Has Irelands Internet data been tapped by GCHQ and the NSA?

Mr.Micro

dkane wrote: »

Targeted surveillance is usually covert, as in where you have a target who is suspected of a crime. Targeted surveillance also has due process in most countries, a court or judge gives permission for the surveillance taking into account some evidence of wrongdoing.

This is very different to mass surveillance of a population. There is no need for it to be covert, either you are collecting everything or you are not. CCTV cameras in cities are not covert, in fact they are usually very overt in order to act as a deterrent.

Yes indeed, but its a moot point. We do not see every camera that is watching us, many are hidden or in places disguised etc.

dkane

Mr.Micro wrote: »

Yes indeed, but its a moot point. We do not see every camera that is watching us, many are hidden or in places disguised etc.

We may not be aware of the location of every CCTV camera but they are not usually disguised or hidden. The point is that it is public knowledge that CCTV systems exist and yet they are effective.

Similarly there is no requirement for an online mass surveillance system to be covert for it to be effective.
The primary reason for keeping such systems secret is to keep them out of the public debate.

KyussBishop

Arciphel wrote: »

There is a lot of complexity involved in try to tap into data at the optical i.e. fiber optic level. Optical communication networks function by encoding electric data into the optical domain, modulating several data streams into sub-carriers and then propagating very short pulses of light down an optical fiber. At the other end, the data is demodulated, filtered and then converted back into the electrical domain.

You can't pick and choose what you take out of the stream, you would need to capture everything and then post-process it to pick out what you are looking for. I assume this is what the OP's post mentions, the real challenge here would be having a server or servers capable of dealing with the huge amounts of data and then storing and processing it. It's not like finding a needle in a haystack, it's like finding a needle in a river of needles which are all flooding past you at a hundred miles an hour.

A lot of the optical communication schemes use encoding methods which have forward error correction built in, and this is important. If you suddenly did find a way to break into the data in a fibre optic cable, this intrusion could easily be detected as the signal level in the network would fluctuate and the stream of data would become dispersed, either temporally (in time) or in phase or in signal level, and these fluctuations can be readily detected using run of the mill equipment.

What this all means is that this would be very, very difficult to do any of this without the implicit permission and co-operation of the owners of these networks. Unless there is some type of previously unseen quantum-type technology being used which can infiltrate these types of data streams undetected, but we are getting in conspiracy theory realms now. Although there are a lot of rumors that the US Navy have a modified submarine which can tap into undersea long-haul fiber-optic cables.

It's pretty easy to create a splitter for fiber optic cables, that just duplicates all the traffic (no tampering needed, bar the physical splitter); this is what the NSA usually do, if I recall correctly.

Arciphel

Splitters are commonplace, yes, but they have insertion losses which can be detected when you measure the signal gain across the optical link - also, they disturb the overall gain spectrum and distort the constellation diagram.

Mr.Micro

dkane wrote: »

Similarly there is no requirement for an online mass surveillance system to be covert for it to be effective.
The primary reason for keeping such systems secret is to keep them out of the public debate.

Well the US kept its Prism operation secret, which is a mass surveillance system, so I presume it has a reason other than debate. It was only recently revealed by US whistleblower Snowden as we all know. Ironically this man, a believer I would presume, in free speech, liberty and democracy, is now being pursued by the US, the land of the free, for the leaks.

Peanut

KyussBishop wrote: »

It leads to the question: What are our own secret services doing, in this regard? What is to stop the Irish secret services (who we know very little about) from co-operating with the UK to eavesdrop.

We've seen with the NSA, that they can bypass a bunch of restrictions, by data collection happening offshore; is that in any way applicable to Ireland too?

I think this is the more interesting question.

No doubt any Irish network traffic routed via the UK/US is being collected as part of a comprehensive effort, the question is how much (if any) domestic, internally routed data is being gathered and/or shared with overseas agencies.

dkane

Germany blasts UK over mass monitoring
Germany have come out and questioned the UK over the issue.
It really is poor form that the Irish government has still made no comment.

