Office 365..? how Microsoft handed the NSA access to encrypted messages
Anyone else planning on bailing from office365? http://m.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration-user-d... Sent from my Mobile Device.
::::: off topic rant ::::: Just assume no data you store and or traverses any public cloud service is private or secure this is just silly. I can't believe people are so naive to believe messages sent over the public Internet isn't intercepted stored and analyzed by the same government bodies who gave it to us in the first place. I've always heard rumors as a kid that the NSA had systems long in place that could record all voice calls based on certain key phrases ever since the Nixon era so please tell me why are most people shocked with all the spying by governments? Sent from my iPhone On Jul 11, 2013, at 2:39 PM, Warren Bailey <wbailey@satelliteintelligencegroup.com> wrote:
Anyone else planning on bailing from office365?
http://m.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration-user-d...
Sent from my Mobile Device.
I 2nd Rodrick's statement of "so please tell me why are most people shocked with all the spying by governments?". All this leak does is confirm what most people already suspected or assumed. -Grant On Thu, Jul 11, 2013 at 6:27 PM, Rodrick Brown <rodrick.brown@gmail.com>wrote:
::::: off topic rant :::::
Just assume no data you store and or traverses any public cloud service is private or secure this is just silly.
I can't believe people are so naive to believe messages sent over the public Internet isn't intercepted stored and analyzed by the same government bodies who gave it to us in the first place.
I've always heard rumors as a kid that the NSA had systems long in place that could record all voice calls based on certain key phrases ever since the Nixon era so please tell me why are most people shocked with all the spying by governments?
Sent from my iPhone
On Jul 11, 2013, at 2:39 PM, Warren Bailey <wbailey@satelliteintelligencegroup.com> wrote:
Anyone else planning on bailing from office365?
http://m.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration-user-d...
Sent from my Mobile Device.
Suspecting your spouse of cheating is much different than coming home and finding them in bed with someone. -----Original Message----- From: Grant Ridder [mailto:shortdudey123@gmail.com] Sent: Thursday, July 11, 2013 9:40 PM To: Rodrick Brown Cc: nanog@nanog.org Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages I 2nd Rodrick's statement of "so please tell me why are most people shocked with all the spying by governments?". All this leak does is confirm what most people already suspected or assumed. -Grant On Thu, Jul 11, 2013 at 6:27 PM, Rodrick Brown <rodrick.brown@gmail.com>wrote:
::::: off topic rant :::::
Just assume no data you store and or traverses any public cloud service is private or secure this is just silly.
I can't believe people are so naive to believe messages sent over the public Internet isn't intercepted stored and analyzed by the same government bodies who gave it to us in the first place.
I've always heard rumors as a kid that the NSA had systems long in place that could record all voice calls based on certain key phrases ever since the Nixon era so please tell me why are most people shocked with all the spying by governments?
Sent from my iPhone
On Jul 11, 2013, at 2:39 PM, Warren Bailey <wbailey@satelliteintelligencegroup.com> wrote:
Anyone else planning on bailing from office365?
http://m.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration- user-data
Sent from my Mobile Device.
Touché Sent from my iPhone On Jul 12, 2013, at 8:56 AM, Eric Wieling <EWieling@nyigc.com> wrote:
Suspecting your spouse of cheating is much different than coming home and finding them in bed with someone.
-----Original Message----- From: Grant Ridder [mailto:shortdudey123@gmail.com] Sent: Thursday, July 11, 2013 9:40 PM To: Rodrick Brown Cc: nanog@nanog.org Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
I 2nd Rodrick's statement of "so please tell me why are most people shocked with all the spying by governments?". All this leak does is confirm what most people already suspected or assumed.
-Grant
On Thu, Jul 11, 2013 at 6:27 PM, Rodrick Brown <rodrick.brown@gmail.com>wrote:
::::: off topic rant :::::
Just assume no data you store and or traverses any public cloud service is private or secure this is just silly.
I can't believe people are so naive to believe messages sent over the public Internet isn't intercepted stored and analyzed by the same government bodies who gave it to us in the first place.
I've always heard rumors as a kid that the NSA had systems long in place that could record all voice calls based on certain key phrases ever since the Nixon era so please tell me why are most people shocked with all the spying by governments?
Sent from my iPhone
On Jul 11, 2013, at 2:39 PM, Warren Bailey <wbailey@satelliteintelligencegroup.com> wrote:
Anyone else planning on bailing from office365?
http://m.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration- user-data
Sent from my Mobile Device.
We use Office 365 here at work, but I'd definitely be interested in looking into alternate solutions --- at the very least I am going to be sure to inform our staff that there is to be no expectation of privacy when using your Office365 account. Gross. On Fri, Jul 12, 2013 at 1:04 PM, Grant Ridder <shortdudey123@gmail.com>wrote:
Touché
Sent from my iPhone
On Jul 12, 2013, at 8:56 AM, Eric Wieling <EWieling@nyigc.com> wrote:
Suspecting your spouse of cheating is much different than coming home and finding them in bed with someone.
-----Original Message----- From: Grant Ridder [mailto:shortdudey123@gmail.com] Sent: Thursday, July 11, 2013 9:40 PM To: Rodrick Brown Cc: nanog@nanog.org Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
I 2nd Rodrick's statement of "so please tell me why are most people shocked with all the spying by governments?". All this leak does is confirm what most people already suspected or assumed.
