Tag: Privacy

New disclosures from Edward Snowden show the NSA is massively expanding its computer hacking worldwide. Software that automatically hacks into computers – known as malware “implants” – had previously been kept to just a few hundred targets. But the news website The Intercept reports that the NSA is spreading the software to millions of computers under an automated system codenamed “Turbine.” The Intercept has also revealed the NSA has masqueraded as a fake Facebook server to infect a target’s computer and exfiltrate files from a hard drive. We are joined by The Intercept reporter Ryan Gallagher.

How the NSA Plans to Infect ‘Millions’ of Computers with Malware

By Ryan Gallagher and Glenn Greenwald, The Intercept

Top-secret documents reveal that the National Security Agency is dramatically expanding its ability to covertly hack into computers on a mass scale by using automated systems that reduce the level of human oversight in the process.

The classified files – provided previously by NSA whistleblower Edward Snowden – contain new details about groundbreaking surveillance technology the agency has developed to infect potentially millions of computers worldwide with malware “implants.” The clandestine initiative enables the NSA to break into targeted computers and to siphon out data from foreign Internet and phone networks.

The covert infrastructure that supports the hacking efforts operates from the agency’s headquarters in Fort Meade, Maryland, and from eavesdropping bases in the United Kingdom and Japan. GCHQ, the British intelligence agency, appears to have played an integral role in helping to develop the implants tactic.

In some cases the NSA has masqueraded as a fake Facebook server, using the social media site as a launching pad to infect a target’s computer and exfiltrate files from a hard drive. In others, it has sent out spam emails laced with the malware, which can be tailored to covertly record audio from a computer’s microphone and take snapshots with its webcam. The hacking systems have also enabled the NSA to launch cyberattacks by corrupting and disrupting file downloads or denying access to websites.

Mark Zuckerberg calls Obama after NSA report

By Alex Byers, Politico

Facebook CEO Mark Zuckerberg called President Barack Obama Wednesday night to complain about U.S. government actions that are undermining trust in the Internet, after a report that described how the National Security Agency posed as a Facebook server to inject malicious software into targets’ computers.

“When our engineers work tirelessly to improve security, we imagine we’re protecting you against criminals, not our own government,” Zuckerberg wrote in a Facebook post Thursday. “The U.S. government should be the champion for the internet, not a threat. They need to be much more transparent about what they’re doing, or otherwise people will believe the worst.” [..]

Zuckerberg did not make direct reference to the report in The Intercept. But he said he expressed frustration to the president about the “damage the government is creating for all of our future.” He added, “Unfortunately, it seems like it will take a very long time for true full reform.”

The NSA has denied doing any of this which flies in the face facts revealed in it’s own secret documents. Ryan Gallagher discusses those documents

A particular short excerpt from one of the classified documents, however, has taken on new significance due to the NSA’s statement. The excerpt is worth drawing attention to here because of the clarity of the language it uses about the Facebook tactic and the light it shines on the NSA’s denial. Referencing the NSA’s Quantum malware initiative, the document, dated April 2011, explains how the NSA “pretends” to be Facebook servers to deploy its surveillance “implants” on target’s computers:

It is difficult to square the NSA secretly saying that it “pretends to be the Facebook server” while publicly claiming that it “does not use its technical capabilities to impersonate U.S. company websites.” Is the agency making a devious and unstated distinction in its denial between “websites” and “servers”? Was it deliberate that the agency used the present tense “does not” in its denial as opposed to the past tense “did not”? Has the Facebook QUANTUMHAND technique been shut down since our report? Either way, the language used in the NSA’s public statement seems highly misleading – which is why several tech writers have rightly treated it with skepticism.

The same is true of the NSA’s denial that it has not “infected millions of computers around the world with malware” as part of its hacking efforts. Our report never actually accused the NSA of having achieved that milestone. Again, we reported exactly what the NSA’s own documents say: that the NSA is working to “aggressively scale” its computer hacking missions and has built a system called TURBINE that it explicitly states will “allow the current implant network to scale to large size (millions of implants).”

