data". Snowden, on the other hand, suddenly went "What!!!? You mean this agency I'm working for, which exists solely to collect vast amounts of data via clandestine methods and analyzes it for potential security threats is collecting vast amounts of data via clandestine methods? I must alert the media!!!".

He's an idiot. Everyone else "got it". He didn't.

Quote:
Obviously, he also half understood what he was doing when he managed to show all this information to the journalist by being, at the time it would seem, mildly paranoid.


No. He was more than mildly stupid. That's seriously it. He's like the guy who joins the military and then is shocked when he's expected to actually fight. What! You mean I have to hold... a... WEAPON! And shoot it? At people!????

Yeah. He's that dumb. Or perhaps amazingly naive. But I'm going with dumb.

Quote:
You were saying?


Thought I was already clear about what I was saying.


Interesting, I can only assume that the corollary to Snowden being dumb and/or naive is NSA being incompetent ( for letting dumb naive person access that data )? If not, what other inference would you draw?
____________________________
Your soul was made of fists.

Jar the Sam
#43 Sep 13 2013 at 7:22 PM Rating: Decent
Scholar
***
1,323 posts
gbaji wrote:
angrymnk wrote:


Of course not. I'm also not ok with cable guys installing hidden cameras in people's dorm rooms. Or food preparers spitting in people's food. Or any of an endless list of ways that people can abuse their positions to engage in nefarious behavior towards other people. Point being that they're not supposed to be doing that and if caught can suffer loss of job and/or legal charges. I *could* browse though people's documents, email, etc at work. I don't because even though I have the power to do so, I'm not supposed to do so without permission. Same deal IMO.

Quote:
I mean it is not like anyone is suggesting any kind of slippery slope argument here... People are just people. If you give them vast, unchecked power, they will use it.


Er? Isn't that exactly what you're doing? Hey. We give cops the authority to pull people over too. And guess what? Every once in awhile a cop abuses that authority and rapes/kills someone. The problem is that we don't have an all or nothing solution to that problem.

Quote:
I take it, LOVEINT is acceptable use of taxpayers money?


No. But if we assume that there is a need to have intelligence agencies which must have access to "secret" data, then we have to have people who have access to that data. Which means opening ourselves up to the possibility of those people abusing the data they have access to. There's no way around that. You put what precautions you can in place, but that's all you can do.

Quote:
The fact, that you even draw a line crimes related to national security makes me chuckle. These days and age... everything is about national security. If you don't believe me, try submitting FOIA what is the most common excuse not to do anything. In case you did not notice, "because National Security" has long since replaced "because Communism!" .


Um... The national security excuse has been used since before either of us were born and will continue to be used long after we're both dead. This is nothing new. We're not talking about what you or I can find out about what they know, but how they can legally use the information they obtain. Currently, you can't use any information gained "illegally" to file criminal charges. It's why there's such a problem with the whole "treat terrorists as criminals" approach. Our legal system is not designed to work that way. We have very strict rules about evidence that can be used in a trial. Those rules require that data collected be collected legally. So you need warrants for searches of any kind (including electronic).

That's what I was speaking about with regard to national security. As long as those collecting information illegally can't use it for anything within our criminal justice system, I'm not super concerned about it. But if they can use that information to spot attacks before they happen (both traditional and terrorist), that's a good thing. Again, you just can't look at this as all or nothing. It's a matter of degrees. Unless you want to toss out any ability for our government to collect data and examine patterns in that data to spot possible threats to national security you can't ensure that no one who works at such an agency has the potential to abuse the data that they collect.

Quote:
As a side chuckle, for you to consider, I will add that national security made it kinda hard to know what is happening, what with secret courts and all that. Note that people who, for example, receive NSL, happen to receive, gag orders on the side. Yay, right?