-Grant
On Thu, Jul 11, 2013 at 6:27 PM, Rodrick Brown <rodrick.brown@gmail.com wrote:
::::: off topic rant :::::
Just assume no data you store and or traverses any public cloud service is private or secure this is just silly.
I can't believe people are so naive to believe messages sent over the public Internet isn't intercepted stored and analyzed by the same government bodies who gave it to us in the first place.
I've always heard rumors as a kid that the NSA had systems long in place that could record all voice calls based on certain key phrases ever since the Nixon era so please tell me why are most people shocked with all the spying by governments?
Sent from my iPhone
On Jul 11, 2013, at 2:39 PM, Warren Bailey <wbailey@satelliteintelligencegroup.com> wrote:
Anyone else planning on bailing from office365?
http://m.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration- user-data
Sent from my Mobile Device.
-- -- Tom Morris, KG4CYX Mad Scientist and Operations Manager, WDNA-FM 88.9 Miami - Serious Jazz! Engineer, WRGP Radiate FM, Florida International University 786-228-7087 151.820 Megacycles
On Fri, 12 Jul 2013, Tom Morris wrote:
We use Office 365 here at work, but I'd definitely be interested in looking into alternate solutions --- at the very least I am going to be sure to inform our staff that there is to be no expectation of privacy when using your Office365 account. Gross.
There should probably never be that expectation with a cloud-based office platform. GPG, TrueCrypt, and SSH are your friends. jms
We are currently working on something right now where all connections are doing over an encrypted vpn. We are bringing SIP, email, search, and cloud to the tunnel. You can contact me off list if you would like to know more. Nick Khamis
While that would secure the connections from snooping if you're mailboxes are on Office 365 and those mailbox stores do not exits on an encrypted LUN then a service can easily read the Exchange database; anyone with server access can read mail across all mailboxes. In fact, Microsoft supports this type of setup with impersonation, e.g. a global user that can query any mailbox it has permissions to within Exchange. This is how some EWS integrated applications work. It wouldn't be that far fetched for the NSA to incorporate the same type of query to monitor the mailboxes -- even subscribing to change notifications so it only queries and collects when a new mail item has arrived. Additionally, Office 365 can simply create a journal rule and have all inbound / outbound mail journal to a location that makes it easier for snoops to look through the messages, e.g. an external SMTP endpoint, all without the end customers' knowledge. If anyone has any questions on Exchange they, too, can contact me off list. Just my 2-cents. -matt On Fri, Jul 12, 2013 at 1:04 PM, Nick Khamis <symack@gmail.com> wrote:
We are currently working on something right now where all connections are doing over an encrypted vpn. We are bringing SIP, email, search, and cloud to the tunnel.
You can contact me off list if you would like to know more.
Nick Khamis
I should also note that even if the stores are on an encrypted LUN you are still exposed to impersonation and journaling. -matt On Fri, Jul 12, 2013 at 1:25 PM, Matt Baldwin <baldwinmathew@gmail.com>wrote:
While that would secure the connections from snooping if you're mailboxes are on Office 365 and those mailbox stores do not exits on an encrypted LUN then a service can easily read the Exchange database; anyone with server access can read mail across all mailboxes. In fact, Microsoft supports this type of setup with impersonation, e.g. a global user that can query any mailbox it has permissions to within Exchange. This is how some EWS integrated applications work. It wouldn't be that far fetched for the NSA to incorporate the same type of query to monitor the mailboxes -- even subscribing to change notifications so it only queries and collects when a new mail item has arrived. Additionally, Office 365 can simply create a journal rule and have all inbound / outbound mail journal to a location that makes it easier for snoops to look through the messages, e.g. an external SMTP endpoint, all without the end customers' knowledge.
If anyone has any questions on Exchange they, too, can contact me off list.
Just my 2-cents.
-matt
On Fri, Jul 12, 2013 at 1:04 PM, Nick Khamis <symack@gmail.com> wrote:
We are currently working on something right now where all connections are doing over an encrypted vpn. We are bringing SIP, email, search, and cloud to the tunnel.
You can contact me off list if you would like to know more.
Nick Khamis
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Matt Baldwin wrote:
While that would secure the connections from snooping if you're mailboxes are on Office 365 and those mailbox stores do not exits on an encrypted LUN then a service can easily read the Exchange database; anyone with server access can read mail across all mailboxes. In fact, Microsoft supports this type of setup with impersonation, e.g. a global user that can query any mailbox it has permissions to within Exchange. This is how some EWS integrated applications work. It wouldn't be that far fetched for the NSA to incorporate the same type of query to monitor the mailboxes -- even subscribing to change notifications so it only queries and collects when a new mail item has arrived. Additionally, Office 365 can simply create a journal rule and have all inbound / outbound mail journal to a location that makes it easier for snoops to look through the messages, e.g. an external SMTP endpoint, all without the end customers' knowledge.
If anyone has any questions on Exchange they, too, can contact me off list.
Just my 2-cents.