It should not come as a surprise that Jesselyn Radack, a human rights advocate, whistleblower group member and lawyer to former NSA contractor Edward Snowden was detained and interrogated when she arrived at London’s Heathrow Airport. Firedoglake’s KEvin Gosztola spoke with Ms. Radack after the incident which she described as “very hostile.”

As Radack recalled, she was asked why she was here. “To see friends,” she answered. “Who will you be seeing?” She answered, “A group called Sam Adams Associates.”

The agent wanted to know who was in the group. “Ray McGovern, Annie Machon, Thomas Drake, Craig Murray,” she answered. She said she is part of the group as well.

“Where will you meet?” Radack answered, “At the Ecuadorian Embassy.” Then, the agent asked, “With Julian Assange?” Radack said yes.

The interrogation continued, “Why have you gone to Russia twice in three months?” Radack said she had a client in the country. “Who?” She answered, “Edward Snowden.”

“Who is Edward Snowden?” asked the agent. Radack said he is a whistleblower and an asylee. Then, the agent asked, “Who is Bradley Manning?” To this, she answered, “A whistleblower.”

For whatever reason, the agent asked, “Where is he?” “In jail,” Radack told the agent. (Now, she is known as Chelsea Manning.)

The agent said, “So he’s a criminal?” Radack corrected the agent, “He’s a political prisoner.” The agent asked if she represented Manning and she said no. Then he followed up, “But you represent Snowden?” She replied, “Yes, I’m a human rights lawyer.”

NSA whistleblower Thomas Drake, who was traveling with her, witnessed the questioning, said the border agent had a “threatening demeanor.” Ms. Raddack was informed by the agent that she has been placed on US Department of Homeland Security “inhibited persons list” which was created in March of 2012 as an effort to impose US laws on the rest of the world. The United Kingdom agreed to the new rules to provide information to the DHS even if the passenger of all nationalities, is not traveling to the US.

Ms. Radack told RT News about the humiliating ordeal and her concerns:

“Clearly any kind of line of questioning into the details of my work and specific clients is beyond the ambit of what any normal customs official would ask,” Radack told RT.

“I feel like lawyers and journalists are now beginning to be targeted at the borders of countries in the Western Hemisphere, in so-called democratic countries.It’s a threat to press freedoms when journalists are questioned. And it’s a threat to the integrity of the judicial system when attorney who are working on someone’s case are being harassed or intimidated on the basis of who they represent.” [..]

Following the ordeal at Heathrow, Radack came out with a public statement denouncing the whole practice and the harassment it often entails: “The government, whether in the US, UK or elsewhere does not have the authority to monitor, harass or intimidate lawyers for representing unpopular clients.” [..]

Radack once told RT that despite the fact that “it’s a dangerous time for whistleblowers in the US,” Snowden’s revelations have had a big effect as “courage is contagious.” She added that “I really think [Snowden] has had a wonderful effect [on] the US and the world.”

Ms. Radack spoke with Democracy Now!‘s Amy Goodman from London.

The US and the UK have evolved into fascist states something thath they fought against in 1940.

Yesterday afternoon NSA whistleblower Edward Snowden answered questions in s candid on line chat. He responded not only to questions about what he believes should be done about the massive NSA surveillance programs and the threats to his life but countered some of the spurious accusations that he acted in concert with the Russians and stole his co-workers passwords.

@mperkel #ASKSNOWDEN They say it’s a balance of privacy and safety. I think spying makes us less safe. do you agree?

Intelligence agencies do have a role to play, and the people at the working level at the NSA, CIA, or any other member of the IC are not out to get you. They’re good people trying to do the right thing, and I can tell you from personal experience that they were worried about the same things I was.

The people you need to watch out for are the unaccountable senior officials authorizing these unconstitutional programs, and unreliable mechanisms like the secret FISA court, a rubber-stamp authority that approves 99.97% of government requests (which denied only 11 requests out of 33,900 in 33 years http://www.motherjones.com/mojo/2013/06/fisa-court-nsa-spying-opinion-reject-request. They’re the ones that get us into trouble with the Constitution by letting us go too far.