Sure. I'm not sure why you feel the need to lump two completely different things together though. The degree to which joe average private citizen can find out what an agency is doing or knows is completely different from what information that agency knows or can access. I guess I just view this as very selective opposition to what is really a fairly normal function of government. By agreeing to be governed we accept that we're giving up some of our freedom in return for protection of the remainder. That's how the whole thing works. When I put a machine gun in the hands of our soldiers, I do with trusting them to use those weapons defending me from enemies and not turning them on me and the rest of the citizens. When I give the power to a legislator to write laws, I do so trusting him to write laws that will serve the cause of freedom/liberty/etc and not pass ones that round us into concentration camps.

Ultimately, governments always have power over the governed. Saying "OMG! They could abuse their power!!!" is somewhat meaningless. You have to put it in the context of what they're actually doing, and some kind of analysis of the relative harm/help of those actions. Hence my /shrug at this. There's an unending list of people saying that the government is stealing their private information for nefarious means. There's a very very very small list of people who can actually show how they were concretely harmed by this.


The question of "who watches the watchmen" should not drive us to eliminate all watchmen. Not unless we're really stupid, that is.



We are finally getting somewhere. You are not ok with abuse. Good to hear this. Now, I hope you recognize that it is tad difficult to spot the abuse in the NSA system. Note that Snowden went public with his abuse. Imagine what a secretive person would do?:>

____________________________
Your soul was made of fists.

Jar the Sam
#44 Sep 13 2013 at 8:14 PM Rating: Decent
Encyclopedia
******
35,568 posts
angrymnk wrote:
We are finally getting somewhere. You are not ok with abuse. Good to hear this. Now, I hope you recognize that it is tad difficult to spot the abuse in the NSA system.


Of course.

Quote:
Note that Snowden went public with his abuse.


No. He went public with the shocking information that the NSA was collecting data. Abuse would be if they used the data they collected on *you* (for example) to blackmail you in some way. Has Snowden provided any information about uses of the data collected by the NSA to do anything nefarious and outside their national security role?

Quote:
Imagine what a secretive person would do?:>


A secretive person would recognize that he works for an agency that collects lots of data for use with national security goals and would keep a look out for abuses/misuse of that data and make a decision whether to blow the whistle on that kind of activity when it happens (and yes, this sort of whistle blowing has occurred before Snowden came along). He would understand that as an agency with that sort of access, comes the responsibility to use that access correctly and responsibly and not take advantage of it for personal reasons. Obviously, humans being flawed, some people aren't going to be able to handle that level of responsibility.

I think the difference is that I don't view the NSA collecting the data as abuse by itself. In more or less the same way I don't view a cop pulling someone over as abuse by itself either. Having power isn't the same as abusing power.
____________________________
King Nobby wrote:
More words please
#45 Sep 13 2013 at 11:33 PM Rating: Excellent
GBATE!! Never saw it coming
Avatar
****
9,957 posts
gbaji wrote:
I guess I just view this as very selective opposition to what is really a fairly normal function of government. By agreeing to be governed we accept that we're giving up some of our freedom in return for protection of the remainder. That's how the whole thing works. When I put a machine gun in the hands of our soldiers, I do with trusting them to use those weapons defending me from enemies and not turning them on me and the rest of the citizens. When I give the power to a legislator to write laws, I do so trusting him to write laws that will serve the cause of freedom/liberty/etc and not pass ones that round us into concentration camps.
I'll never wrap my head around the fact that you can objectively view government functions like the ones being discussed here in a rational and clear way (and for the record, I'm not disagreeing with you here at all) and then turn around and be absolutely unable or unwilling to apply it to things like using taxes to help the poor.
____________________________
remorajunbao wrote:
One day I'm going to fly to Canada and open the curtains in your office.

#46 Sep 14 2013 at 8:46 AM Rating: Decent
Lunatic
******
30,086 posts
Er. It really sounds like it's *you* who doesn't understand cryptography though (which is what we're talking about here). The encryption itself is just math. Math doesn't have "backdoors". In this context, it does have stronger and weaker though, but those attributes are directly visible to anyone looking at the math function itself.

