Welcome to the MacNN Forums.

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

You are here: MacNN Forums > Community > MacNN Lounge > Political/War Lounge > Apple's NSA Room

Apple's NSA Room
Thread Tools
subego
Clinically Insane
Join Date: Jun 2001
Location: Chicago, Bang! Bang!
Status: Offline
Reply With Quote
Mar 6, 2013, 02:38 PM
 
Just a random musing.

When do you think the NSA called up Apple and said "if you don't let us build one of our rooms in your South Carolina datacenter, then terrorists will start using iMessage"?
     
The Final Dakar
Games Meister
Join Date: Aug 2009
Location: Eternity
Status: Offline
Reply With Quote
Mar 6, 2013, 02:41 PM
 
I'd appreciate an article about whatever it is you're referring to. Have a nice day.
     
subego  (op)
Clinically Insane
Join Date: Jun 2001
Location: Chicago, Bang! Bang!
Status: Offline
Reply With Quote
Mar 6, 2013, 02:50 PM
 
     
The Final Dakar
Games Meister
Join Date: Aug 2009
Location: Eternity
Status: Offline
Reply With Quote
Mar 6, 2013, 02:55 PM
 
Oh, so by musing you mean you're theorizing Apple has one of these as well. Seems about right.
     
subego  (op)
Clinically Insane
Join Date: Jun 2001
Location: Chicago, Bang! Bang!
Status: Offline
Reply With Quote
Mar 6, 2013, 03:22 PM
 
And I'm thinking it's relatively recent the NSA became that aggressive with Apple. Though I'm reminded of the line from South Park,

"Call the police? When the police want to find someone they call Apple."

On the other side of the coin, it's pretty much given Microsoft helped build Stuxnet, so MS is in pretty deep.
     
Uncle Skeleton
Addicted to MacNN
Join Date: Nov 2002
Location: Rockville, MD
Status: Offline
Reply With Quote
Mar 6, 2013, 03:23 PM
 
What if it's the other way around. Apple calls up the NSA (by which I mean they just invoke the NSA's name 3 times on their open phone line and assume the NSA is now listening) and says "we built you a handsome sitting room in our South Carolina datacenter, won't you please join us for some biscuits? PS our spam filters have captured some terrorists using iMessage."
     
subego  (op)
Clinically Insane
Join Date: Jun 2001
Location: Chicago, Bang! Bang!
Status: Offline
Reply With Quote
Mar 6, 2013, 03:26 PM
 
This kind of shit would never happen of Steve was still around.
     
cgc
Professional Poster
Join Date: Mar 2003
Location: Down by the river
Status: Offline
Reply With Quote
Mar 6, 2013, 03:28 PM
 
The linked article on room 641A says they just scanned all the communications which would make me think nobody would want to have a room to only target one protocol (e.g. iMessages), another room to target another protocol (e.g. Twitter), etc. Why not just pop a magical monitoring room into a few major nodes that pass traffic between countries of interest and look at everything that goes through? Keeps you from being one step behind (e.g. "the bad guys are not using a new protocol so now we have to build a new room in a new data center").
"Like a midget at a urinal, I was going to have to stay on my toes." Frank Drebin, Naked Gun 33 1/3: The Final Insult
     
The Final Dakar
Games Meister
Join Date: Aug 2009
Location: Eternity
Status: Offline
Reply With Quote
Mar 6, 2013, 03:29 PM
 
Originally Posted by subego View Post
This kind of shit would never happen of Steve was still around.
Which is why the government gave him cancer.
     
subego  (op)
Clinically Insane
Join Date: Jun 2001
Location: Chicago, Bang! Bang!
Status: Offline
Reply With Quote
Mar 6, 2013, 03:39 PM
 
Originally Posted by cgc View Post
The linked article on room 641A says they just scanned all the communications which would make me think nobody would want to have a room to only target one protocol (e.g. iMessages), another room to target another protocol (e.g. Twitter), etc. Why not just pop a magical monitoring room into a few major nodes that pass traffic between countries of interest and look at everything that goes through? Keeps you from being one step behind (e.g. "the bad guys are not using a new protocol so now we have to build a new room in a new data center").
The main reason I see is you eliminate a data aggregation step, which is non-trivial considering the amount of data involved.
     
cgc
Professional Poster
Join Date: Mar 2003
Location: Down by the river
Status: Offline
Reply With Quote
Mar 6, 2013, 05:34 PM
 
Originally Posted by subego View Post
The main reason I see is you eliminate a data aggregation step, which is non-trivial considering the amount of data involved.
No doubt sifting through all the data going through a node is much more difficult than looking strictly at iMessages but isn't it much more productive to look at all traffic, not just targeting one protocol? That plus that article linked above (if true) says that's how they did it in the past (e.g. they looked at everything). Not sure how doable either method would be though as they are kind of mind boggling but if you're going to dedicate a mainframe why not maximize the potential?
"Like a midget at a urinal, I was going to have to stay on my toes." Frank Drebin, Naked Gun 33 1/3: The Final Insult
     
subego  (op)
Clinically Insane
Join Date: Jun 2001
Location: Chicago, Bang! Bang!
Status: Offline
Reply With Quote
Mar 6, 2013, 05:51 PM
 
It is more productive to look at all traffic. The point I'm making is 641A isn't all traffic. It's only the traffic on AT&T's backbone. You need Verizon traffic, and Qwest traffic, or whoever the **** it is, I'm out of date on this.