And even the President now agrees our surveillance programs are going too far, gathering massive amounts of private records on ordinary Americans who have never been suspected of any crime. This violates our constitutional protection against unlawful searches and seizure. Collecting phone and email records for every American is a waste of money, time and human resources that could be better spent pursuing those the government has reason to suspect are a serious threat.

I’m going to stop here. My deepest thanks to everyone who sent questions, and whether or not we agree on where the lines should be drawn, I encourage you to contact your members of congress and tell them how you feel about mass surveillance. This is a global problem, and the first step to tackling it is by working together to fix it at home.

If you’d like to more ideas on how to push back against unconstitutional surveillance, consider taking a look at the organizations working together to organize https://thedaywefightback.org/. [..]

@LukasReuter #AskSnowden How should the community of states react to the new information concerning surveillance? What actions have to be made?

We need to work together to agree on a reasonable international norm for the limitations on spying. Nobody should be hacking critical-to-life infrastructure like hospitals and power stations, and it’s fair to say that can be recognized in international law.

Additionally, we need to recognize that national laws are not going to solve the problem of indiscriminate surveillance. A prohibition in Burundi isn’t going to stop the spies in Greenland. We need a global forum, and global funding, committed to the development of security standards that enforce our right to privacy not through law, but through science and technology. The easiest way to ensure a country’s communications are secure is to secure them world-wide, and that means better standards, better crypto, and better research. [..]

@RagBagUSA #AskSnowden what (in your opinion) is the appropriate extent of US national security apparatus? Surely some spying is needed?

Not all spying is bad. The biggest problem we face right now is the new technique of indiscriminate mass surveillance, where governments are seizing billions and billions and billions of innocents’ communication every single day. This is done not because it’s necessary – after all, these programs are unprecedented in US history, and were begun in response to a threat that kills fewer Americans every year than bathtub falls and police officers – but because new technologies make it easy and cheap.

I think a person should be able to dial a number, make a purchase, send an SMS, write an email, or visit a website without having to think about what it’s going to look like on their permanent record. Particularly when we now have courts, reports from the federal government, and even statements from Congress making it clear these programs haven’t made us any more safe, we need to push back.

This is a global problem, and America needs to take the lead in fixing it. If our government decides our Constitution’s 4th Amendment prohibition against unreasonable seizures no longer applies simply because that’s a more efficient means of snooping, we’re setting a precedent that immunizes the government of every two-bit dictator to perform the same kind of indiscriminate, dragnet surveillance of entire populations that the NSA is doing.

It’s not good for our country, it’s not good for the world, and I wasn’t going to stand by and watch it happen, no matter how much it cost me. The NSA and the rest of the US Intelligence Community is exceptionally well positioned to meet our intelligence requirements through targeted surveillance – the same way we’ve always done it – without resorting to the mass surveillance of entire populations.

When we’re sophisticated enough to be able to break into any device in the world we want to (up to and including Angela Merkel’s phone, if reports are to be believed), there’s no excuse to be wasting our time collecting the call records of grandmothers in Missouri. [..]

@savagejen Do you think it is possible for our democracy to recover from the damage NSA spying has done to our liberties? #AskSnowden

Yes. What makes our country strong is our system of values, not a snapshot of the structure of our agencies or the framework of our laws. We can correct the laws, restrain the overreach of agencies, and hold the senior officials responsible for abusive programs to account.

The Russian government has extended Mr. Snowden’s asylum beyond next August, possibly indefinitely.

The lawmaker, Aleksei K. Pushkov, chairman of the foreign affairs committee in Russia’s lower house of Parliament, hinted during a panel discussion that the extension of temporary refugee status for Mr. Snowden, the former National Security Agency contractor, might be indefinite.

“He will not be sent out of Russia,” Mr. Pushkov said. “It will be up to Snowden.”

He added that Mr. Snowden’s father believes his son could not get a fair trial in the United States.

Mr. Pushkov made his comments came against a backdrop of broad criticism of the American spying programs that have come to light since the summer. He pointed to the sheer volume of information that American authorities are able to gather.

