NSA doesn't spy on American. Except wen it does

[woolfe9998]

How did they know what the wife was searching?


Seriously? My idea is tinfoil hat retarded? I would hope that if the NSA program does exist (maybe it doesn't, Snowden may not have ever worked for the NSA and is a terrorist leaking fake docs to cause unrest) that they would be keyed in on pressure cooker searches of people who have recently been let go by a company. Combination of LinkedIn employment status update + pressure cooker + backpack = bombing your ex-employer's office.

If the NSA wasn't involved, then I don't believe the program exists. Or it is just completely incompetent.

You must not be aware of the fact that over a decade ago, the courts ruled that an employee has no expectation of privacy when using computer hardware which belongs to his employer, and that since the equipment belongs to the employer, the employer can access the employee's e-mails, search history, etc. Or you might have missed the fact that employers do this kind of thing all the time because they want to know what their employees are doing with their company time. Ever heard of someone getting fired for shopping online at work?

In this particular case, the employer discovered these search terms and reported it to the police. Unless you have other information besides what is in the article that you want to share, that is all we know.

From the information, there is simply zero evidence of NSA involvement here. What "programs" the NSA has or don't have are not relevant to this particular story. I'm not even sure why the NSA is even being discussed here.

 

[momeNt]

You must not be aware of the fact that over a decade ago, the courts ruled that an employee has no expectation of privacy when using computer hardware which belongs to his employer, and that since the equipment belongs to the employer, the employer can access the employee's e-mails, search history, etc. Or you might have missed the fact that employers do this kind of thing all the time because they want to know what their employees are doing with their company time. Ever heard of someone getting fired for shopping online at work?

In this particular case, the employer discovered these search terms and reported it to the police. Unless you have other information besides what is in the article that you want to share, that is all we know.

From the information, there is simply zero evidence of NSA involvement here. What "programs" the NSA has or don't have are not relevant to this particular story. I'm not even sure why the NSA is even being discussed here.

Oh, did the wife and husband work together? Did he maybe take his computer home and allow the wife to search on it? That is how the police new both the husband and wife's search terms?

 

[woolfe9998]

Oh, did the wife and husband work together? Did he maybe take his computer home and allow the wife to search on it? That is how the police new both the husband and wife's search terms?

Re-read the OP's article. The wife was never questioned. The police came to speak with the husband because his former employer had tipped them off about searches he ran while at work. The wife apparently wrote a blog about the incident, though when she wrote the blog she did not know that her husband's computer searches at work was the reason for the questioning.

 

[Acanthus]

Here's some more good reading for you.

http://www.informationweek.com/security/privacy/nsa-surveillance-can-penetrate-vpns/240159261
NSA Surveillance Can Penetrate VPNs
Thomas Claburn | August 01, 2013 09:14 AM

The National Security Agency has a system that allows it to collect pretty much everything a user does on the Internet, according to a report published by The Guardian on Wednesday, apparently even when those activities are done under the presumed protection of a virtual private network (VPN).

The Guardian's information comes from whistleblower Edward Snowden, the former NSA contractor now seeking asylum in Russia from U.S. authorities for revealing classified documents about the NSA's intelligence-gathering capabilities to the media. The news organization's report suggests that Snowden's claim that he could wiretap anyone from his desk, dismissed by U.S. lawmakers as false, was essentially accurate.

Described in a 2008 presentation, the system, called XKeyscore, can reportedly track email addresses, logins, phone numbers, IP addresses and online activities — files, email contents, Facebook chats, for example — and can cross-reference this information with other metadata.

Even after weeks of revelations about the scope and breadth of NSA data gathering, news that XKeyscore can penetrate VPNs comes as a something of a shock.

"This is huge: XKeyscore slides also suggest NSA regularly decrypts encrypted VPN traffic," said security researcher Ashkan Soltani via Twitter.

Read the rest here: http://www.informationweek.com/security/privacy/nsa-surveillance-can-penetrate-vpns/240159261

collecting encrypted data is not "penetrating a VPN".

It is exactly what VPNs are designed to prevent.

Picking up a pile of encrypted data is worthless unless you can break the encryption.

 

[momeNt]

Re-read the OP's article. The wife was never questioned. The police came to speak with the husband because his former employer had tipped them off about searches he ran while at work. The wife apparently wrote a blog about the incident, though when she wrote the blog she did not know that her husband's computer searches at work was the reason for the questioning.

But the police department in Suffolk County, N.Y., issued a statement later Thursday saying that the incident unfolded after detectives "received a tip from a Bay Shore computer company regarding suspicious computer searches conducted by a recently released employee" on the employee's workplace computer. The employee had searched the terms "pressure cooker bombs" and "backpacks," the statement said.

Statement from posted article.

Most of it was innocent enough. I had researched pressure cookers. My husband was looking for a backpack.

https://medium.com/something-like-falling/2e7d13e54724

Her blog.


I'm having trouble reconciling the two statements.

 

[dabuddha]

collecting encrypted data is not "penetrating a VPN".

It is exactly what VPNs are designed to prevent.

Picking up a pile of encrypted data is worthless unless you can break the encryption.

The article says

"This is huge: XKeyscore slides also suggest NSA regularly decrypts encrypted VPN traffic," said security researcher Ashkan Soltani via Twitter.

If true, they're not just collecting, they're decrypting.

 

[Acanthus]

The article says



If true, they're not just collecting, they're decrypting.

Where are the slides that suggest that?

There was some alarmist crap like a week ago about the NSA capturing handshakes to try to decrypt later that was misunderstood as them just decrypting things on the fly.

I'm not taking some guys word for it in an alarmist article.

I would also like to know the magic behind decrypting a 2048 bit RSA handshake or AES-256-CBC in OpenSSL 1.0.1e