If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(Salon)   NSA: "We have the technology to search everybody's e-mails." Public: "Okay, could you search your e-mails?" NSA: "Actually, we don't have the technology to do that"   (salon.com) divider line 110
    More: Fail, NSA, artificial brain, journalism school, Freedom of Information Act  
•       •       •

9249 clicks; posted to Main » on 23 Jul 2013 at 7:57 PM (50 weeks ago)   |  Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



110 Comments   (+0 »)
   
View Voting Results: Smartest and Funniest

First | « | 1 | 2 | 3 | » | Last | Show all
 
2013-07-23 04:41:53 PM
Christ, what assholes.
 
ZAZ [TotalFark]
2013-07-23 05:30:11 PM
A few days after filing the request, Blacker called, asking me to narrow my request since the FOIA office can search emails only "person by person," rather than in bulk. The NSA has more than 30,000 employees.

A former giant corporation employer had a policy that employees could only retain email on their local disks. The Exchange server would erase it within months. That was to prevent a single subpoena or discovery request from finding everything incriminating on one server. (A comment on Fark said that policy was not legally sound as explained to me.)
 
2013-07-23 06:18:44 PM
That FOIA request officer lady has an awesome job.  All she has to say is "No, sorry, can't do it" and then make up some bs line that nobody would ever believe.  And she gets payed for it.
 
2013-07-23 06:22:47 PM
I actually wouldn't be surprised if the NSA keeps the archaic system because it is more difficult to search.

In fact, I wouldn't be surprised if they've got partitions and security measures in place specifically designed to keep people from doing global searches.

Such a system is much more secure in the event of a security breach than one that indexes every single highly classified email sent by every single employee.
 
2013-07-23 06:25:40 PM

Elegy: one that indexes every single highly classified email sent by every single employee.


You'd have to be an idiot to do that. Everyone knows that real spies use Gmail.
 
2013-07-23 06:35:01 PM
One little proggy, Sherpa Mail Attender, problem solved.  I do it every day.
 
2013-07-23 06:49:11 PM

Elegy: I actually wouldn't be surprised if the NSA keeps the archaic system because it is more difficult to search.

In fact, I wouldn't be surprised if they've got partitions and security measures in place specifically designed to keep people from doing global searches.

Such a system is much more secure in the event of a security breach than one that indexes every single highly classified email sent by every single employee.


Obviously.

Plus, it gives them plausible deniability for all sorts of problems, AND it makes audits an incredible pain in the ass.

I have no doubt that this is entirely true. By design. Especially since I'm sure the really sensitive information is never communicated by email anyway. Too hackable/Snowdenable. Maybe it's done by untraced IMs, or in person, or by smoke signal, but I would be VERY surprised to learn they use something as traceable and quasi-permanent as email.
 
2013-07-23 07:01:39 PM
www.chud.com
 
2013-07-23 07:01:55 PM
So apparently, intracompany email is more difficult to obtain than hard drives full of information about specific programs and policies.

The NSA everyone. Let's give them a hand.
 
2013-07-23 07:54:28 PM
How long before Anonymous has a zip file of every email sent by NSA employees?
 
2013-07-23 08:03:37 PM
Typical deflection of a public records request. FOIA the spokesperson's expense reports for the past three years. Also her boss.
 
2013-07-23 08:06:40 PM

jaylectricity: How long before Anonymous has a zip file of every email sent by NSA employees?


If we're starting a pool, I've got Thursday afternoon.
 
2013-07-23 08:06:51 PM

whistleridge: Elegy: I actually wouldn't be surprised if the NSA keeps the archaic system because it is more difficult to search.

In fact, I wouldn't be surprised if they've got partitions and security measures in place specifically designed to keep people from doing global searches.

Such a system is much more secure in the event of a security breach than one that indexes every single highly classified email sent by every single employee.

Obviously.

Plus, it gives them plausible deniability for all sorts of problems, AND it makes audits an incredible pain in the ass.

I have no doubt that this is entirely true. By design. Especially since I'm sure the really sensitive information is never communicated by email anyway. Too hackable/Snowdenable. Maybe it's done by untraced IMs, or in person, or by smoke signal, but I would be VERY surprised to learn they use something as traceable and quasi-permanent as email.


You've obviously never heard of JWICS. That is the US computer network for top secret and sensitive compartmentalized information.
 