“The U.S. has created a Big Brother system,” Mr. Pushkov said.

Journalist and constitutional lawyer Glenn Greenwald and  the executive director of the American Civil Liberties Union Anthony D Romero discussed President Barack Obama’s new NSA “reforms” with Alex Wagner, the host of MSNBC’s “Now.”

Obama’s NSA ‘reforms’ are little more than a PR attempt to mollify the public

By Glenn Greenwald, The Guardian

Obama is draping the banner of change over the NSA status quo. Bulk surveillance that caused such outrage will remain in place

In response to political scandal and public outrage, official Washington repeatedly uses the same well-worn tactic. It is the one that has been hauled out over decades in response to many of America’s most significant political scandals. Predictably, it is the same one that shaped President Obama’s much-heralded Friday speech to announce his proposals for “reforming” the National Security Agency in the wake of seven months of intense worldwide controversy.

The crux of this tactic is that US political leaders pretend to validate and even channel public anger by acknowledging that there are “serious questions that have been raised”. They vow changes to fix the system and ensure these problems never happen again. And they then set out, with their actions, to do exactly the opposite: to make the system prettier and more politically palatable with empty, cosmetic “reforms” so as to placate public anger while leaving the system fundamentally unchanged, even more immune than before to serious challenge. [..]

Today’s speech should be seen as the first step, not the last, on the road to restoring privacy. The causes that drove Obama to give this speech need to be, and will be, stoked and nurtured further until it becomes clear to official Washington that, this time around, cosmetic gestures are plainly inadequate.

Here is the press release from the ACLU commenting on the President’s NSA speech:

January 17, 2014

FOR IMMEDIATE RELEASE

CONTACT: [email protected]

WASHINGTON – President Obama today announced changes to some aspects of the NSA’s surveillance programs and left others in place. Anthony D. Romero, the executive director of the American Civil Liberties Union, had this reaction:

“The president’s speech outlined several developments which we welcome. Increased transparency for the Foreign Intelligence Surveillance Court, improved checks and balances at the FISA court through the creation of a panel of advocates, and increased privacy protections for non-U.S. citizens abroad – the first such assertion by a U.S. president – are all necessary and welcome reforms.

“However, the president’s decision not to end bulk collection and retention of all Americans’ data remains highly troubling. The president outlined a process to study the issue further and appears open to alternatives. But the president should end – not mend – the government’s collection and retention of all law-abiding Americans’ data. When the government collects and stores every American’s phone call data, it is engaging in a textbook example of an ‘unreasonable search’ that violates the Constitution. The president’s own review panel recommended that bulk data collection be ended, and the president should accept that recommendation in its entirety.”

A new chart comparing the ACLU’s proposals, President Obama’s announcement, and the USA FREEDOM Act (a bipartisan bill currently pending in Congress) is at: aclu.org/national-security/where-does-president-stand-nsa-reform

ACLU Action is demanding an end to dragnet surveillance at: aclu.org/endsurveillance

President Barack Obama once again fell short of taking any meaningful action on reining in the NSA surveillance programs or assuring that American’s right to privacy under the Fourth Amendment be protected. He made one of his predictable speeches that attempted to placate both critics and defenders, failing to actually do anything significant, all the while lecturing the public on history and expressing his offense that anyone would think that he had done an inadequate job or had enabled surveillance state policies. FDL’s Kevin Gosztola contrasted today’s speech with NSA director Gen. Keith Alexander’s statements to Congress and his inaugural address last year:

The narrative that Obama promoted in the part of his speech building up to announcement of reforms was starkly similar to what NSA director Gen. Keith Alexander has said when addressing members of Congress at hearings held in the aftermath of Snowden’s first disclosures. The narrative he used should make Americans even more skeptical of how substantive the changes to surveillance will be. [..]

One might remember that just about one year ago Obama gave an inaugural speech after his re-election where he said a “decade of war is now ending” and later described how Americans believe there is no need for “perpetual war.” But the very premise of Obama’s speech involved a demand to recognize the value of militarized surveillance and this militarization keeps the US on a permanent war footing putting civil liberties of Americans at risk so long as this footing is maintained.

