I'm with you.

If you look at history and the kind of surveillance powers governments had compared to the general population, it isn't unreasonable to assume that they can "monitor" everything. In fact you can find several YouTube videos of people who claim they created just such a system after 9/11 for the NSA.

The question is not if the NSA are sweeping every piece of electronic communications, the question is: "how much are they storing?"

If they're just building communications trees then that is a lot less invasive than even automated e-mail scanning. However it is very likely they're looking at content too, because historically (e.g. cold war) they always did keyword/phase monitoring.

If I had to guess, I would guess they're building large communication trees and giving everyone in them a "score" (think: credit score). This score raises based on things like the language used, perceived threat, and similar.

Then when someone's score is high enough or they talk to the "wrong people" you have human analysts who go over their profile with a fine tooth comb...

None of this is impossible with our current technology. In fact it isn't even technically that difficult - just expensive.

Now if you want to get really conspiratorial then let's talk about the public SSL certificate oligopoly. The five or six companies generating the majority of the world's SSL keys are likely handing them straight over to the NSA and in exchange the NSA keeps those companies in power/control of that market.

> Now if you want to get really conspiratorial then let's talk about the public SSL certificate oligopoly. The five or six companies generating the majority of the world's SSL keys are likely handing them straight over to the NSA and in exchange the NSA keeps those companies in power/control of that market.

That's really a very scary thought and I wouldn't be at all surprised if it were true. At least the first part.

There were some talks about this at defcon and black hat. Think a century worth of data for every citizen. The other thing which I haven't been able to fully verify or debunk is a change in the semantics of NSA spying, basically interception isn't considered spying until analysis.

It creates a lot of grey space. First, can the data be used to train up various search agents? After you die can they then analyze your data? Among other things.. and just the general safety of the data.

As for ssl, they shouldn't have yor keys, they just sign them and vouch. If NSA compromises the ca authorities they could man in the middle ssl but not feat your keys.

Normally the site/user generates SSL keypairs locally. The "public SSL certificate oligopoly" just signs them. So, the NSA could get arbitrary SSL certs issued from compromised CAs for MITM, including replacing them on servers, but still couldn't passively intercept/decrypt.

(Although there's ANOTHER 3 company oligarchy in SSL -- probably Apple and Google and Microsoft actually do generate on their hardware or software the majority of SSL keypairs used. If you compromised there, you could get access to everything, either at generation time, or later through a backdoor. This is unlikely as a pervasive thing since it would be eventually detected, but highly plausible for targeted attacks. If nothing else, government 0-day focused on those platforms to get access to keys would be enough, and wouldn't require cooperation of the vendors.)

Im with you, almost to the point where stories like this are not even a worth while issue. I suppose the story here is that the FBI are being public about it.

The net is exact opposite of private, and that's that. And really it always has been. What is actually weird is that people ever thought otherwise. Bits can be made private, but even then its clear to an observer that something private is going on, and then they do everything possible to break it open. Its like a big old, hey, investigate me flag.

"I mean that in an objective 'you'd think the people who run the country and have access to more resources then we ever will would just find a way to do it in the first place' kind of way."

To widen the scope a bit, I find it 'funny' that so many people seem to negate the plausible idea that people with tons of money and tons of power don't use those tools for doing bad things. I'd guess that most people, as long as they can keep work/play, earn/spend cycles going, don't truly care what else is happening.

They certainly have the capability, and they probably use it on some percentage of electronic communication between 0 and 100%.

What they're trying to do here is make more of it admissible in court.

Remember: DARPA and SRI designed the global panopticon.

(You are not alone ;)

I think the same thing is true and I have a very strong suspicion that the reason people are not more outraged is because they've been conditioned by film and television to believe that the government has those powers and uses them routinely.

I don't know whether to point the finger at writers of fiction for our lowered expectations or not, but I'm sure it contributes.

> they've been conditioned by film and television to believe that the government has those powers and uses them routinely.

My unscientific observation (I don't watch these but my SO used to) is that major (USA) network "crime drama" TV shows (fictional) such as NCIS* depict, in every episode, a fully omniscient surveillance state in action [edit: and as a perfectly normal state of affairs]. My suspicion is that the underlying purpose of same is to condition the viewing citizenry of the fact that such exists and is a normal state of affairs, so there will be no problem with the preconditioned citizenry when such becomes real (if it hasn't already).

I'm tempted to believe that also.