2013-07-23 08:07:16 PM
i.imgur.com
 
2013-07-23 08:09:04 PM

jaylectricity: How long before Anonymous has a zip file of every email sent by NSA employees?


Depends on how fast the NSA's equipment is, because I'd be willing to believe whoever is already doing this for Anonymous has better equipment than an agency that claims not to be able to do this.  (Well okay, they might have good stuff, but they keep it locked up in a hutch in some douchewad's office, next to the picture of him and the marlin he "caught" and the 2nd place golf trophy.)
 
2013-07-23 08:09:39 PM

jaylectricity: How long before Anonymous has a zip file of every email sent by NSA employees?


Considering it's not their target class/level...likely never
 
2013-07-23 08:14:31 PM
Well of course, it's not like the NSA wants some secretive, unaccountable agency with nearly unlimited funds to be able to spy on them.
 
2013-07-23 08:16:32 PM
Why is this such a problem?  Just filter every National Geographic employee's records on when they wrote to, talked to, or thought about someone in the NSA and just send that.
 
2013-07-23 08:16:35 PM
Its extremely likely that the NSA designs their own email systems with protections that prevent any employee from being able to access other employees emails, for  really obvious reasons.  Like.. they likely are deleted off the server after being retrieved once, etc.

This is the NSA we're talking about guys.. come on.
 
2013-07-23 08:17:33 PM

Alonjar: Its extremely likely that the NSA designs their own email systems with protections that prevent any employee from being able to access other employees emails, for  really obvious reasons.  Like.. they likely are deleted off the server after being retrieved once, etc.

This is the NSA we're talking about guys.. come on.


OK, I just re-read the article and absolutely none of this applies.  I revoke my previous statements.

fark you NSA.
 
2013-07-23 08:17:49 PM

Danger Avoid Death: jaylectricity: How long before Anonymous has a zip file of every email sent by NSA employees?

If we're starting a pool, I've got Thursday afternoon.


I'm in for the wee hours of Sunday morning.
 
2013-07-23 08:18:30 PM

MrEricSir: Well of course, it's not like the NSA wants some secretive, unaccountable agency with nearly unlimited funds to be able to spy on them.


This
 
2013-07-23 08:18:42 PM

ZAZ: A few days after filing the request, Blacker called, asking me to narrow my request since the FOIA office can search emails only "person by person," rather than in bulk. The NSA has more than 30,000 employees.

A former giant corporation employer had a policy that employees could only retain email on their local disks. The Exchange server would erase it within months. That was to prevent a single subpoena or discovery request from finding everything incriminating on one server. (A comment on Fark said that policy was not legally sound as explained to me.)


The law requires that these records be maintained for at least three years if it is a publicly traded company.
 
2013-07-23 08:20:06 PM
I don't have a problem with the government spying on other nations.  The first satellite photos of other nations allowed us to know what they were up to.  We went from having to guess how many missiles and warships they had to knowing exactly how many bombs and warships they had.  It allowed the government to know exactly what the military capabilities of their enemies were.

When it comes to the government spying on it's own people without apology, it means that they view us as the enemy, just like they viewed the USSR during the cold war, North Korea, Iran and various other nations.  The people we voted into power sees it necessary to spy on it's own people while at the same time spying on nations that it views as dangerous threats.  We really need to look past party and start voting against those who support the NSA spying on U.S. citizens.
 
2013-07-23 08:22:32 PM
It actually wouldn't surprise me. They are still a government agency.
 
2013-07-23 08:23:39 PM
We went on github once, and a Patriot said something about selecting stars, we blew up the system with nude celebrity photos.
 
2013-07-23 08:23:59 PM

Serious Black: whistleridge: Elegy: I actually wouldn't be surprised if the NSA keeps the archaic system because it is more difficult to search.

In fact, I wouldn't be surprised if they've got partitions and security measures in place specifically designed to keep people from doing global searches.

Such a system is much more secure in the event of a security breach than one that indexes every single highly classified email sent by every single employee.

Obviously.

Plus, it gives them plausible deniability for all sorts of problems, AND it makes audits an incredible pain in the ass.

I have no doubt that this is entirely true. By design. Especially since I'm sure the really sensitive information is never communicated by email anyway. Too hackable/Snowdenable. Maybe it's done by untraced IMs, or in person, or by smoke signal, but I would be VERY surprised to learn they use something as traceable and quasi-permanent as email.

You've obviously never heard of JWICS. That is the US computer network for top secret and sensitive compartmentalized information.