No. I'm not going to respond to any more "you don't understand this as well as I do after goggling for ten seconds." I've spent a fair amount of time on cryptanalysis. It's never been my primary concentration academically or professionally, but I've worked in many environments where a working knowledge was beneficial. Were what you've mistakenly stated here correct, novel fast attacks wouldn't exist and the only way to break cyphers would be brute force attacks. This isn't the case. Can you see why? Just kidding, you obviously can't. Key length isn't a magic bullet. If there's a classified fast novel attack that NSA knows, it's useful until someone else discovered it. Generally, given the amount of talent in this area that's collected there, they are about 2 yearssih ahead.
____________________________
Disclaimer:

To make a long story short, I don't take any responsibility for anything I post here. It's not news, it's not truth, it's not serious. It's parody. It's satire. It's bitter. It's angsty. Your mother's a *****. You like to jack off dogs. That's right, you heard me. You like to grab that dog by the bone and rub it like a ski pole. Your dad? Gay. Your priest? Straight. **** off and let me post. It's not true, it's all in good fun. Now go away.

#47 Sep 16 2013 at 7:17 AM Rating: Good
*******
50,767 posts
Friar Bijou wrote:
I'll never wrap my head around the fact that you can objectively view government functions like the ones being discussed here in a rational and clear way (and for the record, I'm not disagreeing with you here at all) and then turn around and be absolutely unable or unwilling to apply it to things like using taxes to help the poor.
There's no clear side so he's forced to flip a coin and go with whatever it decides.
____________________________
George Carlin wrote:
I think it’s the duty of the comedian to find out where the line is drawn and cross it deliberately.
#48 Sep 16 2013 at 7:27 AM Rating: Good
Skelly Poker Since 2008
*****
16,781 posts
Friar Bijou wrote:
gbaji wrote:
I guess I just view this as very selective opposition to what is really a fairly normal function of government. That's how the whole thing works. When I put a machine gun in the hands of our soldiers, I do with trusting them to use those weapons defending me from enemies and not turning them on me and the rest of the citizens. When I give the power to a legislator to write laws, I do so trusting him to write laws that will serve the cause of freedom/liberty/etc and not pass ones that round us into concentration camps.
I'll never wrap my head around the fact that you can objectively view government functions like the ones being discussed here in a rational and clear way (and for the record, I'm not disagreeing with you here at all) and then turn around and be absolutely unable or unwilling to apply it to things like using taxes to help the poor.
I think this is backwards....
Quote:
By agreeing to be governed we accept that we're giving up some of our freedom in return for protection of the remainder.
I don't give up freedoms in agreement to be governed. We will be governed. That's inevitable as long as we choose to live among other peeps. We agree to be governed by a democratic institution in exchange for allowing us basic freedoms.





Edited, Sep 16th 2013 3:27pm by Elinda
____________________________
Alma wrote:
I lost my post
#49 Sep 16 2013 at 4:34 PM Rating: Decent
Encyclopedia
******
35,568 posts
Friar Bijou wrote:
gbaji wrote:
I guess I just view this as very selective opposition to what is really a fairly normal function of government. By agreeing to be governed we accept that we're giving up some of our freedom in return for protection of the remainder. That's how the whole thing works. When I put a machine gun in the hands of our soldiers, I do with trusting them to use those weapons defending me from enemies and not turning them on me and the rest of the citizens. When I give the power to a legislator to write laws, I do so trusting him to write laws that will serve the cause of freedom/liberty/etc and not pass ones that round us into concentration camps.
I'll never wrap my head around the fact that you can objectively view government functions like the ones being discussed here in a rational and clear way (and for the record, I'm not disagreeing with you here at all) and then turn around and be absolutely unable or unwilling to apply it to things like using taxes to help the poor.


Three main reasons:

1. Because the former affects us all and protects us all equally, while the latter affects us unequally and protects us unequally. It is innately problematic to have a government that targets one group of people for negative effects and "balances" that by targeting another group with positive effects. This is even more problematic when the system of government is democratic in nature.