Of course, you still tap those different backbones, but if you have the resources, you stick a tap on the popular centralized protocols and then you get an entire slice of that protocol at once. With the other method, if half the messages in a terrorist cell are going through AT&T, and the other half is going through Comcast, you don't have the big picture until the data in multiple NSA centers are put together.
     
cgc
Professional Poster
Join Date: Mar 2003
Location: Down by the river
Status: Offline
Reply With Quote
Mar 6, 2013, 08:41 PM
 
Originally Posted by subego View Post
It is more productive to look at all traffic. The point I'm making is 641A isn't all traffic. It's only the traffic on AT&T's backbone. You need Verizon traffic, and Qwest traffic, or whoever the **** it is, I'm out of date on this.

Of course, you still tap those different backbones, but if you have the resources, you stick a tap on the popular centralized protocols and then you get an entire slice of that protocol at once. With the other method, if half the messages in a terrorist cell are going through AT&T, and the other half is going through Comcast, you don't have the big picture until the data in multiple NSA centers are put together.
Good points. I didn't read the entire Wikipedia article but soon will.
"Like a midget at a urinal, I was going to have to stay on my toes." Frank Drebin, Naked Gun 33 1/3: The Final Insult
     
mduell
Posting Junkie
Join Date: Oct 2005
Location: Houston, TX
Status: Offline
Reply With Quote
Mar 7, 2013, 12:46 AM
 
Bruce Scheiner just wrote about this sort of thing today:

A book published earlier this month, "Deep State: Inside the Government Secrecy Industry," contains revelations about the NSA's snooping efforts, based on information gleaned from NSA sources. According to a detailed summary by Shane Harris at the Washingtonian yesterday, the book discloses that a codename for a controversial NSA surveillance program is "Ragtime" -- and that as many as 50 companies have apparently participated, by providing data as part of a domestic collection initiative.
     
subego  (op)
Clinically Insane
Join Date: Jun 2001
Location: Chicago, Bang! Bang!
Status: Offline
Reply With Quote
Mar 7, 2013, 12:47 PM
 
Let's make a list. Only 10, 50 is too much.

AT&T
Verizon
Comcast
Microsoft
Apple
Cisco

What are some others? I'd guess Qualcomm, but their stuff is too far down the chain. You don't backdoor a wireless broadband chipset, you backdoor the carriers.
     
The Final Dakar
Games Meister
Join Date: Aug 2009
Location: Eternity
Status: Offline
Reply With Quote
Mar 7, 2013, 12:53 PM
 
Every cellphone player – Sprint, Nextel, T-Mobile...

Internet – Time Warner, AOL
     
mduell
Posting Junkie
Join Date: Oct 2005
Location: Houston, TX
Status: Offline
Reply With Quote
Mar 7, 2013, 01:02 PM
 
Originally Posted by subego View Post
You don't backdoor a wireless broadband chipset
Why not?
     
subego  (op)
Clinically Insane
Join Date: Jun 2001
Location: Chicago, Bang! Bang!
Status: Offline
Reply With Quote
Mar 7, 2013, 01:28 PM
 
Originally Posted by The Final Dakar View Post
Every cellphone player – Sprint, Nextel, T-Mobile...

Internet – Time Warner, AOL
AOL?
     
The Final Dakar
Games Meister
Join Date: Aug 2009
Location: Eternity
Status: Offline
Reply With Quote
Mar 7, 2013, 01:31 PM
 
I'm assuming this program was started a long time ago.
     
subego  (op)
Clinically Insane
Join Date: Jun 2001
Location: Chicago, Bang! Bang!
Status: Offline
Reply With Quote
Mar 7, 2013, 01:31 PM
 
Originally Posted by mduell View Post
Why not?
I mean, you do, but that's to hit a specific target. You don't use that backdoor on everybody at once. Apart from the insane resources that would require, it would draw way too much attention to the exploit.
     
subego  (op)
Clinically Insane
Join Date: Jun 2001
Location: Chicago, Bang! Bang!
Status: Offline
Reply With Quote
Mar 7, 2013, 01:33 PM
 
Originally Posted by The Final Dakar View Post
I'm assuming this program was started a long time ago.
So, at this point, it's like "****ed up again, Johnson? Guess which node I'm assigning you..."
     
   
Thread Tools
 
Forum Links
Forum Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Top
Privacy Policy
All times are GMT -4. The time now is 01:38 AM.
All contents of these forums © 1995-2017 MacNN. All rights reserved.
Branding + Design: www.gesamtbild.com
vBulletin v.3.8.8 © 2000-2017, Jelsoft Enterprises Ltd.,