Olice-pay Ate-stay: What to do if you feel you live in one?

I know we agree about 95% of the things Hypatian, but I know I read a detailed document back when this broke out (2006?) detailing the device itself and how it worked. I remember the detail about splicing the fiber optic cable, much like a old vampire tap, that would allow a byte for byte copy without interfering with the original message. If I could just find that document again, I will post it.

edit: then again, this will probably derail too.

Wikipedia puts US internet traffic at around 2400PB a month. In 2010, EMC could do 945TB in 3 racks. That's about 250 racks for a day's worth of traffic (80PB). Dump obviously uninformative bits, compress the hell out of the data and run a DDT system and I believe this is a doable project.

Now take into account the storage media and transfer and software mechanisms that NSA has that we *don't* know about, and it scales up an unknown amount while reducing footprint.

Even if you don't store everything, there's a lot of information in errr, information about the information (meta information?). Who was talking to who, when, what type of transfers, amount of data, etc.

That reminds me of a firefox extension a while back, that would try to counter companies profiling you based on your searches, by doing semi-random searches constantly in the background.

Ooops, wrong thread.

I think that much of the disagreement over whether we live in a "Police State" or not is disagreement over whether to judge that using the capabilities of the Police (three letter agencies, etc, etc) or their actions.

One side is saying "look at all of these things the government can or is doing! We live in a police state!" the other side is saying "Yes, but the government is not doing those things, or is doing them responsibly".

Personally I think that Police State is a broad term that can be used to describe governments that are not actively kicking down your front door with stormtroopers, but some here seem to think that the term "Police State" is reserved for the end of the slippery slope totalitarian dystopia."

I would classify the US as a Police State right now, there are a lot of ways that classification doesn't fit, but there are a lot more where it does fit. However I would moderate that by saying that it is a Predominantly Benevolent Police State

To me, it seems that Singapore is a benevolent police state. We are nowhere near that level of control, nor do we have the issues of, say, Eastern Europe in the 70's, or South Africa under Apartheid, or a Latin American dictatorship. It seems like it's really stretching the term to apply it to the US.

When we start disappearing people for speech, sure, I'll agree. In private, of course. But to me, there's a huge gulf between what we do with a few hundred captives from overseas, or less than a dozen people who have plausibly decided that their country is the Great Satan and decided to act against it, and what we *are not* doing with US citizens here in the US itself. Neither is comparable to Argentina in the 70's or Czechoslovakia after the Prague Spring, for example.

It seems like loudly boycotting a pharmacy because they could stop selling you your drugs at any time! ANY TIME THEY COULD STOP! The fact that they don't - and that they are in fact prevented by law from doing so - doesn't seem to play into it. As long as one pharmacy somewhere refused to fill a prescription, the argument is deemed valid and the whole system is declared bankrupt.

Edwin wrote:

I know we agree about 95% of the things Hypatian, but I know I read a detailed document back when this broke out (2006?) detailing the device itself and how it worked. I remember the detail about splicing the fiber optic cable, much like a old vampire tap, that would allow a byte for byte copy without interfering with the original message. If I could just find that document again, I will post it.

Here is a portion Wired's coverage of the story from 2006. (apologies for the lengthy excerpt, but I couldn't edit this down in a way which did justice to the story, and it's certainly relevant to the topic under discussion here)

Wired[/url]]Plans for the "secret room" were fully drawn up by December 2002, curiously only four months after Darpa started awarding contracts for TIA. One 60-page document, identified as coming from "AT&T Labs Connectivity & Net Services" and authored by the labs' consultant Mathew F. Casamassima, is titled Study Group 3, LGX/Splitter Wiring, San Francisco and dated 12/10/02. (See sample PDF 1-4.) This document addresses the special problem of trying to spy on fiber-optic circuits. Unlike copper wire circuits which emit electromagnetic fields that can be tapped into without disturbing the circuits, fiber-optic circuits do not "leak" their light signals. In order to monitor such communications, one has to physically cut into the fiber somehow and divert a portion of the light signal to see the information.

