NSA Broke Into Links Between Google, Yahoo Datacenters 394
barlevg writes "The Washington Post reports that, according to documents obtained from Edward Snowden, through their so-called 'MUSCULAR' initiative, the National Security Agency has exploited a weakness in the transfers between data centers, which Google and others pay a premium to send over secure fiber optic cables. The leaked documents include a post-it note as part of an internal NSA Powerpoint presentation showing a diagram of Google network traffic, an arrow pointing to the Google front-end server with text reading, 'SSL Added and Removed Here' with a smiley face. When shown the sketch by The Post and asked for comment, two engineers with close ties to Google responded with strings of profanity." The Washington Post report is also summarized at SlashBI. Also in can't-trust-the-government-not-to-spy news, an anonymous reader writes: "According to recent reports, the National Security Agency collects 'one-end foreign' Internet metadata as it passes through the United States. The notion is that purely domestic communications should receive greater protection, and that ordinary Americans won't send much personal information outside the country. A researcher at Stanford put this hypothesis to the test... and found that popular U.S. websites routinely pass browsing activity to international servers. Even the House of Representatives website was sending traffic to London. When the NSA vacuums up international Internet metadata, then, it's also snooping on domestic web browsing by millions of Americans."
At the risk of stating the obvious... (Score:5, Informative)
Fucking traitors.
NSA denies everything (Score:5, Informative)
Reap what you sow (Score:3, Informative)
I wonder if Google can sue? And if they can, will they?
Re:Why the secret data collection? (Score:5, Informative)
There are some obvious reasons: The operations take place overseas, where many statutory restriction on surveillance don't apply -- and where the Foreign Surveillance Intelligence Court (FISC) has no jurisdiction. In fact, the FISC ruled a similar, smaller scale program involving cables on U.S. territory illegal in 2011. So if the NSA decides to harvest that data on foreign soil, it can skip most of the oversight mechanisms.
Re:At the risk of stating the obvious... (Score:5, Informative)
Re:US Marketing Ploy? (Score:4, Informative)
Re:When will the sheep look up (Score:2, Informative)
Slashdotters seem pretty appalled at these revelations, but when will the general public reach the point of disgust? In theory the people of the USA still have the power to change these behaviors through the ballot box. The news just goes on and on. but the outrage seems slow to reach the surface.
There is a process for changing things in a democracy*, and that normally doesn't involve mobs with torches and pitchforks when it comes to important national policy questions, even if you call people "sheep".** People are writing their legislators. Congress is gathering facts, including reviewing its reports and holding the hearings occurring at present, as noted here [politico.com]. It is up the Congress, President, and Courts to work through the issues as they occur. There are disputes about the facts of what has been done, the legality of it, what the country needs from its intelligence agencies, and about how to proceed. That will eventually get worked out.
It is entirely possible that little if anything will change for many reasons. Many people have mistaken views about what the law and precedent is on this, both Constitutional and statutory. As a result there are people that are upset due to their mistaken ideas about the legality of various aspects of what has been going on. It isn't likely that Congress will accommodate all of the mistaken ideas about what is and isn't legal when they act. They will rely on what the lawyers and court cases tell them. There are clearly cases in which the documents from Snowden have been misinterpreted as to what they represented. That results in people being upset due to their mistaken belief about what has been going on. Although various activists advocate a range of reactions, from stopping all foreign intelligence to limiting specific methods or targets of intelligence, most of the American people still support intelligence operations focused on terrorists and enemies of the US and its allies. Also keep in mind that what has been under discussion over the last several months is only a small part of what NSA does. There may be some new restrictions on the intelligence agencies. It is unlikely that all of the activists and cranks will be satisfied, so the complaints are likely to marginally decrease, but are unlikely to disappear.
* Democratic Republic - spare me further comments.
** Generally not a strong indicator that you have real insight into the process.
Re:When will the sheep look up (Score:4, Informative)
Re:NSA denies everything (Score:5, Informative)
Re:Wrong, choice is between who will get noticed (Score:5, Informative)
Oh my goodness. How can someone entirely miss the whole point of the Kang/Kodos election, or Douglas Adams' lizards? The point, which you appear to have somehow totally missed, is to highlight the folly of a two-party system.
The problem is not people voting for the wrong lizard, it is people voting for one of the two lizards IN THE FIRST PLACE.
So long as Democrats and Republicans continue to be rife with corruption, your civic duty is to vote third party.
Otherwise you really are throwing your vote away.
Re:Reap what you sow (Score:5, Informative)
Google (and the others) shrugged and played nice with the NSA, to what extent we don't know.
Google hasn't "shrugged and played nice" with the NSA. Google has flatly and emphatically denied any cooperation. And after the Snowden disclosures began, Google started taking a hard look at internal operations to see if there's anywhere that the NSA could have gotten unauthorized access. The result was a crash company-wide initiative to encrypt all data communications -- specifically to ensure that connections between data centers couldn't be tapped.
(Disclaimer: I'm a Google software engineer, focused on security infrastructure. I do have a great deal of insider knowledge about Google security infrastructure, but all of the above is from Google's public statements.)
I wonder if Google can sue? And if they can, will they?
Google has file a suit to be allowed to disclose the extent of the legal, government-required information sharing. I have no idea if they could sue for any illicit taps. There is no doubt in my mind that if they could sue for damages with some hope of success, they would. This is my own opinion, not an official statement.
Re:The post-it note (Score:5, Informative)
No you fucking moron, it means since there is no Encryption inside the "google cloud" (because it is added at the border) when they tap the links between data centres (those squares "inside" google are data centres) they get full unencrypted information.
They don't need to break encryption to do this, since google isn't encrypting the private fibre lines the NSA is tapping.
Correction: Google wasn't encrypting the private fibre lines. Google announced a month or two ago that they're now encrypting all traffic in transit, even inside.