No, I have. I was trying to be all tinfoil-hat-ish. Maybe I didn't sell it hard enough?
 
2013-07-23 08:31:20 PM

ZAZ: A few days after filing the request, Blacker called, asking me to narrow my request since the FOIA office can search emails only "person by person," rather than in bulk. The NSA has more than 30,000 employees.

A former giant corporation employer had a policy that employees could only retain email on their local disks. The Exchange server would erase it within months. That was to prevent a single subpoena or discovery request from finding everything incriminating on one server. (A comment on Fark said that policy was not legally sound as explained to me.)


That could work as as a policy if there were no overriding regulations for the particular business such as HIPAA.

The trick with document retention policies (DRP) is that you have to get them into effect early in the company's history because once served with a lawsuit, you must preserve documents for discovery.

So that if you were able to set a policy that no mail is kept on the server longer than 30 days AND that no backups of the server nor client systems were done, then you are free to destroy emails.

It's really up to management to decide what the business risk is regarding how much information to archive vs. the exposure. Some CEOs demand every email be kept (only to regret it later) vs those which are aggressive in purging non-critical information.

Once you've been sued and gone through discovery your point of view might radically change.

This is why enterprise email servers like Exchange are preferred because they are built with policy compliance in mind. e.g. turn on "Litigation Hold" for a user and everything on the user is kept even though they are deleting and storing mail. It's all kept at the server regardless of what they do at the mail client.
 
2013-07-23 08:31:38 PM
Type our you e-mail in word.  Take a screen capture.  Send as attachment.  Read that NSA!

:-D
 
2013-07-23 08:33:09 PM

Danger Avoid Death: jaylectricity: How long before Anonymous has a zip file of every email sent by NSA employees?

If we're starting a pool, I've got Thursday afternoon.


I'll take Thursday AM.
 
2013-07-23 08:33:20 PM
ALEX I'm getting this from anonymous crypto boards. Daedalus was supposed to beat the old content-recognition problem in surveillance; it was a program that could search all the terabytes of intercepted messages for subversive content.
JC DENTON So what happened?
ALEX Never panned out, as far as I know. The problem was just too hard. They blew through a lot of taxpayer money but finally had to scrap the whole project.
 
2013-07-23 08:34:17 PM

picturescrazy: It actually wouldn't surprise me. They are still a government agency.


Meh, another complete falsehood anyway, since the data storage and backup hardware and software as much as 10 years old doesn't even need the email server to search for such things.
 
2013-07-23 08:36:03 PM
So why not file 30,000 FOIA requests? They don't have to all come from one person. I'm sure there are people willing to help on the internet
 
2013-07-23 08:36:06 PM
Most companies would have a hard time. With that many employees, most mail servers run out of hard drive space in no time, so administrators only give employees a very small amount of space on an Exchange server before annoying quota emails start arriving. When that happens, most employees will choose to set up an outlook rule to just move email to a local folder in a possibly encrypted .pst archive file.  Now you have ~30000 possibly encrypted files with emails in a non-standard location.  To search for bulk terms in e-mail would be no easy task at all when this happens.
 
2013-07-23 08:36:56 PM
They must use Lotus Notes.
 
2013-07-23 08:41:07 PM

Klippoklondike: That FOIA request officer lady has an awesome job.  All she has to say is "No, sorry, can't do it" and then make up some bs line that nobody would ever believe.  And she gets payed for it.


She'd be perfect for AT&T customer service.
 
2013-07-23 08:42:40 PM

Danger Avoid Death: jaylectricity: How long before Anonymous has a zip file of every email sent by NSA employees?

If we're starting a pool, I've got Thursday afternoon.


Sunday evening.
 
2013-07-23 08:45:44 PM

MooseUpNorth: Danger Avoid Death: jaylectricity: How long before Anonymous has a zip file of every email sent by NSA employees?

If we're starting a pool, I've got Thursday afternoon.

Sunday evening.


They'll have it by Friday morning, but they won't announce it until Monday, so it doesn't get lost in the news cycle.
 
2013-07-23 08:48:30 PM

RedPhoenix122: MooseUpNorth: Danger Avoid Death: jaylectricity: How long before Anonymous has a zip file of every email sent by NSA employees?

If we're starting a pool, I've got Thursday afternoon.

Sunday evening.

They'll have it by Friday morning, but they won't announce it until Monday, so it doesn't get lost in the news cycle.