This problem is solved with "splitters" which literally split off a percentage of the light signal so it can be examined. This is the purpose of the special cabinet referred to above: Circuits are connected into it, the light signal is split into two signals, one of which is diverted to the "secret room." The cabinet is totally unnecessary for the circuit to perform -- in fact it introduces problems since the signal level is reduced by the splitter -- its only purpose is to enable a third party to examine the data flowing between sender and recipient on the internet.
The above-referenced document includes a diagram (PDF 3) showing the splitting of the light signal, a portion of which is diverted to "SG3 Secure Room," i.e., the so-called "Study Group" spy room. Another page headlined "Cabinet Naming" (PDF 2) lists not only the "splitter" cabinet but also the equipment installed in the "SG3" room, including various Sun devices, and Juniper M40e and M160 "backbone" routers. PDF file 4 shows one of many tables detailing the connections between the "splitter" cabinet on the 7th floor (location 070177.04) and a cabinet in the "secret room" on the 6th floor (location 060903.01). Since the San Francisco "secret room" is numbered 3, the implication is that there are at least several more in other cities (Seattle, San Jose, Los Angeles and San Diego are some of the rumored locations), which likely are spread across the United States.

One of the devices in the "Cabinet Naming" list is particularly revealing as to the purpose of the "secret room": a Narus STA 6400. Narus is a 7-year-old company which, because of its particular niche, appeals not only to businessmen (it is backed by AT&T, JP Morgan and Intel, among others) but also to police, military and intelligence officials. Last November 13-14, for instance, Narus was the "Lead Sponsor" for a technical conference held in McLean, Virginia, titled "Intelligence Support Systems for Lawful Interception and Internet Surveillance." Police officials, FBI and DEA agents, and major telecommunications companies eager to cash in on the "war on terror" had gathered in the hometown of the CIA to discuss their special problems. Among the attendees were AT&T, BellSouth, MCI, Sprint and Verizon. Narus founder, Dr. Ori Cohen, gave a keynote speech. So what does the Narus STA 6400 do?

"The (Narus) STA Platform consists of stand-alone traffic analyzers that collect network and customer usage information in real time directly from the message.... These analyzers sit on the message pipe into the ISP (internet service provider) cloud rather than tap into each router or ISP device" (Telecommunications magazine, April 2000). A Narus press release (1 Dec., 1999) also boasts that its Semantic Traffic Analysis (STA) technology "captures comprehensive customer usage data ... and transforms it into actionable information.... (It) is the only technology that provides complete visibility for all internet applications."

To implement this scheme, WorldNet's high-speed data circuits already in service had to be rerouted to go through the special "splitter" cabinet. This was addressed in another document of 44 pages from AT&T Labs, titled "SIMS, Splitter Cut-In and Test Procedure," dated 01/13/03 (PDF 5-6). "SIMS" is an unexplained reference to the secret room. Part of this reads as follows:
"A WMS (work) Ticket will be issued by the AT&T Bridgeton Network Operation Center (NOC) to charge time for performing the work described in this procedure document....
"This procedure covers the steps required to insert optical splitters into select live Common Backbone (CBB) OC3, OC12 and OC48 optical circuits."

The NOC referred to is in Bridgeton, Missouri, and controls WorldNet operations. (As a sign that government spying goes hand-in-hand with union-busting, the entire (Communication Workers of America) Local 6377 which had jurisdiction over the Bridgeton NOC was wiped out in early 2002 when AT&T fired the union work force and later rehired them as nonunion "management" employees.) The cut-in work was performed in 2003, and since then new circuits are connected through the "splitter" cabinet.

Another "Cut-In and Test Procedure" document dated January 24, 2003, provides diagrams of how AT&T Core Network circuits were to be run through the "splitter" cabinet (PDF 7). One page lists the circuit IDs of key Peering Links which were "cut-in" in February 2003 (PDF 8), including ConXion, Verio, XO, Genuity, Qwest, PAIX, Allegiance, AboveNet, Global Crossing, C&W, UUNET, Level 3, Sprint, Telia, PSINet and Mae West. By the way, Mae West is one of two key internet nodal points in the United States (the other, Mae East, is in Vienna, Virginia). It's not just WorldNet customers who are being spied on -- it's the entire internet.