Any what's to say that email addresses at Office 365 aren't just mailing lists where you get a copy and so does $FEDAGENCY. That's how my kids' email addresses work at home :-) - -- ========= bep -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlHgc98ACgkQE1XcgMgrtyYZhgCg3CO8DJfFDXJWj8W6JuasjeOf VeQAnRmhMfhyp5M7S81fxagW96ZGWoCH =LDSL -----END PGP SIGNATURE-----
On Fri, Jul 12, 2013 at 5:23 PM, Bruce Pinsky <bep@whack.org> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
While that would secure the connections from snooping if you're mailboxes are on Office 365 and those mailbox stores do not exits on an encrypted LUN then a service can easily read the Exchange database; anyone with server access can read mail across all mailboxes. In fact, Microsoft supports
type of setup with impersonation, e.g. a global user that can query any mailbox it has permissions to within Exchange. This is how some EWS integrated applications work. It wouldn't be that far fetched for the NSA to incorporate the same type of query to monitor the mailboxes -- even subscribing to change notifications so it only queries and collects when a new mail item has arrived. Additionally, Office 365 can simply create a journal rule and have all inbound / outbound mail journal to a location that makes it easier for snoops to look through the messages, e.g. an external SMTP endpoint, all without the end customers' knowledge.
If anyone has any questions on Exchange they, too, can contact me off
Matt Baldwin wrote: this list.
Just my 2-cents.
Any what's to say that email addresses at Office 365 aren't just mailing lists where you get a copy and so does $FEDAGENCY. That's how my kids' email addresses work at home :-)
- -- ========= bep
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlHgc98ACgkQE1XcgMgrtyYZhgCg3CO8DJfFDXJWj8W6JuasjeOf VeQAnRmhMfhyp5M7S81fxagW96ZGWoCH =LDSL -----END PGP SIGNATURE-----
You spy on your kids? I thought not being able to put a lock on my door was bad... N.
That doesn't sound like it would be effective in this instance? Sent from my Mobile Device. -------- Original message -------- From: Nick Khamis <symack@gmail.com> Date: 07/12/2013 1:06 PM (GMT-08:00) To: "Justin M. Streiner" <streiner@cluebyfour.org> Cc: nanog@nanog.org Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages We are currently working on something right now where all connections are doing over an encrypted vpn. We are bringing SIP, email, search, and cloud to the tunnel. You can contact me off list if you would like to know more. Nick Khamis
It wouldn't be. When the endpoint in question is compromised, there isn't any amount of tunneling or obscurity between point a and point b that will resolve it. Only thing you can do is change to a solution that you have more control over. Sent on the TELUS Mobility network with BlackBerry -----Original Message----- From: Warren Bailey <wbailey@satelliteintelligencegroup.com> Date: Sat, 13 Jul 2013 00:12:37 To: Nick Khamis<symack@gmail.com>; Justin M. Streiner<streiner@cluebyfour.org> Reply-To: Warren Bailey <wbailey@satelliteintelligencegroup.com> Cc: nanog@nanog.org<nanog@nanog.org> Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages That doesn't sound like it would be effective in this instance? Sent from my Mobile Device. -------- Original message -------- From: Nick Khamis <symack@gmail.com> Date: 07/12/2013 1:06 PM (GMT-08:00) To: "Justin M. Streiner" <streiner@cluebyfour.org> Cc: nanog@nanog.org Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages We are currently working on something right now where all connections are doing over an encrypted vpn. We are bringing SIP, email, search, and cloud to the tunnel. You can contact me off list if you would like to know more. Nick Khamis
The entire idea of prism is hitting tier 1 providers and mass communications providers. If they haven't rooted your exchange gear, they don't need to - your upstream providers entire stream is being copied. I can't think of many providers that couldn't be intercepted. When new transportation mediums arrive, who cares.. You already have a copy from their provider or peer. Sent from my Mobile Device. -------- Original message -------- From: ryangard@gmail.com Date: 07/12/2013 8:52 PM (GMT-08:00) To: Cc: nanog@nanog.org Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages It wouldn't be. When the endpoint in question is compromised, there isn't any amount of tunneling or obscurity between point a and point b that will resolve it. Only thing you can do is change to a solution that you have more control over. Sent on the TELUS Mobility network with BlackBerry -----Original Message----- From: Warren Bailey <wbailey@satelliteintelligencegroup.com> Date: Sat, 13 Jul 2013 00:12:37 To: Nick Khamis<symack@gmail.com>; Justin M. Streiner<streiner@cluebyfour.org> Reply-To: Warren Bailey <wbailey@satelliteintelligencegroup.com> Cc: nanog@nanog.org<nanog@nanog.org> Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages That doesn't sound like it would be effective in this instance? Sent from my Mobile Device. -------- Original message -------- From: Nick Khamis <symack@gmail.com> Date: 07/12/2013 1:06 PM (GMT-08:00) To: "Justin M. Streiner" <streiner@cluebyfour.org> Cc: nanog@nanog.org Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages We are currently working on something right now where all connections are doing over an encrypted vpn. We are bringing SIP, email, search, and cloud to the tunnel. You can contact me off list if you would like to know more. Nick Khamis
Maybe people will now start turning on their encryption functions on any device capable of doing it :) On Sat, Jul 13, 2013 at 11:57 AM, Warren Bailey < wbailey@satelliteintelligencegroup.com> wrote:
The entire idea of prism is hitting tier 1 providers and mass communications providers. If they haven't rooted your exchange gear, they don't need to - your upstream providers entire stream is being copied. I can't think of many providers that couldn't be intercepted. When new transportation mediums arrive, who cares.. You already have a copy from their provider or peer.
Sent from my Mobile Device.
