What Prism slide-presentation means by "direct access" to Internet giants' servers


24 Responses to “What Prism slide-presentation means by "direct access" to Internet giants' servers”

  1. jbond says:

    Oh how we laughed back in 2002 at the http://en.wikipedia.org/wiki/Information_Awareness_Office

  2. RaidenDaigo says:

    “I fight for the User”
    -Tro… Er …Twitter(?!)

  3. lasermike026 says:

    They built this surveillance system for political repression.  If you are not onboard with status quo, economic or military plans you are potential target.  Political dissidents have been spied on, harassed, and detained for decades now.

  4. ifriit says:

    One problem with Masnick’s suppositions: the PRISM documents specifically state that the NSA has direct access to the servers.  Either the PRISM documents are incorrect, or the statements from Google are.

    • TheDisco says:

      I would bet its more likely that the slide show is. The slide show looks like amateur hour, probably left to some under-informed secretary, perhaps delegated by someone who is even less familiar with the technology involved.

      I think this is the same for all companies. They have much to gain from turning this into a government problem (which it squarely is) than to get caught being dishonest twice. They know there is more leaks in the pipe line that Greenwald or others could drop at any second (and Greenwald has said as much).

      • ifriit says:

        I wouldn’t bet either way at this point. An underinformed secretary shouldn’t have clearance to read such documents, much less write them–this would suggest there’s some serious confusion at the NSA about what their own projects do, which I grant is possible but I think unlikely.

        Ultimately, industry cannot reasonably answer the questions raised. We don’t know the extents to which their hands are tied, nor to what degree they are obligated to cover up the existence of the program.

        • TheDisco says:

          Considering what it takes just to be a janitor in the NSA, I have little doubt to become an assistant is more of a strenuous investigation to be hired. There is simply very few ways to be effective at your job without nearing the level of clearance as the person you’re serving. That said, the government is made up of just as many incompetent people (especially political appointees over career public servant), so the veracity of any document is subject to human error.

          Ultimately, these companies have a literal gun to their head from the government and have a figurative gun to their head from their users should this thing have legs and grow. I do not envy the position they are currently in.

      • quietstorms says:

        >The slide show looks like amateur hour

        I’ve seen this comment posted elsewhere. Who cares about the design? Does the Powerpoint presentation of Higgs-Boson in a Comic Sans make the information less important? Most people are lousy at presentations. This is no surprise.

        The blame lies everywhere including ourselves. Mike Arrington is wrong many times in my view but he was right in calling tech companies cowards.

        • TheDisco says:

          Woah buddy, if you have some issues with Comic Sans, take it to a support group – I could give a shit about the type face of a document, but how and what it presents. 

          They are cowards in some regards, and Mike hit on a few of those points – but Congress and the Obama administrations overly broad interpretation of the PATRIOT Act has left them little recourse in the current surveillance state we operate in. There are no good guys today (besides Snowden himself), but there are those that had more to lose than others.

      • bzishi says:

        Who has more to gain/lose here? The NSA intended for the slide to be kept secret. They had no reason not to call it what it was. Google doesn’t want to be criticized in public. They have every reason to twist the meanings of words. For this reason, the NSA has more credibility on this issue than the companies through which it spied.

        • TheDisco says:

          The NSA, operation in a possible extra-judicial manner through an overly broad and tortuous interpretation of the PATRIOT Act, in acting programs with severe Constitutional issues at stake in an administration already under fire for a slew of other scandals (some more legit than others) – and you think Google and Yahoo have more to lose? 

    • DrDave says:

      The Washington Post has seen another NSA document that describes  analysts connecting to equipment at “company-controlled locations”, rather than directly to servers. It’s not clear how that equipment interacts with company servers.

      • ifriit says:

         And the Guardian published a slide ( http://www.guardian.co.uk/world/2013/jun/08/nsa-surveillance-prism-obama-live ) which has, as a bullet point under PRISM, “Collection directly from the servers of these U.S. Service Providers: Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube, Apple”.

        Analysts hooking their machines up to corporate machines appears to be a different thing.

        • bzishi says:

          Notice how every company made nearly the same denial using nearly the same wording. I’m betting that the NSA distributed an authorized talking point to them by twisting the definitions. If the NSA didn’t distribute the talking point, most of these companies would simply respond “no comment” and that would be the end of it. The fact that they are going as far as to claim no direct access indicates that they were authorized to use that terminology as a form of damage control by the NSA.

    • social_maladroit says:

      In a statement, Google said: “Google cares deeply about the security of
      our users’ data. We disclose user data to government in accordance with
      the law, and we review all such requests carefully. From time to time,
      people allege that we have created a government ‘back door’ into our
      systems, but Google does not have a back door for the government to
      access private user data.”

      (From The Guardian’s article) It looks like the relevant statement is “We disclose user data to [the] government in accordance with the law,” and the rest is chaff.

      Incidentally, the whistleblower responsible for the leaks just made his identity public.

  5. Tudza White II says:

    It seems to mean, “Hey, we’re going to be asking for information so often that we’d really like you to make it super easy for us.  In fact, we insist.”  Maybe one of those companies could make producing standardized PRISM servers a side business

  6. Jonathan says:

    The “foreigner” verbiage is also especially weaselly. As I understand this, if you send an email to a non-US citizen, that email is legally subject to surveillance under PRISM. Same goes for chat, private message on a social network, etc.

    So, assuming the government is being truthful about the legal surveillance targets (*cough*), the only internet users who can’t be PRISM’d are US citizens who have never used the internet to communicate with a non-US citizen. Anyone know anyone who fits that description?

  7. oldtaku says:

    One thing to keep in mind is that PRISM is just there to make it easier. And of course it matters that the companies are cooperating (and denying it, playing ‘it depends what the definition of “is” is’ games).

    NSA has direct access to every single packet that goes through any major backbone (pointed out in another slide), so they have all the data. I’m assuming they already have the certs to decrypt anything SSL so they don’t have to waste too much time on the big cracking farms. It’s just easier to search and put into context when the service provider predigests it for you.

  8. bwcbwc says:

    Even assuming you buy in to the whole idea of a secret process to review and approve intelligence surveillance, there are 2 things that are broken here: a) The FISC is not giving due scrutiny to the orders it issues and b) The NSA (and possibly other agencies) is taking advantage of the lack of oversight.

    Of course, if you think the idea of a secret court for this stuff is unconstitutional to begin with, the list goes on even from there.

    Some policy suggestions:
    1) Make a law that authorizing, approving or implementing a security classification on any document that contains evidence of illegal activity by the government or government employees as part of their duties constitutes conspiracy to obstruct justice. Statute of limitations to only expire 5 years after the document is declassified.
    2) FISC orders for the collection of more than 72 hours of data and/or more than 5 individuals need to be approved by a 3-judge panel.
    3) Prosecution and/or impeachment against those who have clearly violated their oaths of office to uphold the constitution by requesting or granting obviously illegal and unconstitutional access data..

  9. timquinn says:

    Not to be a dick, ah, too late. I also have 24 hour direct access to Googles servers and use it to sort mountains of data to find exactly what I am looking for. I am glad to hear the government is using outside contractors for some of this tedious work.

Leave a Reply