2. As I have attempted to explain numerous times on this forum, there is a huge difference between protecting someone from a negative effect and providing a positive one to them. Passing a law which protects someone from having their stuff stolen is radically different from passing a law which gives people stuff in the first place. This is really a fundamental concept of liberalism and it's frankly alarming how many people in our society simply don't understand it at all.

3. I disagree with the assumption that what we use that tax money for actually helps the poor. And this is usually situational and a matter of degrees for me. I have never argued against tax grants for charitable organizations running soup kitchens, halfway houses, retraining facilities, etc. What I argue against most is the "free money" programs. Many of these are designed to provide aid to people while still allowing them to maintain the illusion of the same kind of life a working person would have. We even retooled foodstamps to use cards that look like credit cards, specifically because it's somehow cruel for people to have to suffer the stigma of using food stamps at the check out line. I think that's counterproductive. You want to prevent people from starving on the street, but you also want to make poverty a condition that they'll work as hard as possible to get out of. So yeah, I vehemently oppose spending that seems designed to simply make poverty a way of life for many people, not because I hate poor people, but because I believe that you're hurting those people in the long run by doing that.



Good enough?

Edited, Sep 16th 2013 3:35pm by gbaji
____________________________
King Nobby wrote:
More words please
#50 Sep 17 2013 at 7:41 AM Rating: Good
*******
50,767 posts
gbaji wrote:
Good enough?
If you convinced yourself, then you've convinced one person.
____________________________
George Carlin wrote:
I think it’s the duty of the comedian to find out where the line is drawn and cross it deliberately.
#51 Sep 17 2013 at 7:47 AM Rating: Decent
Lunatic
******
30,086 posts
I disagree with the assumption that what we use that tax money for actually helps the poor. And this is usually situational and a matter of degrees for me. I have never argued against tax grants for charitable organizations running soup kitchens, halfway houses, retraining facilities, etc. What I argue against most is the "free money" programs. Many of these are designed to provide aid to people while still allowing them to maintain the illusion of the same kind of life a working person would have. We even retooled foodstamps to use cards that look like credit cards, specifically because it's somehow cruel for people to have to suffer the stigma of using food stamps at the check out line. I think that's counterproductive. You want to prevent people from starving on the street, but you also want to make poverty a condition that they'll work as hard as possible to get out of.

You could literally build a homeless shelter with all of the papers done on this. The best way to encourage class mobility is to move the poor upwards toward the middle class. The most efficient and effective way to do this is to JUST GIVE THEM MONEY. There's no evidence based debate. What you're advocating simply DOES NOT WORK. Not, in any way, an open question. If you want to have some sort of "moral" objection to what you've outlined above, feel free. The idea that it's less effective is simply false. Provably false. Has been proven false over and over.

http://scholar.google.com/scholar?q=effect+of+stigma+on+class+mobility&hl=en&as_sdt=0&as_vis=1&oi=scholart&sa=X&ei=Ll04UrX1Dvbd4APhiYD4Bg&ved=0CCoQgQMwAA

You could start here, but there's literally too much to cite effectively. You're, in effect, arguing that motivation is the primary factor in overcoming poverty, which was a laughable idea in 1954. It's almost offensive now.
____________________________
Disclaimer:

To make a long story short, I don't take any responsibility for anything I post here. It's not news, it's not truth, it's not serious. It's parody. It's satire. It's bitter. It's angsty. Your mother's a *****. You like to jack off dogs. That's right, you heard me. You like to grab that dog by the bone and rub it like a ski pole. Your dad? Gay. Your priest? Straight. **** off and let me post. It's not true, it's all in good fun. Now go away.

Reply To Thread

Colors Smileys Quote OriginalQuote Checked Help

 

Recent Visitors: 155 All times are in CST
stupidmonkey, Anonymous Guests (154)