Since there were such low expectations, Mike Masnick at Techdirt thought the announced reforms were more significant than expected but stopped short of fixing the actual problems:

• A judge will have to approve each query for data on the metadata collection from Section 215 of the PATRIOT Act.
• The “three hop” dragnet will be reduced down to two hops. That does, in fact, limit how far the NSA can search by quite a bit. That last hop is quite big.
• The NSA should no longer hold all of the data, meaning that the telcos will be expected to hold onto it (though, he leaves it up to Congress and the DOJ to figure out how to do this). He calls this a “transition” away from the Section 215 program, but that’s hardly clear.
• National Security Letters (NSLs) will no longer have an unlimited gag order on them. The Attorney General will need to set up guidelines for a time in which gag orders expire, with the possibility of extending them for investigations that are still ongoing.
• Companies will be given slightly more freedom to reveal data on the NSLs they get (though I don’t think he indicated the same thing for Section 702 orders…. which is a big concern).
• The Attorney General and the Director of National Intelligence will review annually FISC rulings to figure out what can be declassified.
• He promises to “work with Congress” to look at changes to the FISA court
• He is adding some very limited restrictions on spying on people overseas. It should only be used for actual counterterrorism/crime/military/real national security efforts.
• A State Department official will be in charge of handling “diplomacy issues” related to these changes on foreign spying.
• An effort will be started with technologists and privacy experts over how to handle “big data and privacy” in both the public and private sectors.

Marcy Wheeler at emptywheel addressed what the president does not consider abuse:

• The NSA spied on the porn and phone sex habits of ideological opponents, including those with no significant ties to extremists, and including a US person.
• According to the NSA in 2009, it had a program similar to Project Minaret – the tracking of anti-war opponents in the 1970s – in which it spied on people in the US in the guise of counterterrorism without approval. We still don’t have details of this abuse.
• When the NSA got FISC approval for the Internet (2004) and phone (2006) dragnets, NSA did not turn off features of Bush’s illegal program that did not comply with the FISC authorization. These abuses continued until 2009 (one of them, the collection of Internet metadata that qualified as content, continued even after 2004 identification of those abuses).
• Even after the FISC spent 9 months reining in some of this abuse, the NSA continued to ignore limits on disseminating US person data. Similarly, the NSA and FBI never complied with PATRIOT Act requirements to develop minimization procedures for the Section 215 program (in part, probably, because NSA’s role in the phone dragnet would violate any compliant minimization procedures).
• The NSA has twice – in 2009 and 2011 – admitted to collecting US person content in the United States in bulk after having done so for years. It tried to claim (and still claims publicly in spite of legal rulings to the contrary) this US person content did not count as intentionally-collected US person content (FISC disagreed both times), and has succeeded in continuing some of it by refusing to count it, so it can claim it doesn’t know it is happening.
• As recently as spring 2012, 9% of the NSA’s violations involved analysts breaking standard operating procedures they know. NSA doesn’t report these as willful violations, however, because they’ve deemed any rule-breaking in pursuit of “the mission” not to be willful violations.
• In 2008, Congress passed a law allowing bulk collection of foreign-targeted content in the US, Section 702, to end the NSA’s practice of stealing Internet company data from telecom cables. Yet in spite of having a legal way to acquire such data, the NSA (through GCHQ) continues to steal data from some of the same companies, this time overseas, from their own cables. Arguably this is a violation of Section 702 of FISA.
• NSA may intentionally collect US person content (including Internet metadata that legally qualifies as content) overseas (it won’t count this data, so we don’t know how systematic it is). If it does, it may be a violation of Section 703 of FISA.

No, Mr. President, this is not enough.

We can’t tell you that we spied on you because it would violate your privacy??!!! This is precisely what the head of the NSA, General Keith B. Alexander told Senator Bernie Sanders (I-VT) in a letter responding to Sen. Sanders’ question about whether it collects information on members of Congress because doing so would violate the law.