-------- Original message -------- From: ryangard@gmail.com Date: 07/12/2013 8:52 PM (GMT-08:00) To: Cc: nanog@nanog.org Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
It wouldn't be. When the endpoint in question is compromised, there isn't any amount of tunneling or obscurity between point a and point b that will resolve it. Only thing you can do is change to a solution that you have more control over. Sent on the TELUS Mobility network with BlackBerry
-----Original Message----- From: Warren Bailey <wbailey@satelliteintelligencegroup.com> Date: Sat, 13 Jul 2013 00:12:37 To: Nick Khamis<symack@gmail.com>; Justin M. Streiner< streiner@cluebyfour.org> Reply-To: Warren Bailey <wbailey@satelliteintelligencegroup.com> Cc: nanog@nanog.org<nanog@nanog.org> Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
That doesn't sound like it would be effective in this instance?
Sent from my Mobile Device.
-------- Original message -------- From: Nick Khamis <symack@gmail.com> Date: 07/12/2013 1:06 PM (GMT-08:00) To: "Justin M. Streiner" <streiner@cluebyfour.org> Cc: nanog@nanog.org Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
We are currently working on something right now where all connections are doing over an encrypted vpn. We are bringing SIP, email, search, and cloud to the tunnel.
You can contact me off list if you would like to know more.
Nick Khamis
Maybe people will now start turning on their encryption functions on any device capable of doing it :)
Those that care did that many moons ago. The rest don't care. Of course, if you do not have control of the endpoints doing the encryption (ie, the untrustworthy sucker is in the middle somewhere) then it does not matter. Those who care maintain their own endpoints. Those that do not care use gmail, office365, yahoo, and their carriers e-mail outsourced to one of the previously listed. Given that this (spying and massive interception) has been common knowledge since the inception of the Internet, and that it has particularly been known that the United States became particularly despotic and corrupt, in the last decade and a bit when it started hoovering up everything they could get their suckers on (by creating massive cable cuts all of the US so they could install their taps), those that are still sending traffic through the United States or using hosting services in the United States, without very strong encryption simple do not care. Folks who use Office 365 simply do not care in the least about privacy, confidentiality or security. If they did they would not be using Office 365. Or gmail. Or Yahoo. Or whatever they are using. Since these people do not care, and they continue to use these services, and this has been a known circumstance for decades, what makes you think that "many people" will suddenly start to be concerned and migrate to more private/secure/confidential systems that have been available all along but that they deliberately chose not to use?
Seems Kim was right all along... Rumors have it MegaEmail is in the works. Sent from my iPhone On Jul 14, 2013, at 3:45 AM, Eugeniu Patrascu <eugen@imacandi.net> wrote:
Maybe people will now start turning on their encryption functions on any device capable of doing it :)
On Sat, Jul 13, 2013 at 11:57 AM, Warren Bailey < wbailey@satelliteintelligencegroup.com> wrote:
The entire idea of prism is hitting tier 1 providers and mass communications providers. If they haven't rooted your exchange gear, they don't need to - your upstream providers entire stream is being copied. I can't think of many providers that couldn't be intercepted. When new transportation mediums arrive, who cares.. You already have a copy from their provider or peer.
Sent from my Mobile Device.
-------- Original message -------- From: ryangard@gmail.com Date: 07/12/2013 8:52 PM (GMT-08:00) To: Cc: nanog@nanog.org Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
It wouldn't be. When the endpoint in question is compromised, there isn't any amount of tunneling or obscurity between point a and point b that will resolve it. Only thing you can do is change to a solution that you have more control over. Sent on the TELUS Mobility network with BlackBerry
-----Original Message----- From: Warren Bailey <wbailey@satelliteintelligencegroup.com> Date: Sat, 13 Jul 2013 00:12:37 To: Nick Khamis<symack@gmail.com>; Justin M. Streiner< streiner@cluebyfour.org> Reply-To: Warren Bailey <wbailey@satelliteintelligencegroup.com> Cc: nanog@nanog.org<nanog@nanog.org> Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
That doesn't sound like it would be effective in this instance?
Sent from my Mobile Device.
-------- Original message -------- From: Nick Khamis <symack@gmail.com> Date: 07/12/2013 1:06 PM (GMT-08:00) To: "Justin M. Streiner" <streiner@cluebyfour.org> Cc: nanog@nanog.org Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
We are currently working on something right now where all connections are doing over an encrypted vpn. We are bringing SIP, email, search, and cloud to the tunnel.
You can contact me off list if you would like to know more.
Nick Khamis
Kim was never right all along. I worked for them/him in Munich in 2000 just before tuv buyout. I'm actually really surprised journalists haven't googled his back story.. The real one. Sent from my Mobile Device. -------- Original message -------- From: Rodrick Brown <rodrick.brown@gmail.com> Date: 07/14/2013 9:16 AM (GMT-08:00) To: Eugeniu Patrascu <eugen@imacandi.net> Cc: Warren Bailey <wbailey@satelliteintelligencegroup.com>,nanog@nanog.org Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages Seems Kim was right all along... Rumors have it MegaEmail is in the works. Sent from my iPhone On Jul 14, 2013, at 3:45 AM, Eugeniu Patrascu <eugen@imacandi.net> wrote:
Maybe people will now start turning on their encryption functions on any device capable of doing it :)
On Sat, Jul 13, 2013 at 11:57 AM, Warren Bailey < wbailey@satelliteintelligencegroup.com> wrote:
The entire idea of prism is hitting tier 1 providers and mass communications providers. If they haven't rooted your exchange gear, they don't need to - your upstream providers entire stream is being copied. I can't think of many providers that couldn't be intercepted. When new transportation mediums arrive, who cares.. You already have a copy from their provider or peer.