Walker34

Peanut wrote: »

I think this is the more interesting question.

No doubt any Irish network traffic routed via the UK/US is being collected as part of a comprehensive effort, the question is how much (if any) domestic, internally routed data is being gathered and/or shared with overseas agencies.

I do know that our SS act as observers and monitors of any targets of interest to Interpol/FBI/CIA. I was present at a conversation where one of the Irish SB noted that he recognised someone from a job they done in a Dublin hotel where they were observing the guys who had bumped of Sadat in Egypt. They were just watching to see who they were meeting with and what they were saying. They just passed on the information to the US as directed. A lot of "interesting" folks pass through here as its off the beaten track, and seen as a quiet backwater for such activity.

TimTim

Peanut wrote: »

I think this is the more interesting question.

No doubt any Irish network traffic routed via the UK/US is being collected as part of a comprehensive effort, the question is how much (if any) domestic, internally routed data is being gathered and/or shared with overseas agencies.

A significant portion of traffic leaving Ireland will go via the UK where it could presumably be picked up by GCHQ et all. You can see various submarine cable paths here.

KyussBishop wrote: »

It's pretty easy to create a splitter for fiber optic cables, that just duplicates all the traffic (no tampering needed, bar the physical splitter); this is what the NSA usually do, if I recall correctly.

The NSA allegedly built rooms in various telco buildings in the states and had splitters installed so they could sniff traffic passing through an ISP's core network. Search for room 614A for some of the details about it.

Getting co-operation like this would be considerably easier than trying to physically splice into a fiber cable without someone getting suspicious although I wouldn't put it past them for some less friendly targets.

Peanut

TimTim wrote: »

A significant portion of traffic leaving Ireland will go via the UK where it could presumably be picked up by GCHQ et all. You can see various submarine cable paths here.

Yes exactly, but the current revelations appear to leave something of a "blind spot" where traffic is routed solely between Irish networks, at least wrt. US/UK agencies. I'm sure there is a capability for the relevant Irish agencies to access this traffic in some form, the question is whether it's being collected wholesale in a similar fashion to the other interceptions. We don't seem to have any information on that.

TimTim

Peanut wrote: »

Yes exactly, but the current revelations appear to leave something of a "blind spot" where traffic is routed solely between Irish networks, at least wrt. US/UK agencies. I'm sure there is a capability for the relevant Irish agencies to access this traffic in some form, the question is whether it's being collected wholesale in a similar fashion to the other interceptions. We don't seem to have any information on that.

We have data retention laws in place since 2011, they are certainly recording some metadata about internet/phone activity. If it is as extensive as what is being done in the UK/US or is being shared with either agency is unknown. I haven't heard any leaks about what is going within ISPs.

oscarBravo

Peanut wrote: »

...the current revelations appear to leave something of a "blind spot" where traffic is routed solely between Irish networks...

Traffic routed between Irish networks mostly happens via INEX. I'd be fairly confident that INEX isn't participating in any wholesale espionage on behalf of either the Irish or any other government.

Some inter-network traffic goes through private peering arrangements, which generally take the form of a copper or fibre patch lead between two switches or routers. And still more goes via the UK or the US, in which case all bets are off.

Peanut

oscarBravo wrote: »

Traffic routed between Irish networks mostly happens via INEX. I'd be fairly confident that INEX isn't participating in any wholesale espionage on behalf of either the Irish or any other government.

I would have thought so too, before this, and some political sensitivities in sharing data with the UK also lean against it.

But the Ireland-US relationship is much harder to get a grasp of, and we've seen before with Sherlock etc. that there is an amount of behind the scenes lobbying that perhaps could best be described as "murky".

wandatowell

Does the NSA really care that Im on boards.ie while watching The Hunger Games at 05:07 on a saturday morning?

Peanut

wandatowell wrote: »

Does the NSA really care that Im on boards.ie while watching The Hunger Games at 05:07 on a saturday morning?

