Just read the latest bit from our friend Mr. Snowden:
Interesting slides. Some thoughts:
- This is an internal training deck, from 2008.
- It shows full data capture – emails, VPN connections and more — in many countries around the world.
- Data remains local — it’s not practical to feed all this stuff back to the US. Sensible architecture.
- Interesting to see which countries are collaborating with the NSA on this kind of snooping and which are not.
- This is from 2008. Imagine how much more they can do today!
- Not snooping on US citizens/residents? Yeah, right.
- Cool to see that Canada (where I live) is not on the list of cooperating states.
- They claim ability to decrypt VPN traffic. I wonder how that’s done? Is there some secret key leakage/disclosure going on in popular VPN client packages? This may be the most worrying bit in the presentation
- They claim 300 terrorists arrested using this platform. If true, and if they have convictions, this would go a long way towards justifying the whole thing. Privacy invasion to support theoretical security is one thing. To support concrete security results is something else again.
Bottom line: if they are actually putting away real terrorists with this stuff (as claimed) and are basically doing pattern match searches (almost certainly true), I’m not sure this is all that bad for my privacy or that of any other “honest citizens” — seems like a reasonable program, on that basis.
Just my $0.02. Let the flame war begin.