If the other city [redacted] upthread is Vienna, Virginia, it would be possible for government agencies to monitor any portion of internet traffic passing through the US. (I don't follow internet infrastructure closely, so if there are key nodes which have come online in the US that would bypass Mae West / East, they would need similar infrastructure there, as well.) Given that a presence in Vienna would make this capability in other cities moot, I don't think it's unreasonable to suspect that the government would at least try to target that as city number two.

It's important to bear in mind that the ability to store a copy of any internet traffic doesn't mean that a permanent copy of all internet traffic is happening.

Other links:
* Coverage of Naurus, whose technology the government was using in the AT&T "secret room".
* Whistleblower Mark Klein's public statement from 2006

Hypatian wrote:

But I also continue to believe, with considerable reason, that drawing the conclusion that "the NSA is copying every byte at the ISP level" is no more logical than deducing that because the DoD has both aircraft carriers and helicopters, they must have helicarriers.

But the DoD does have helicarriers. Nine of them.

OG_slinger wrote:
Hypatian wrote:

But I also continue to believe, with considerable reason, that drawing the conclusion that "the NSA is copying every byte at the ISP level" is no more logical than deducing that because the DoD has both aircraft carriers and helicopters, they must have helicarriers.

But the DoD does have helicarriers. Nine of them.

And people say *I* take the whole police state thing too far.

IMAGE(http://www.iconian.com/fury/gallery/car5.jpg)

gregrampage wrote:

A guy from AT&T confirmed that it is true from AT&T. Do you really think it's a more likely scenario that this is limited to just AT&T?

A guy from AT&T confirmed that Internet traffic at AT&T was being tapped and directed into a black box. I do not think it's likely limited to AT&T. At the same time, I do not think that the black box is in any way likely to include a full data capture capability. And, I do not think that the data flowing into this and other black boxes comes close to being "all traffic on the Internet" (or even "all traffic on the Internet in the U.S."). Therefore I do not believe that this represents the capability to fully capture all traffic on the Internet.

That's all I've been saying.

Hypatian wrote:
gregrampage wrote:

A guy from AT&T confirmed that it is true from AT&T. Do you really think it's a more likely scenario that this is limited to just AT&T?

A guy from AT&T confirmed that Internet traffic at AT&T was being tapped and directed into a black box. I do not think it's likely limited to AT&T. At the same time, I do not think that the black box is in any way likely to include a full data capture capability. And, I do not think that the data flowing into this and other black boxes comes close to being "all traffic on the Internet" (or even "all traffic on the Internet in the U.S."). Therefore I do not believe that this represents the capability to fully capture all traffic on the Internet.

That's all I've been saying.

Even if it were possible to capture "all" the internet traffic, I'd think a vast majority of it would be absolutely worthless. You're talking about bajillions of bits of data daily. What I could see happening is some kind of data filter that flags things based on specific wording.

Edwin wrote:

I know we agree about 95% of the things Hypatian, but I know I read a detailed document back when this broke out (2006?) detailing the device itself and how it worked. I remember the detail about splicing the fiber optic cable, much like a old vampire tap, that would allow a byte for byte copy without interfering with the original message. If I could just find that document again, I will post it.

I'm entirely familiar with fiber taps. I use them in my own work. Perhaps the trouble here is that you see that and think "a whole copy of everything on the network!" and I look at it and see "the minimum level of effort required if you're going to look at any network activity at all".

Is that the confusion?

Hypatian wrote:
gregrampage wrote:

A guy from AT&T confirmed that it is true from AT&T. Do you really think it's a more likely scenario that this is limited to just AT&T?