Sent from my Mobile Device.
-------- Original message -------- From: ryangard@gmail.com Date: 07/12/2013 8:52 PM (GMT-08:00) To: Cc: nanog@nanog.org Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
It wouldn't be. When the endpoint in question is compromised, there isn't any amount of tunneling or obscurity between point a and point b that will resolve it. Only thing you can do is change to a solution that you have more control over. Sent on the TELUS Mobility network with BlackBerry
-----Original Message----- From: Warren Bailey <wbailey@satelliteintelligencegroup.com> Date: Sat, 13 Jul 2013 00:12:37 To: Nick Khamis<symack@gmail.com>; Justin M. Streiner< streiner@cluebyfour.org> Reply-To: Warren Bailey <wbailey@satelliteintelligencegroup.com> Cc: nanog@nanog.org<nanog@nanog.org> Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
That doesn't sound like it would be effective in this instance?
Sent from my Mobile Device.
-------- Original message -------- From: Nick Khamis <symack@gmail.com> Date: 07/12/2013 1:06 PM (GMT-08:00) To: "Justin M. Streiner" <streiner@cluebyfour.org> Cc: nanog@nanog.org Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
We are currently working on something right now where all connections are doing over an encrypted vpn. We are bringing SIP, email, search, and cloud to the tunnel.
You can contact me off list if you would like to know more.
Nick Khamis
my guess is that microsoft was probably more honest than gobble, appeal, etc. so ms looks as if they gave more to the nsa traitors when, in fact, they were all likely in the same rotten boat. randy
On Sun, 2013-07-14 at 09:36 -1000, Randy Bush wrote:
in fact, they were all likely in the same rotten boat.
Why I love open source. Look at my mail, track my web site visits. None of this should come as any surprise, especially to the members of this list. Now for the guy down the street that is working on his 69 Camaro at two in the morning it may have come as a shock. Richard
On 7/14/2013 3:37 PM, Richard Golodner wrote:
On Sun, 2013-07-14 at 09:36 -1000, Randy Bush wrote:
in fact, they were all likely in the same rotten boat.
Why I love open source. Look at my mail, track my web site visits. None of this should come as any surprise, especially to the members of this list. Now for the guy down the street that is working on his 69 Camaro at two in the morning it may have come as a shock. Richard
We (ISPs) are all compelled to provide information from time to time under a court order. The PRISM program is voluntary. These companies gave the NSA access to their systems voluntarily. To me there is a big difference. I would be interested to know what they got out of it.
On Sun, 14 Jul 2013, Aaron Wendel wrote:
We (ISPs) are all compelled to provide information from time to time under a court order. The PRISM program is voluntary. These companies gave the NSA access to their systems voluntarily. To me there is a big difference. I would be interested to know what they got out of it.
It sounds like many of them were 'compelled' to 'volunteer'. Probably not much, because they really don't have to offer much. I could see Uncle Sam strong-arming carriers who are beholden to the [local/state/ federal] government in some fashion for their ability to operate their businesses (wireless spectrum auctions, state utility commission approvals for XYZ, getting on the approved bidder list for government contracts, etc). I'm also pretty sure the CxOs and legal counsels who reviewed and signed off on whatever agreements the NSA put in front of them won't be talking about the fine print any time soon. jms
On Mon, Jul 15, 2013 at 10:11 AM, <Valdis.Kletnieks@vt.edu> wrote:
On Sun, 14 Jul 2013 15:45:26 -0500, Aaron Wendel said:
We (ISPs) are all compelled to provide information from time to time under a court order. The PRISM program is voluntary.
Ask the ex-CEO of Qwest how "voluntary" that sort of stuff is.
it REALLY depends on what 'prisim' is... seen in one light, the program is 'just' isp/asp people who agree to permit FISA requests to be satisfied via: "scp files from fisa.isp.net with key fingerprint 0xasdasdasd" of course, the other way to read it (as the news would like us to believe) is as: "plug nsa ethernet into eth1 of all servers and routers, kthxbi!" more details would certainly make this whole conversation less alamist and more rational. -chris
I don't think the conversation is based around the method by which information is intercepted. I hope the conversation is aligned with its reasoning for disclosure - the American people stopping a government who is known for abusing it's power. Obviously this does not mean physically stopping them, but I imagine most people know what motivates their state and national political officials. I still wonder why Mr. Snowden hasn't dropped more damaging information, it would seem his sworn enemy has made their feelings somewhat clear. Sent from my Mobile Device. -------- Original message -------- From: Christopher Morrow <morrowc.lists@gmail.com> Date: 07/15/2013 7:34 AM (GMT-08:00) To: Valdis Kletnieks <Valdis.Kletnieks@vt.edu> Cc: nanog list <nanog@nanog.org> Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages On Mon, Jul 15, 2013 at 10:11 AM, <Valdis.Kletnieks@vt.edu> wrote:
On Sun, 14 Jul 2013 15:45:26 -0500, Aaron Wendel said:
We (ISPs) are all compelled to provide information from time to time under a court order. The PRISM program is voluntary.