“Among those protections is the condition that NSA can query the metadata only based on phone numbers reasonably suspected to be associated with specific foreign terrorist groups,” Alexander wrote. “For that reason, NSA cannot lawfully search to determine if any records NSA has received under the program have included metadata of the phone calls of any member of Congress, other American elected officials, or any other American without the predicate.” [..]

Alexander doesn’t actually say so in his letter, but it’s very possible that the NSA collects data on members of Congress just as it does on everyone else, in bulk. The NSA said in a statement earlier this month that members of Congress have the “same privacy protections” as ordinary citizens, which means that they too might be caught up in the NSA’s terrorism queries of its telephone database, which may sweep up millions of innocent people in a single search.

Seriously. I want to know what drugs they have given the heads of the DNI & NSA that they think that this is a plausible explanation of why that can’t tell a United States Senator whether or not they have spied on him. Alexander really wants us to believe that searching the NSA data base for information would violate the law

This certainly comes under the category of the most lamest excuses for abuse of power.

In the run up to President Barack Obama’s promised decision on reforms the National Security Agency and its surveillance programs, there has been an  unsubstantiated press release, by House Intelligence Committee chairman Rep. Mike Rogers and his Democratic counterpart Rep. Dutch Ruppersberger, that the material taken by whistleblower Edward Snowden gravely impacted America’s national security, put the lives of US military personnel at risk and aided terrorists. There are no specifics about these allegations that Snowden had downloaded 1.7 million files or had considerable information on current U.S. military operations because the Pentagon report is, of course, classified.

Meanwhile top NSA officials and their allies are making their public appeals to retain their surveillance powers

In a lengthy interview that aired on Friday on National Public Radio (NPR), the NSA’s top civilian official, the outgoing deputy director John C Inglis, said that the agency would cautiously welcome a public advocate to argue for privacy interests before the secret court which oversees surveillance. Such a measure is being promoted by some of the agency’s strongest legislative critics. [..]

But security officials are arguing strongly against curtailing the substance of domestic surveillance activities.

While Inglis conceded in his NPR interview that at most one terrorist attack might have been foiled by NSA’s bulk collection of all American phone data – a case in San Diego that involved a money transfer from four men to al-Shabaab in Somalia – he described it as an “insurance policy” against future acts of terrorism. [..]

Inglis was bolstered on Thursday by the new FBI director James Comey, who said he opposed curbing the bureau’s power to collect information from businesses through a non-judicial subpoena called a national security letter. The use of national security letters, which occurs in secret, came under sharp criticism from Obama’s surveillance review panel, which advocated judicial approval over them.

Comey told reporters that would make it harder for his agency to investigate national security issues than conduct bank fraud investigations.

What we have learned is that the massive data collection has not led to the prevention of one terrorist attack and that conventional methods using court orders were more effective (pdf).

Activist and journalist Chris Hedges, along with former NSA technical director and NSA whistle-blower William Binney, tell Real News Network‘s Paul Jay that there should be accountability, including the President himself, for the criminal practices used by the NSA against the American people.

This Friday the president will publicly announce the results of his review of National Security Agency surveillance programs at the Department of Justice, not the White House.

Yes, quite literally the NSA will be watching every keystroke you make on you computer, cell phone, or i-pad. How you say? Quite simply collusion with the the telecommunications industry along with companies like Microsoft and through its special unit of hackers within the agency’s department for Tailored Access Operations (TAO). In an article in Der Spiegel, these specialists are described as as “master carpenters” who step in when the usual hacking and data-skimming methods fail. These hackers at ANT, which may stand for Advanced or Access Network Technology, step in with their special tools to get the job done.

These NSA agents, who specialize in secret back doors, are able to keep an eye on all levels of our digital lives — from computing centers to individual computers, and from laptops to mobile phones. For nearly every lock, ANT seems to have a key in its toolbox. And no matter what walls companies erect, the NSA’s specialists seem already to have gotten past them.

This, at least, is the impression gained from flipping through the 50-page document. The list reads like a mail-order catalog, one from which other NSA employees can order technologies from the ANT division for tapping their targets’ data. The catalog even lists the prices for these electronic break-in tools, with costs ranging from free to $250,000. [..]