A guy from AT&T confirmed that Internet traffic at AT&T was being tapped and directed into a black box. I do not think it's likely limited to AT&T. At the same time, I do not think that the black box is in any way likely to include a full data capture capability. And, I do not think that the data flowing into this and other black boxes comes close to being "all traffic on the Internet" (or even "all traffic on the Internet in the U.S."). Therefore I do not believe that this represents the capability to fully capture all traffic on the Internet.

That's all I've been saying.

That's fair. To be honest, when I posted I was tired and had you confused with someone else.

I think your clarification in response to Edwin makes a lot of sense.

Bear wrote:
Hypatian wrote:
gregrampage wrote:

A guy from AT&T confirmed that it is true from AT&T. Do you really think it's a more likely scenario that this is limited to just AT&T?

A guy from AT&T confirmed that Internet traffic at AT&T was being tapped and directed into a black box. I do not think it's likely limited to AT&T. At the same time, I do not think that the black box is in any way likely to include a full data capture capability. And, I do not think that the data flowing into this and other black boxes comes close to being "all traffic on the Internet" (or even "all traffic on the Internet in the U.S."). Therefore I do not believe that this represents the capability to fully capture all traffic on the Internet.

That's all I've been saying.

Even if it were possible to capture "all" the internet traffic, I'd think a vast majority of it would be absolutely worthless. You're talking about bajillions of bits of data daily. What I could see happening is some kind of data filter that flags things based on specific wording.

It certainly is possible to capture all the traffic in the US. Read the Wired articles, and see Robear's math, above. Storage capacity and the processing power to sort the wheat from the chaff is almost-certainly the biggest limiter here.

I don't believe that's likely to be happening - certainly not on any kind of ongoing basis (for storage reasons, if nothing else). Far more likely for there to be algorithms looking for "suspicious" behavior, with permissive matching, where anything sufficiently "suspicious" could be archived for possible human review.

[Begin speculation]
If I were designing this, stuff that barely qualifies gets put in some kind of short-term storage and freed up on a regular basis, while stuff that sets off major alarm bells gets put at the top of the heap for human review. Depending on the degree of judicial oversight being exercised, warrants could be applied for prior to a human reviewing archived data. That way, when pressed, you get to claim that even though you're keeping a large pool of data on the activities of innocent citizens, that nobody's rights are infringed because no human looks at the information without a warrant (Federal Trade Commission v. American Tobacco Co. and the illegality of "fishing expeditions" notwithstanding).
[End speculation]

Note that while the scenario I sketch out is hypothetical, there is no good reason in my view for the government to have the capabilities laid out in the AT&T case. Having to subpoena individual ISPs for user records and produce warrants as-needed in advance of any access to data is an important counterweight to governmental intrusion on the rights of its citizens.

Robear wrote:

It seems like it's really stretching the term to apply it to the US.

Certain we need to adjust the terminology; as another poster noted, "police state" is loaded to begin with.

During the healthcare debate, I hoped that what would emerge would be a uniquely American solution. That didn't happen. However, I think what we have in our not-quite-police state is a uniquely American system of repression, a public-private partnership of evil.

So what do we have? A propaganda/surveillance oligarchy?

Hypatian wrote:
Edwin wrote:

I know we agree about 95% of the things Hypatian, but I know I read a detailed document back when this broke out (2006?) detailing the device itself and how it worked. I remember the detail about splicing the fiber optic cable, much like a old vampire tap, that would allow a byte for byte copy without interfering with the original message. If I could just find that document again, I will post it.

I'm entirely familiar with fiber taps. I use them in my own work. Perhaps the trouble here is that you see that and think "a whole copy of everything on the network!" and I look at it and see "the minimum level of effort required if you're going to look at any network activity at all".

Is that the confusion?

tl:dr I agree with you, but I am unable to word my posts in a way that make any sense.

I need to clarify myself, like I did to Jayhawker in PM. I have problems trying to explain what I am thinking. I have a limited English vocabulary (it's my 2nd language) as I am not a native speaker. I spent most of my life talking to non-native speakers and not in English too so it's really frustrating to try and say the same thing you are saying. So let me try again.