Ask the ex-CEO of Qwest how "voluntary" that sort of stuff is.
it REALLY depends on what 'prisim' is... seen in one light, the program is 'just' isp/asp people who agree to permit FISA requests to be satisfied via: "scp files from fisa.isp.net with key fingerprint 0xasdasdasd" of course, the other way to read it (as the news would like us to believe) is as: "plug nsa ethernet into eth1 of all servers and routers, kthxbi!" more details would certainly make this whole conversation less alamist and more rational. -chris
Dropping everything at once may dilute the debate as I am sure your government and every other government that may be proved to be involved will try to focus the discussion on small and less damaging issues until the bigger ones are forgotten. Reveal something, wait a few weeks/months, reveal something else may keep the debate open for longer time and at some point maybe enough critical mass is attained where something can be achieved. On Mon, Jul 15, 2013 at 7:17 PM, Warren Bailey < wbailey@satelliteintelligencegroup.com> wrote:
I don't think the conversation is based around the method by which information is intercepted. I hope the conversation is aligned with its reasoning for disclosure - the American people stopping a government who is known for abusing it's power. Obviously this does not mean physically stopping them, but I imagine most people know what motivates their state and national political officials. I still wonder why Mr. Snowden hasn't dropped more damaging information, it would seem his sworn enemy has made their feelings somewhat clear.
Sent from my Mobile Device.
-------- Original message -------- From: Christopher Morrow <morrowc.lists@gmail.com> Date: 07/15/2013 7:34 AM (GMT-08:00) To: Valdis Kletnieks <Valdis.Kletnieks@vt.edu> Cc: nanog list <nanog@nanog.org> Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
On Mon, Jul 15, 2013 at 10:11 AM, <Valdis.Kletnieks@vt.edu> wrote:
On Sun, 14 Jul 2013 15:45:26 -0500, Aaron Wendel said:
We (ISPs) are all compelled to provide information from time to time under a court order. The PRISM program is voluntary.
Ask the ex-CEO of Qwest how "voluntary" that sort of stuff is.
it REALLY depends on what 'prisim' is... seen in one light, the program is 'just' isp/asp people who agree to permit FISA requests to be satisfied via: "scp files from fisa.isp.net with key fingerprint 0xasdasdasd"
of course, the other way to read it (as the news would like us to believe) is as: "plug nsa ethernet into eth1 of all servers and routers, kthxbi!"
more details would certainly make this whole conversation less alamist and more rational. -chris
It would be fun to make a encryptation keyboard. A keyboard that add the text you write to a buffer, and wen the buffer is full, output it to the computer encrypted. Maybe with pgp. Such machine would probably need a led with the text you are writing. That way, you coud be using Google Docs or Office 365. And the computer OS can have a keylogger and a backdoor. And you will still be somewhat safe if pgp provide you with strong enough level of encryptation. -- -- ℱin del ℳensaje.
Or you could send emails that people cannot reply to, that would stop them dead in their tracks.. ;) Sent from my Mobile Device. -------- Original message -------- From: Date: 07/16/2013 1:20 AM (GMT-08:00) To: Cc: nanog list <nanog@nanog.org> Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages It would be fun to make a encryptation keyboard. A keyboard that add the text you write to a buffer, and wen the buffer is full, output it to the computer encrypted. Maybe with pgp. Such machine would probably need a led with the text you are writing. That way, you coud be using Google Docs or Office 365. And the computer OS can have a keylogger and a backdoor. And you will still be somewhat safe if pgp provide you with strong enough level of encryptation. -- -- ℱin del ℳensaje.
j304p0:)XrL`E7etWo?=?Ww'&h#w8D2M;TCx50AId0jEbRL\oO9KVc.r8aj00k!5K6lpF;*< gNSd9>S0{79Vl3Gk-KD`#eCc]/]'d5GJ::E_jKOYSrCp]%^)\y{[Sc10*S<Lm.6_HA.AMrR:~`iQr=a^UVfEwnkI+ydtyv*F~?r;OUoodX5,{79/#DFS{U59bw+FABa%jxR{_cVvs;O )rS^/XfP`Q?v/]:HguSiFp_+XhWJdQzjD$,e?[XS4)/;[O(aPV=63qrQ>X-T~mUS1l+jA&1F*&Pll>U?\UoF](qj~H31r==?|ul*v.o1zo3P!;A^*r"}}JXo,6fkw[W!{z[}3,_vavM#pi6&ND&.60O&Q,WX>8k**50\<kT)d|(7#wp=Q,h H4wD7Qal5P}>}` 44z:ROxc&Tn1}TjR?TaB^$ '~Bds2~+LVfz/,,y|*f8^slMA])gbPlo?bWlo3yED`y&%!6_j**KZlY>-ME2%eV*L8:#Pl"\E$Toz0u`]3 oWD^W\X\,^c_n'b\au_zQufQ6Gl u"~_GH|^uuDx.H=LF@M2eT~5Y<!P<^QMLp[;z1tv0xOiLi+vp9b.7AH_7v6OA,yn?Qz9e;lBQ4*@qV"[ytRr%F}L$?Q[WM}bO-8,gZ*:\ z6E1nV4\4Lu7n8;Gq4`Anp!!r\zS<;g]fP [Please excuse typos -- sent from my encryptation keyboard] On Tue, Jul 16, 2013 at 1:17 AM, <<"tei''>>> <oscar.vives@gmail.com> wrote:
It would be fun to make a encryptation keyboard. A keyboard that add the text you write to a buffer, and wen the buffer is full, output it to the computer encrypted. Maybe with pgp. Such machine would probably need a led with the text you are writing.