Some of the equipment available is quite inexpensive. A rigged monitor cable that allows “TAO personnel to see what is displayed on the targeted monitor,” for example, is available for just $30. But an “active GSM base station” — a tool that makes it possible to mimic a mobile phone tower and thus monitor cell phones — costs a full $40,000. Computer bugging devices disguised as normal USB plugs, capable of sending and receiving data via radio undetected, are available in packs of 50 for over $1 million. [..]

The ANT division doesn’t just manufacture surveillance hardware. It also develops software for special tasks. The ANT developers have a clear preference for planting their malicious code in so-called BIOS, software located on a computer’s motherboard that is the first thing to load when a computer is turned on.

In another article at FDL‘s Dissenter, Peter Van Buren notes that private enterprise have also become the “tools of the national security state”

Once the NSA identifies a “target” (whom we’ll refer here to as “You”), the NSA needs to know when You order a new laptop they want to intercept. That means the NSA has to spy on Your credit card, Your online activities and/or probe into the ordering systems of places like Amazon, Dell and the like. Perhaps there is a sort of “no fly” list distributed to manufacturers that requires notification to the NSA when someone like You on it buys something. Or all of the above.

The NSA then must know when and how Your laptop will be sent to you. That means they need to have been accessing the computer systems of Amazon, Dell and the like, and/or UPS, Fedex and other shippers. Or all of the above.

The NSA then has to have physical access to the warehouse of the shipping company. Or, the shipping company has to agree to mark your package, and deliver it instead to an NSA location. That all means the shipping companies are in on the NSA plot, or the NSA has to be hacking into the shipping companies’ data systems and substituting their address for Yours.

Once in NSA hands, Your package has to be opened, and Your laptop must be altered in some undetectable way. They can’t steam open a box like a letter in the old movies; someone has to open it physically and then get it all buttoned up again without a trace. Does the NSA have a way to unstick packing tape and reseal internal bags, or do they have a ready supply from Dell and Apple of packing materials?

Lastly, the NSA has to return the package into the shipping stream. That means the box, with say Amazon’s return address and Your home address, has to reenter say Fedex’s system from a third location without too many people knowing it happened. It would not do for the low-level UPS guy to pick up a ton of boxes everyday from a nondescript warehouse, all with third-party address labels. This strongly suggests cooperation by the shipping companies.

You then open Your new laptop on Christmas morning. Yeah, be sure to select a secure password. [..]

What we have here is an example of the depths into which You have fallen. The government has recruited private industry into its national security state, down to the level of the Fedex guy delivering packages to Your door in time for Christmas. For those of You who still foolishly insist that such spying is OK because they “have nothing to hide,” I sure as hell hope You are right, because whatever You do have now belongs to Them.

It is fairly certain that whether or not the NSA will be allowed to continues its bulk collection of data will be argued before the Supreme Court after two conflicting ruling from lower courts on the constitutionality of the program. Jameel Jaffer, ACLU deputy legal director and director of its Center for Democracy; and Glenn Greenwald, the journalist who first broke the story about Edward Snowden’s NSA leaks joined Amy Goodman at Democracy Now! to discuss the court rulings and how the NSA can literally watch every keystroke you make.

Thank you, Edward Snowden.

Hi, and Merry Christmas. I’m honored to have the chance to speak with you and your family this year.

Recently, we learned that our governments, working in concert, have created a system of worldwide mass surveillance, watching everything we do.

Great Britain’s George Orwell warned us of the danger of this kind of information. The types of collection in the book — microphones and video cameras, TVs that watch us — are nothing compared to what we have available today. We have sensors in our pockets that track us everywhere we go.

Think about what this means for the privacy of the average person. A child born today will grow up with no conception of privacy at all. They’ll never know what it means to have a private moment to themselves — an unrecorded, unanalyzed thought. And that’s a problem, because privacy matters. Privacy is what allows us to determine who we are and who we want to be.

The conversation occurring today will determine the amount of trust we can place both in the technology that surrounds us and the government that regulates it. Together, we can find a better balance. End mass surveillance. And remind the government that if it really wants to know how we feel, asking is always cheaper than spying.