The Wired piece that Dimmerswitch posted is the article I think I was speaking of. It shows that the fiber splitter is taking a copy of everything that is going in and out. I wasn't arguing what is done afterwards, just that a copy is being made. No one knows (outside of the NSA) what is being done with it. Whether it's stored and processed, processed, or just stored is anyone's guess. We only know that whatever is going through those fiber cables are being copied wholesale, without a warrant, against the 4th amendment (unreasonable search and seizure), against FISA and against any privacy laws that I know and probably don't know of.

H.P. Lovesauce wrote:
Robear wrote:

It seems like it's really stretching the term to apply it to the US.

Certain we need to adjust the terminology; as another poster noted, "police state" is loaded to begin with.

During the healthcare debate, I hoped that what would emerge would be a uniquely American solution. That didn't happen. However, I think what we have in our not-quite-police state is a uniquely American system of repression, a public-private partnership of evil.

So what do we have? A propaganda/surveillance oligarchy?

Why is Police State a binary choice? Can't we have shades, aspects, percentage of a police state? I don't want to spend the rest of the thread arguing how much/percentage of a police state we are/aren't but with all the evidence posted so far, can't we at least agree we have actions/policies being implemented that look like/are police state like?

Edwin wrote:

The Wired piece that Dimmerswitch posted is the article I think I was speaking of. It shows that the fiber splitter is taking a copy of everything that is going in and out. I wasn't arguing what is done afterwards, just that a copy is being made. No one knows (outside of the NSA) what is being done with it. Whether it's stored and processed, processed, or just stored is anyone's guess. We only know that whatever is going through those fiber cables are being copied wholesale, without a warrant, against the 4th amendment (unreasonable search and seizure), against FISA and against any privacy laws that I know and probably don't know of.

Well, what we know from the article is that they have the potential to silently make copies of all traffic going through Mae West (among the other nodes listed). What percentage of traffic is being copied is still an open question, as is what happens to those copies afterwards.

Note that this is still unacceptable in my view, for the reasons noted upthread. There's no legitimate reason for this capability to exist.

[Edit to add: strongly agree with Edwin's point about binary choices]

IMAGE(http://i1094.photobucket.com/albums/i453/czpv/11757213.jpg)

Edwin wrote:
H.P. Lovesauce wrote:
Robear wrote:

It seems like it's really stretching the term to apply it to the US.

Certain we need to adjust the terminology; as another poster noted, "police state" is loaded to begin with.

Why is Police State a binary choice? Can't we have shades, aspects, percentage of a police state?

Sure, but why is non-police state a binary choice then? Why can't we also have shades, aspects, percentage of a non-police state? In other words sure: "police state" shouldn't be the pole on a spectrum, but neither should the entire spectrum be labeled "police state-ishness" with the opposite pole labeled "happyville."

I don't want to spend the rest of the thread arguing how much/percentage of a police state we are/aren't but with all the evidence posted so far, can't we at least agree we have actions/policies being implemented that look like/are police state like?

I don't think there's been any disagreement about that, has there?

Of course the inverse would be true, no? If we're 25% police state (random number example!), then wouldn't it mean where 75% non-police state? That's how I was envisioning it. Sort of like a line graph.

No, just preemptively asking.

Edwin wrote:

Of course the inverse would be true, no? If we're 25% police state (random number example!), then wouldn't it mean where 75% non-police state? That's how I was envisioning it. Sort of like a line graph.

Sure--without complicating it, that's basically the way I'm thinking of it too. Some police states will be more severe than others, while some non-police states with be more free than others. It would also be interesting to see where other western democracies stack up compared to America--right now I feel like we're comparing real and modern day America to some ideal that didn't last past Alien and Sedition Act if it ever existed at all.

Has anyone else read Alfred McCoy's Plicing America's Empire: The United States, The Phillipines, and the Rose of the Surveillance State? It draws a fair number of parallels between the US occupation of the Phillipines and the current-day occupation of Iraq, and how many of the lessons the US military learned in the Phillipines were then applied to surveillance at home. Maybe "Surveillance State" is more accurate than 'Police State' for where we are again.

