The NSA and your data
Feb. 19th, 2009 03:31 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
garoteSome types of data is logged by your ISP, and I'm certain by the NSA as well:
- All DNS lookup requests.
- All IP address records, and associated MAC addresses.
- All header information on emails. Most of the time the actual body & attachments are only cached on a short term basis.
- Almost all of your traffic is also logged, for example pretty much all TCP header info.
- Use of things like Sandvine allow us to do DPI to perform additional logging of extra data when certain conditions are met. (For example, any traffic to/from a known child porn site will be fully logged & flagged)
- All of the above are also tied to your cable/dsl modem's MAC & account info.
The lesson to learn from this is that the tinfoil hat types [the truly paranoid people] are really only wrong in that they think we are watching them specifically.
We're not. We don't really watch anybody directly unless we get law enforcement interest, someone reports abuse, or you're doing something that's messing up our traffic or network. Those people who are singled out for observation for whatever reason, do indeed have ALL their traffic fully logged.
As for the legality, the suits sum it up for us techies as "The simple version is that it's our network, and we can log whatever we want to."
As for the NSA, they might not be able to do this within the US itself, but all traffic which leaves or enters the country is fair game for full monitoring 24/7.
No, we don't provide info directly to law enforcement. If they want it, they have to come get it with the proper paperwork. But there are some things we will report to them if it gets found during routine troubleshooting or if someone complains and we investigate.
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
no subject
Date: 2009-02-20 02:41 am (UTC)Think of it as peer-to-peer filesharing for intelligence agencies. =]
These agreements go very far back, almost all the way to World War II, and were commonly used to gather intelligence on domestic communists and communist "sympathizers" that would otherwise have been illegal to collect (although that sometimes happened anyway).
no subject
Date: 2009-02-20 06:45 am (UTC)I'm as big into security and privacy as most geeks, but I'm just wondering if this is happening for real, and if so, what's being done with it?
no subject
Date: 2009-02-20 08:02 am (UTC)So, for example, my email server is located outside the United States. This means that most of my mail goes through NSA at some point. This doesn't particularly bother me, since there isn't anything interesting enough in there to hassle me about, and is probably a minor nuisance to them, since a lot of "interesting" terms pop up in my mail for very boring reasons (such as getting emailed lists of "interesting" terms).
However, one thing that does happen that wasn't always the case is better sharing of information between the intelligence community (IC) and the domestic law enforcement agencies such as the FBI. You can probably bet, however, that this has to come in the form of, "You should really run a style X wiretap against person P." "Why?" "Sorry, can't tell you." Should this still count as probable cause? Up for debate.
Quite frankly, physical channels should never be considered trusted, even if you're staring at them (unintentional radiators, after all), and most link-layer security is really just intended to make it hard for criminals to eavesdrop.
no subject
Date: 2009-02-20 08:05 am (UTC)I am not at all pleased when those systems are used as an end-run around existing privacy protections that domestic law enforcement agencies find "inconvenient".