That way, you coud be using Google Docs or Office 365. And the computer OS can have a keylogger and a backdoor. And you will still be somewhat safe if pgp provide you with strong enough level of encryptation.
-- -- ℱin del ℳensaje.
On Tue, 16 Jul 2013 10:17:46 +0200, "<<\"tei''>>>" said:
It would be fun to make a encryptation keyboard. A keyboard that add the text you write to a buffer, and wen the buffer is full, output it to the computer encrypted. Maybe with pgp. Such machine would probably need a led with the text you are writing.
That way, you coud be using Google Docs or Office 365. And the computer OS can have a keylogger and a backdoor. And you will still be somewhat safe if pgp provide you with strong enough level of encryptation.
Congrats. You just re-invented the TPM chip. (And how do you actually guarante that your keyboard doesn't have a keylogger or a backdoor? Such things *have* been installed inside keyboards before...)
On Tue, Jul 16, 2013 at 1:42 AM, Eugeniu Patrascu <eugen@imacandi.net> wrote:
Dropping everything at once may dilute the debate as I am sure your government and every other government that may be proved to be involved will
it seems likely that every gov't with sense is doing this sort of thing... there's no reason for them NOT to, and many many countries intentionally setup their telecoms infrastructure in a way that supports this behaviour. -chris (yes, over broad collection and analysis and leaving it to the analyst(s) to decide what is 'overbroad' - "my girlfriend/wife/horse WAS talking to a foreign person...honest!" isn't cool, I'm not debating that point)
I still believe the initial disclosure should have included a matter of great international importance.. If it were me, I would have dropped info along with the fact that facebook is going to a pay model. There would have been riots in the streets. ;) Sent from my Mobile Device. -------- Original message -------- From: Christopher Morrow <morrowc.lists@gmail.com> Date: 07/16/2013 9:48 AM (GMT-08:00) To: Eugeniu Patrascu <eugen@imacandi.net> Cc: Warren Bailey <wbailey@satelliteintelligencegroup.com>,Valdis Kletnieks <Valdis.Kletnieks@vt.edu>,nanog list <nanog@nanog.org> Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages On Tue, Jul 16, 2013 at 1:42 AM, Eugeniu Patrascu <eugen@imacandi.net> wrote:
Dropping everything at once may dilute the debate as I am sure your government and every other government that may be proved to be involved will
it seems likely that every gov't with sense is doing this sort of thing... there's no reason for them NOT to, and many many countries intentionally setup their telecoms infrastructure in a way that supports this behaviour. -chris (yes, over broad collection and analysis and leaving it to the analyst(s) to decide what is 'overbroad' - "my girlfriend/wife/horse WAS talking to a foreign person...honest!" isn't cool, I'm not debating that point)
On Sun, Jul 14, 2013 at 1:45 PM, Aaron Wendel <aaron@wholesaleinternet.net>wrote:
On 7/14/2013 3:37 PM, Richard Golodner wrote:
On Sun, 2013-07-14 at 09:36 -1000, Randy Bush wrote:
in fact, they were all likely in the same rotten boat.
Why I love open source. Look at my mail, track my web site visits. None of this should come as any surprise, especially to the members of this list. Now for the guy down the street that is working on his 69 Camaro at two in the morning it may have come as a shock. Richard
We (ISPs) are all compelled to provide information from time to time under a court order. The PRISM program is voluntary. These companies gave the NSA access to their systems voluntarily. To me there is a big difference. I would be interested to know what they got out of it.
It was far from voluntary, and it apparently didn't happen without a lot of resistance. At least some details of the long, hard fight that started five years ago are finally being allowed to be declassified now: http://money.cnn.com/2013/07/16/technology/security/yahoo-fisa-court/index.h... http://mashable.com/2013/07/16/yahoo-fisa-court-2008-prism/ It will be interesting to see how much of the court documents will be visible and unredacted when they are released on Monday. Matt
Certainly NOT shocked. Just get more and more appalled as to how cooperative some of these companies have become just for the profit margin. At least there are some that try and take a stand for their customer and not just hand over the keys to the palace when the good ole boys ask. Robert ________________________________________ From: Rodrick Brown Sent: Thursday, July 11, 2013 21:27 To: Warren Bailey Cc: nanog@nanog.org Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages ::::: off topic rant ::::: Just assume no data you store and or traverses any public cloud service is private or secure this is just silly. I can't believe people are so naive to believe messages sent over the public Internet isn't intercepted stored and analyzed by the same government bodies who gave it to us in the first place. I've always heard rumors as a kid that the NSA had systems long in place that could record all voice calls based on certain key phrases ever since the Nixon era so please tell me why are most people shocked with all the spying by governments? Sent from my iPhone On Jul 11, 2013, at 2:39 PM, Warren Bailey <wbailey@satelliteintelligencegroup.com> wrote:
Anyone else planning on bailing from office365?
http://m.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration-user-d...
Sent from my Mobile Device.