Yep. Pretty much what I'm talking about.
 
2013-07-23 08:49:53 PM
NSA no longer has human employees for the most part. Robots took over about the same time that drones were becoming popular and Men in Black 3 made it to cable.

moviewriternyu.files.wordpress.com
 
2013-07-23 08:51:24 PM

The My Little Pony Killer: Christ, what assholes.


I for one am shocked that an organization with unlimited power and immunity from legal recourse would employ such people.
 
2013-07-23 09:00:52 PM
Contact Kibo to grep the spool
 
2013-07-23 09:03:52 PM
I have to call bullshiat on that one. I think it is a lie. It is not that hard of a thing to do .... I've done it as part of my job.. "Oh Mr. Email Administrator..."    Boss comes in and says there is a subpena... find the information outlined.. - Ok.. soooo.. yeah...  I have to search 15k employee mailboxes over from date X to date Y looking for  string Z.....  "is the data subject to statuary backup, like in 45 CFR 164" I ask? "Yes" I am told just get it done."

/Took me four days, including the retrieval of the backups... but I have the "selected" emails.
//There was a lot of overtime...
 
2013-07-23 09:05:14 PM

lohphat: ZAZ: A few days after filing the request, Blacker called, asking me to narrow my request since the FOIA office can search emails only "person by person," rather than in bulk. The NSA has more than 30,000 employees.

A former giant corporation employer had a policy that employees could only retain email on their local disks. The Exchange server would erase it within months. That was to prevent a single subpoena or discovery request from finding everything incriminating on one server. (A comment on Fark said that policy was not legally sound as explained to me.)

That could work as as a policy if there were no overriding regulations for the particular business such as HIPAA.

The trick with document retention policies (DRP) is that you have to get them into effect early in the company's history because once served with a lawsuit, you must preserve documents for discovery.

So that if you were able to set a policy that no mail is kept on the server longer than 30 days AND that no backups of the server nor client systems were done, then you are free to destroy emails.

It's really up to management to decide what the business risk is regarding how much information to archive vs. the exposure. Some CEOs demand every email be kept (only to regret it later) vs those which are aggressive in purging non-critical information.

Once you've been sued and gone through discovery your point of view might radically change.

This is why enterprise email servers like Exchange are preferred because they are built with policy compliance in mind. e.g. turn on "Litigation Hold" for a user and everything on the user is kept even though they are deleting and storing mail. It's all kept at the server regardless of what they do at the mail client.


I wish my company would activate that feature for me. They delete all emails after only 90 days. It's a pain in the ass.
 
2013-07-23 09:05:24 PM
I work in the construction industry; email discovery and archival retrieval is a significant part of my duties.
We keep email for 20 years, but we give users a period of time to delete things before automatically archiving it.
I can search for and retrieve by almost any parameters from any number of users.
I call bullshirt.
 
2013-07-23 09:11:00 PM
Y'all'r gonna wanna sit down for this, but the House looks to be doing something non-retarded:

http://www.dailykos.com/story/2013/07/23/1225971/-House-to-vote-on-b ip artisan-amendment-curtailing-the-NSA-s-power
 
2013-07-23 09:12:51 PM

Spirit Hammer: We keep email for 20 years


Holy cow --  at my last job, we only keept it for eight.... Just the statute of limitations and a little slack beyond that... And if it wasn't something that didn't need to be saved... we would not save it....  We even told employees to avoid email and use encrypted IM for certain things.  (...there are a couple of encryption applications that work nicely with various IM clients.)
 
2013-07-23 09:14:38 PM

wademh: Contact Kibo to grep the spool


nyobetabeat.files.wordpress.com
 
2013-07-23 09:15:04 PM

Elegy: I actually wouldn't be surprised if the NSA keeps the archaic system because it is more difficult to search.

In fact, I wouldn't be surprised if they've got partitions and security measures in place specifically designed to keep people from doing global searches.

Such a system is much more secure in the event of a security breach than one that indexes every single highly classified email sent by every single employee.


"I don't believe anything the NSA says! They're searching everything! They're searching nothing! I'm so paranoid I don't believe myself!"
 
2013-07-23 09:16:30 PM
i.imgur.com
 
Displayed 50 of 110 comments

First | « | 1 | 2 | 3 | » | Last | Show all

View Voting Results: Smartest and Funniest


This thread is closed to new comments.

Continue Farking
Submit a Link »






Report