Probably not, but if you wanted to figure out the political persuasions of a large number of people, eavesdropping on personal session data (email addresses, unsecured logins, secured logins with SSL keys, cookies etc.) to establish identity and consolidating that with discussion board posts, browsing habits etc. is probably better than checking Facebook likes. I don't think this actually happens here, but it seems like a risk to consider when systems like these are given enough free rein.

Peanut

French Prism-like system snoops on internal French communications as well as foreign data

France has its own PRISM-like surveillance program, report suggests

I'm a bit suspicious of these reports mentioning "meta-data". Which could be anything from simply capturing the sender and receiver of an email, to an entire concise semantic markup of the message contents.

Son Of A Vidic

dkane wrote: »

I think it is shocking that the Irish government has made no comment as to its position regarding the mass interception of Internet data by both the NSA and GCHQ given that the vast majority of Ireland's international fibre connections are to the USA or UK.

Their job is to obey and facilitate if necessary, but never question.

dkane

Corvus Maximus wrote: »

Their job is to obey and facilitate if necessary, but never question.

See I'd actually feel more comfortable if the Irish government came out and said that that actually was their position.
Instead of the position being "um... I don't know, explain to me what's going on again"

KyussBishop

Apparently the Irish Government has received a pre-emptive arrest warrant for Edward Snowden:
http://www.irishtimes.com/news/world/us/us-sends-government-an-arrest-warrant-for-snowden-1.1453364

Perhaps the Irish Government should instead be demanding information, on the extent of US and UK wiretapping of our international fiber connections? (and offering Snowden asylum, for revealing such important information)

dkane

KyussBishop wrote: »

Perhaps the Irish Government should instead be demanding information, on the extent of US and UK wiretapping of our international fiber connections? (and offering Snowden asylum, for revealing such important information)

They are never going to offer Snowden asylum but they absolutely should be questioning the extent of US and UK wiretapping of our international fiber connections.

KyussBishop

Well there we go, it might as well be confirmed:

Snowden: In some cases, the so-called Five Eye Partners 4 go beyond what NSA itself does. For instance, the UK's General Communications Headquarters (GCHQ) has a system called TEMPORA. TEMPORA is the signals intelligence community's first "full-take" Internet buffer that doesn't care about content type and pays only marginal attention to the Human Rights Act. It snarfs everything, in a rolling buffer to allow retroactive investigation without missing a single bit. Right now the buffer can hold three days of traffic, but that's being improved. Three days may not sound like much, but remember that that's not metadata. "Full-take" means it doesn't miss anything, and ingests the entirety of each circuit's capacity. If you send a single ICMP packet 5 and it routes through the UK, we get it. If you download something and the CDN (Content Delivery Network) happens to serve from the UK, we get it. If your sick daughter's medical records get processed at a London call center … well, you get the idea.

Interviewer: Is there a way of circumventing that?

Snowden: As a general rule, so long as you have any choice at all, you should never route through or peer with the UK under any circumstances. Their fibers are radioactive, and even the Queen's selfies to the pool boy get logged.

http://www.spiegel.de/international/world/interview-with-whistleblower-edward-snowden-on-global-spying-a-910006.html

This is more a repetition of my OP (which goes further in saying data is collected on a rolling basis for 30 days), but Snowden is more explicit here in stating the 'if it routes through the UK, it is stored/collected' nature of the tapping (leaving it less open to question).

So. Is the Irish government going to make any requests to the UK or US governments, demanding to know the full extent of collection of Irish Internet communications, and demand it be stopped immediately?

KyussBishop

Constantly catching up with this topic - some even more important revelations in one of Glenn Greenwald's articles lately (not meaning to turn this into a blog by the way - I try not to post anything new, unless I see something important in it):

Glenn Greenwald wrote:

There are many more populations of non-adversarial countries which have been subjected to the same type of mass surveillance net by the NSA: indeed, the list of those which haven't been are shorter than those which have.
...
As those two articles detail, all of this bulk, indiscriminate surveillance aimed at populations of friendly foreign nations is part of the NSA's "FAIRVIEW" program. Under that program, the NSA partners with a large US telecommunications company [...], and that US company then partners with telecoms in the foreign countries. Those partnerships allow the US company access to those countries' telecommunications systems, and that access is then exploited to direct traffic to the NSA's repositories.

http://www.guardian.co.uk/commentisfree/2013/jul/07/nsa-brazilians-globo-spying

This is a really important revelation: What foreign companies, and in which countries, are co-operating with the NSA to spy on their home country?