For everyone out there listening, thank you, and Merry Christmas.

President Obama’s panel of security and civil liberties experts finished their work giving their recommendations to the president last Friday. The report was released to the public Tuesday. Much to the surprise of the war on terror hawks, it slammed the mass surveillance programs vindicating what critics have been saying since Edward Snowden’s revelations.

A presidential advisory panel has recommended sweeping limits on the government’s surveillance programs, including requiring a court to sign off on individual searches of phone records and stripping the National Security Agency of its ability to store that data from Americans. [..]

The recommendations include tightening federal law enforcement’s use of so-called national security letters, which give the government sweeping authority to demand financial and phone records without prior court approval in national security cases. The task force recommended that authorities should be required to obtain a prior “judicial finding” showing “reasonable grounds” that the information sought is relevant to terrorism or other intelligence activities.

In addition, the panel proposed terminating the NSA’s ability to store telephone data and instead require it to be held by the phone companies or a third party. Access to the data would then be permitted only through an order from a Foreign Intelligence Surveillance Court.

The panel called for more independent review of what the NSA collects and the process by which it goes about gathering data.

Amid an international furor over NSA spying on the leaders of allied nations such as Germany, the review group recommended that the president personally approve all sensitive methods used by the intelligence community.

Marcy Wheeler, at emptywheel, has been pouring over the report and has pulled out what she thinks is pertinent here, here and here.

In a re-published article by Kara Brandeisky of ProPublica, that she wrote for Techdirt back in August, the folks there note that the surveillance reforms the Pres. Obama supported before he was president are remarkably similar to the Task Force’s proposals:

As a senator, Obama wanted to limit bulk records collection.

Obama co-sponsored a 2007 bill, introduced by Sen. Russ Feingold, D-Wis., that would have required the government to demonstrate, with “specific and articulable facts,” that it wanted records related to “a suspected agent of a foreign power” or the records of people with one degree of separation from a suspect. The bill died in committee. Following pressure from the Bush administration, lawmakers had abandoned a similar 2005 measure, which Obama also supported. [..]

As a senator, Obama wanted to require government analysts to get court approval before accessing incidentally collected American data.

In Feb. 2008, Obama co-sponsored an amendment, also introduced by Feingold, which would have further limited the ability of the government to collect any communications to or from people residing in the U.S.

The measure would have also required government analysts to segregate all incidentally collected American communications. If analysts wanted to access those communications, they would have needed to apply for individualized surveillance court approval.

The amendment pfailed 35-63 http://thomas.loc.gov/cgi-bin/… Obama later reversed his position and supported what became the law now known to authorize the PRISM program. That legislation – the FISA Amendments Act of 2008 – also granted immunity to telecoms that had cooperated with the government on surveillance. [..]

As a senator, Obama wanted the executive branch to report to Congress how many American communications had been swept up during surveillance.

Feingold’s 2008 amendment, which Obama supported, would have also required the Defense Department and Justice Department to complete a joint audit of all incidentally collected American communications and provide the report to congressional intelligence committees. The amendment failed 35-63. [..]

The White House has already made it clear that the recommendations are just that and has already said it will not separate the US Cyber Command from the NSA. So basically, as Charles Pierce pointedly put it, “the White House can tell the committee to pound sand.”

And, even if it doesn’t, there is no reason on god’s earth why anyone should believe that the NSA actually would abide by any agreement going forward. The all-too-human, but curiously error-prone heroes of our intelligence community, imbued as they are with a mission mindset that is perilously close to messianic, can be presumed eventually to breach by unfortunate accident almost any new protocol put in place. (And that’s not even to mingle with the wilder fauna in the jungle.)

At Democracy Now!, Amy Goodman and Juan González discuss the panel recommendations with Kirk Wiebe, a retired National Security Agency official who worked there for over 32 years, and Ben Wizner, Edward Snowden’s legal adviser and director of the Speech, Privacy, and Technology Project at the American Civil Liberties Union.

Let the conversation continue.