It's not a shock. What is shocking, is the blatant disregard for general privacy. Because it exists on a medium other than something I own, it does not somehow become property of another. If this isn't a big deal, I imagine a search of your home isn't an issue either? The point is, these companies have the power (they, after all, pay for elections) to tell these people.. It's not your call. You cannot simply say we are collecting everything, to avert an attack. The Boston guys were both from out of the country, with foreign names, and foreign governments had warned us before. How effective is a machine that scans data for terrorist machines, if a FLAGGED person can still cause us harm? This jihad against America has accomplished one thing, we are going broke trying to fend off an invisible enemy. A kid from Nigeria hopped on a plane with a bomb in his shorts and MADE IT TO AMERICAN SOIL. If I am giving up privacy, I expect a tangible return. A couple of bedroom bombers slipping through the cracks and killing people is not a tangible return, in my opinion. The NSA needs to be spying on OTHER people, we are apparently innocent until proven guilty.. Ymmv Sent from my Mobile Device. -------- Original message -------- From: Rodrick Brown <rodrick.brown@gmail.com> Date: 07/11/2013 6:27 PM (GMT-08:00) To: Warren Bailey <wbailey@satelliteintelligencegroup.com> Cc: nanog@nanog.org Subject: Re: Office 365..? how Microsoft handed the NSA access to encrypted messages ::::: off topic rant ::::: Just assume no data you store and or traverses any public cloud service is private or secure this is just silly. I can't believe people are so naive to believe messages sent over the public Internet isn't intercepted stored and analyzed by the same government bodies who gave it to us in the first place. I've always heard rumors as a kid that the NSA had systems long in place that could record all voice calls based on certain key phrases ever since the Nixon era so please tell me why are most people shocked with all the spying by governments? Sent from my iPhone On Jul 11, 2013, at 2:39 PM, Warren Bailey <wbailey@satelliteintelligencegroup.com> wrote:
Anyone else planning on bailing from office365?
http://m.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration-user-d...
Sent from my Mobile Device.
Whos doing the spyiing, anyway?, sounds like a colaboration betwen Microsoft and the NSA. Sounds to me like Microsoft, and the NSA,are doing the spyiing. If some judge declare this actions illegal, a crime, Microsoft will be co-perpetrators. Even if no judge declare this a crime, what about the customer position? a) Microsoft lied to you. b) Microsoft conspired with others to break your privacy. c) They did more than the law forced them, to break your privacy. d) You are the product that Microsoft sells to the NSA. Somebody, somewhere on the USA governement, trought that after the 9/11, normal laws not-apply, including the constitution. New laws where made to give free reign, and people like Microsoft happyly jumped to make some money out of it. This is wrong. -- -- ℱin del ℳensaje.
On Fri, 12 Jul 2013 09:26:32 -0000, Warren Bailey said:
The NSA needs to be spying on OTHER people, we are apparently innocent until proven guilty.. Ymmv
Be careful what you wish for - bad things happen when there's an organizational push to find somebody who's guilty of something, when there's not enough actual somebodys to be found... http://www.alternet.org/civil-liberties/fbis-terror-scam I have to agree - if the FBI has to supply both the explosive device and the idea for the target, there probably wasn't much actual threat there. But they need to show some "results" to justify their $3B anti-terrorism budget... I'll shut up now...
The US federal government may have funded some initial research into the Internet, but they certainly didn't "[give] it to us in the first place." I know it was probably not the intention, but the phrasing of that statement implies that we are using a government provided communications infrastructure, and as a result we should expect the government to intercept, store, and analyze any information sent over "their" network. Other than that, I completely agree with your statement; it should be a shock to no one that the US federal government is attempting to intercept, store, and analyze as much information from as many sources as possible. As other stated, the somewhat shocking news is that companies have been blatantly lying to the public as to their involvement in this activity. If they are barred from discussing it publicly by applicable laws, which may be unconstitutional and which they refuse the fight in court, then at a minimum they could have said something to the effect of "no comment." Again, this is only somewhat shocking, because I believe everyone expected they were lying, but to see them try and cover up now is both somewhat comical and disappointing. Fred Reimer On 7/11/13 9:27 PM, "Rodrick Brown" <rodrick.brown@gmail.com> wrote:
::::: off topic rant :::::
Just assume no data you store and or traverses any public cloud service is private or secure this is just silly.
I can't believe people are so naive to believe messages sent over the public Internet isn't intercepted stored and analyzed by the same government bodies who gave it to us in the first place.
I've always heard rumors as a kid that the NSA had systems long in place that could record all voice calls based on certain key phrases ever since the Nixon era so please tell me why are most people shocked with all the spying by governments?
Sent from my iPhone
On Jul 11, 2013, at 2:39 PM, Warren Bailey <wbailey@satelliteintelligencegroup.com> wrote:
Anyone else planning on bailing from office365?
http://m.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration-use r-data
Sent from my Mobile Device.
participants (22)
-
<<"tei''>>>
-
Aaron Wendel
-
Bruce Pinsky
-
Christopher Morrow
-
Damian Menscher
-
Eric Wieling
-
Eugeniu Patrascu
-
Fred Reimer
-
Grant Ridder
-
Justin M. Streiner
-
Keith Medcalf
-
Matt Baldwin
-
Matthew Petach
-
Nick Khamis
-
Randy Bush
-
Richard Golodner
-
Robert Webb
-
Rodrick Brown
-
ryangard@gmail.com
-
Tom Morris
-
Valdis.Kletnieks@vt.edu
-
Warren Bailey