For a company to do this, helping a foreign nation spy on the entire population of a country - this fits the very definition of treason, does it not?


So, is this happening in Ireland? Are Irish telecoms companies co-operating with US telecom companies, to spy on Irish citizens? (this would be much more significant than tapping our international fibers - it may allow total surveillance within our country, instead of only partial surveillance of data going out of our country)

Our government shouldn't just be demanding answers from the UK and US about tapping our international fibers, but our government should also be undertaking an investigation into telecom companies operating in Ireland (not to mention Internet multinationals based in Ireland), to both ensure they have not participated in any such information sharing/spying deals, and especially to reassure the public that this is not the case either.

If any telecom companies here are found to be helping the US spy on Irish citizens, people must end up in prison for that (and I wouldn't be opposed to using any treason-based laws, for throwing the book at them).


It is insane to think, that the only person in all of this currently likely to be charged with treason, is Edward Snowden himself.

Valmont

KyussBishop wrote: »

Is the Irish government going to make any requests to the UK or US governments, demanding to know the full extent of collection of Irish Internet communications, and demand it be stopped immediately?

We need to forget the politicians, they aren't going to help us. We also need to boycott the companies complicit in the spying. The response to this will have to come from outside the political establishment and as such I think will be a real measure of people power in its purest form.

KyussBishop

Valmont wrote: »

We need to forget the politicians, they aren't going to help us. We also need to boycott the companies complicit in the spying. The response to this will have to come from outside the political establishment and as such I think will be a real measure of people power in its purest form.

The trouble is, short of our own whistleblowers from telecoms companies exposing it (who are heavily dis-incentivized from doing this, due to potential legal/professional/personal repercussions - whistleblowers get skewered in this country), there is no way to even find out about it, other than through government instigating an investigation of Irish telecom companies.

If we are unable to find out which companies engage in this (if any), then we can't boycott them, and (even if we did find out about it) a boycott can only be effective if enough people can be convinced to actually care about the issue (which is not certain at all).

Unfortunately, one of the few effective ways to tackle this kind of stuff, is from within the political establishment, through government.

nickhilliard

wandatowell wrote: »

Does the NSA really care that Im on boards.ie while watching The Hunger Games at 05:07 on a saturday morning?

...which is the "I've got nothing to hide" argument.

As you've admitted you've got nothing to hide, would you mind posting details of your entire email archive, all chat scripts, your online bank accounts, your online shopping habits including all purchases you ever made, and most interesting of all, your entire search history over the last couple of years?

Remember, you've got nothing to hide. And we'll promise to be discrete about your personal details if you post them on boards. You can trust us, honest.

fwiw, we have privacy laws for a reason. They exist to protect citizens.

http://www.imdb.com/title/tt0060665/quotes?item=qt0429616

Nick

football_lover

KyussBishop wrote: »

New revelations by Edward Snowden, show that the UK is participating in helping the NSA tap international fiber connections:

http://www.guardian.co.uk/uk/2013/jun/21/gchq-cables-secret-world-communications-nsa

This is huge. In my view probably Snowdens most important revelation yet.

Since a lot of Irish traffic is routed through the UK, does this effectively mean Irelands Internet traffic is being tapped as well? (it would seem that way to me, maybe some with more technical knowledge of Irelands fiber networks would know better)

Why would you even care about something like this when our own government cannot even get fiber optics networks up for people.

I find the attitude in Ireland disgusting that people would worry about something like this but yet not worry about the fact other competitors to Ireland economy have fiber networks that would put our to shame.