Time to stir the pot!

30 signs that the United States of America is being turned into a giant prison.

Maybe of possible interest to this thread, and while not specifically stating "police state" it certainly brings to attention some of the shenanigans the government has been up to all in one spot and with helpful links.

There's no legitimate reason for this capability to exist.

Really? None whatsoever? That's an important assertion in the discussion. Care to explain why you think that? Setting privacy aside, I can see several legitimate reasons to do this. I expected they'd be balanced against privacy and individual rights, but apparently, they are completely wrong.

1. Detecting and tracking foreign agents inside the US.
2. Detecting conspiracies and individual actors who intend to harm the country.
3. Tracking network based activities related to the above.
4. Detecting "darknet" activities, criminal or otherwise.

There are probably more. But you assert these have no utility whatsoever. Really?

I would agree that "surveillance state" is far more accurate than "police state". Bear, in mind, too, that many of the "activities of a police state", when separated from a repressive government, are part of historically normal policing and government activities. The term can be used to color those activities, and they can in turn be used to support the claims that the police state exists. But without the context of actual repression, that's a circular argument.

Put another way, your neighbor with cans of lighter fluid in his garage could be planning to burn down your house. Or he could be planning a barbeque for friends. If you call him a "dangerous pyromaniac", which one will your friends believe is true, in the absence of consideration of his actual actions?

Robear wrote:
There's no legitimate reason for this capability to exist.

Really? None whatsoever? That's an important assertion in the discussion. Care to explain why you think that? Setting privacy aside, I can see several legitimate reasons to do this. I expected they'd be balanced against privacy and individual rights, but apparently, they are completely wrong.

1. Detecting and tracking foreign agents inside the US.
2. Detecting conspiracies and individual actors who intend to harm the country.
3. Tracking network based activities related to the above.
4. Detecting "darknet" activities, criminal or otherwise.

There are probably more. But you assert these have no utility whatsoever. Really?

None of the possibilities you list require the ability to perform intercepts without a warrant.

The abilities outlined in the AT&T whistleblower case would provide that capability.

Now, the fallback argument for supporters will be some variation of "dangers in the modern world require the ability to perform these intercepts faster than the traditional processes allow", but I don't find that compelling, when balanced against individual privacy and liberty.

I have to run to class now, but in short I find Benjamin Franklin's quote "They who can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety" fairly close to where I am on this.

Speaking of "Survelliance State":

Carrier IQ: Researcher Trevor Eckhart Outs Creepy, Hidden App Installed On Smartphones

Any possibility that this data is being forwarded to whichever gov agency is doing the mining that we were discussing early?

If it is valid for him to be strongly implying that there are no good cops, only bad cops that haven't gotten caught yet,

I have never even vaguely made that implication. Not even the tiniest bit. That's all in your head, not mine.

I've known a lot of cops. My father worked in a prison for most of his adult life. I know that most of them do their best. But I also know that there's a lot of corruption, and that it's almost impossible to get a corrupt cop punished. And corruption in at least the California prison system is even worse.

Malor wrote:
If it is valid for him to be strongly implying that there are no good cops, only bad cops that haven't gotten caught yet,

I have never even vaguely made that implication. Not even the tiniest bit. That's all in your head, not mine.

I've known a lot of cops. My father worked in a prison for most of his adult life. I know that most of them do their best. But I also know that there's a lot of corruption, and that it's almost impossible to get a corrupt cop punished. And corruption in at least the California prison system is even worse.

Again, do you have a source for these statements? I know you believe them. But last time you told me to look at a few incidents as though anecdotal evidence proves a pattern.

Jayhawker wrote:

Again, do you have a source for these statements? I know you believe them. But last time you told me to look at a few incidents as though anecdotal evidence proves a pattern.

So, I found this interesting site while trying to do a search on statistics relating to criminal charges filed against police. Injustice Everywhere.