cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted
Community Champion

NSA wants to stop drinking from the fire hose ...

In the beginning was the 9/11.  (Well, actually, in the beginning was the first crypto war, back in the 90s, but ...)  And the government said, let there be the P.A.T.R.I.O.T. Act (Providing Appropriate Tools Required to Intercept and Obstruct Terrorism).  And there was all kinds of warrantless activity.  And the government said, let there be warrantless collection of data about international (and some local) emails and phone calls.  And there was bulk metadata collection, and metadata became a new "thing."

 

And ever since, the NSA has been collecting huge amounts of data, most of which doesn't indicate much of anything.  Remember cost/benefit analysis?  Well, now the NSA wants to stop doing it.  Or, at least, stop doing most of it.  Because it's just not worth it.

 

Lots of things in security sound like maybe a good idea--until you try them.  I well remember the trouble Fred Cohen got into when he started teaching his security students how to write viruses, as an exercise in trying to improve security.  He doesn't do that any more.  His students just didn't learn that much from it.  It's not worth it.

 

 

(Oh, and remember: if you're not doing anything wrong, you have nothing to fear from the gigantic surveillance apparatus that the government is hiding from you ...)


............
This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
1 Reply
Highlighted
Community Champion

Re: NSA wants to stop drinking from the fire hose ...


@rslade wrote:

...

And ever since, the NSA has been collecting huge amounts of data, most of which doesn't indicate much of anything.  Remember cost/benefit analysis?  Well, now the NSA wants to stop doing it.  Or, at least, stop doing most of it.  Because it's just not worth it.

...

(Oh, and remember: if you're not doing anything wrong, you have nothing to fear from the gigantic surveillance apparatus that the government is hiding from you ...)


We must all stay on top of developments in this arena. The NSA has not had a change of heart on mass surveillance; they just made a financial cost/benefit analysis because capturing telephone metadata (which allows comprehensive networking analysis) no longer pays off. The bad guys are no longer relying on telephones; they have shifted to a variety of encrypted internet-based communication tools. Expect national intelligence organizations to push us into a NEW Crypto-Wars discussion. Last year the current FBI director promoted going back to mandatory government monitoring technology in all encrypted systems. That was precisely what the Crypto wars were about.

 

For supporting watchdogs, I rely on EFF, EPIC, and occasionally ACLU. I recommend all infosec specialists do the same. I'd be interested in learning what organizations are good for keeping an eye on the EU.

 

 

 

 

 

Dr. D. Cragin Shelton, CISSP
Dr.Cragin@iCloud.com
https://CraginS.blogspot.com/
My Community Profile
My LinkedIn Profile
href="Not Passing a Cert Exam is Not the Same as Failing" target="new";;https://cragins.blogspot.com/2018/08/pass-rates-for-professional-exams.html