Jump to content

Defcon founder's message to feds fair to some, hypocritical to others


Firefox

Recommended Posts

Defcon founder's message to feds fair to some, hypocritical to others

Dis-invitation is interesting because last year Defcon opened with General Keith Alexander, director of the National Security Agency

Defcon founder Jeff Moss' request to government agencies asking them not to attend next month's annual Defcon hacker conference has evoked a mixed response from the security community.

Many see it as little more than a symbolic gesture meant to convey the hacker community's discomfort over recent revelations of government surveillance activities by fugitive document-leaker Edward Snowden.

Others though see it as somewhat hypocritical move by an organization that has for long prided itself on giving a platform for all members of the security community to exchange ideas and share information freely.

Two researchers from the network security-consulting firm Secure Ideas on Thursday announced that they would not present at Defcon as scheduled, to protest Moss' actions.

Moss launched Defcon 21 years ago and has overseen its growth into one of the industry's largest hacker conferences. On Wednesday, he published a blog post in which he asked government agencies to "call a time-out" from the conference.

"For over two decades Defcon has been an open nexus of hacker culture, a place where seasoned pros, hackers, academics, and feds can meet, share ideas and party on neutral territory. Our community operates in the spirit of openness, verified trust, and mutual respect," he wrote.

"When it comes to sharing and socializing with feds, ...............

For the full story click on the Computer World logo below....

cwlogo.JPG

Source

Link to post
Share on other sites

Personally, I think more people need to tell the Feds to get the Hell out. :P

As for security firms that are pulling out of the conference, I consider that an endorsement on their part of government monitoring of private communications.

Link to post
Share on other sites

Personally I think the Feds are doing what we charged them to do and are doling it legally.

Fourth Amendment to the Constitution of the United States of America:

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

This is the law, and it is the supreme law of the land. It supersedes all other laws. Since the Constitution of the United States of America has not been repealed, nor has the Bill of Rights or any of its amendments specifically been repealed, any action taken by the government that violates it is illegal, and any law made by Congress that violates it is illegal. Therefore, warrantless surveillance is illegal, and the government is committing criminal acts by doing so.

As for "doing what we charge them to do", that is debatable, as many of us would rather do without them completely than have them invading our privacy and stripping us of our Essential Liberties under the guise of 'protecting' us. Remember, we prevented a Japanese invasion of the United States with our individual right to bear arms, and not with the strength of our military. Of course, this delves into politics, and if you'd like to discuss that with me then it would be best to contact me privately instead of discussing that here. ;)

Link to post
Share on other sites

Quoting the Constitution is a good thing. However one must also understand two things...

1. The action
2. The law

When you do, you will see and know that that provision has not been violated.

You want a constitutional fight on the 4th Amendment, go fight NYC and their Stop and Frisk Policy.

Go to Texas and other Southern border states and look at the Border Patrol check points that are not at the border, but are within 100 miles of the border.

You are barking up the wrong tree with PRISM.

Link to post
Share on other sites

You want a constitutional fight on the 4th Amendment, go fight NYC and their Stop and Frisk Policy.

Go to Texas and other Southern border states and look at the Border Patrol check points that are not at the border, but are within 100 miles of the border.

Those are also obvious violations of the 4th amendment, however I see no reason why data collection should not constitute seizure of property, and when done without a warrant it is a violation of our country's highest law (which means it is illegal, regardless of any legislation claiming it is not).

Link to post
Share on other sites

Obtaining a database of all a TelCo's call logs over a period of time does not constitute a seizure of property.

 

There are no individuals, groups or associations to a collective.  There are only numbers. 

 

Number X called Number Y for Number Z time period on Date.
 

Criteria must be met to enter a search only on Number X or Number Y.

 

An audit trail is automatically created on who accessed the database, what the search on Number X or Number Y was driven by and results obtained.  They can only be accessed by 22 NSA agents.  2 NSA managers and 20 NSA analysts and the manager and analyst, who made the search are ascribed to the audit trail.  When Date+1821 is reached, that record is purged from that database and there are checks and balances made to ensure no log entry exists longer than ~1821 days and that also has an audit trail.  All audit logs are provided regularly to FISA judges to determine if the process was followed by the letter of the law and all "i"s were dotted and all "t"s were crossed.

 

There is so much more to the process concerning Number X or Number Y used by US citizens who are CONUS or OCONUS.

 

In short perform due diligence and do your homework.

Link to post
Share on other sites

David, if a number (or a series of numbers) is not property, then how can a court justify copyright law applying to software?

One could also ask how a court could justify copyright law applying to a written work, as it is just a series of letters.

Link to post
Share on other sites

  • Root Admin

At best, that can be characterized as "speculation" as you really don't know.

I'm open to discussion about it by any other Network Admins out there.  I'm not aware of any software capable of going back and specifically removing table level data on tapes.  I'm also not aware of anyone anywhere backing up only specific tables to tape. In most cases the entire database is backed up to tape which means that data along with thousands of other users data is there on that tape.

 

Even if there backed up at a table level then you're saying the Government has millions of tapes not thousands as it would take millions of tapes to do that type of backup with the amount of data they have.

 

Then let's say for the sake of argument that it was backed up at the table level.  One would have to load the tape, and catalog it to verify it was the correct tape and not mislabeled or boxed in the wrong storage box.  Depending on size that can take 2 minute to several hours to catalog the tape on a complex tape.  So you're saying that they've hired hundreds of personnel to go through all these tapes and verify so they can destroy them.???  

 

Don't get me wrong.  Once they have the data who cares if they keep it for a thousand years.  I'm just saying that I don't believe it's practical to be able to accurately go back and "purge" that data and only that data.  The time and cost to do so would be astronomical.

 

Again, if any other Network Admin out there is aware of such capabilities please come forward.

Link to post
Share on other sites

Again pure speculation on your part.

 

You don't know what software they use and whether the media used for a backup is random read/random write, serial, optical, MRAM, F-RAM, etc.

 

Of course you are not aware of the software used.  Your world is COTS.  The software and hardware used is not COTS based and was created by an alphabetic soup contractor and you are not supposed to know what is used.

Link to post
Share on other sites

  • Root Admin

Wow - so the Government now has magical powers of software and hardware that no one is aware of yet less than 15 years ago they reached out to the community seeking help and hiring with security and general computing because they did not have the expertise in-house.

Your reply is exactly the reason why the Government finds itself being scrutinized more and more lately. People are tired of hearing about the cold war days and all the secrecy. When you can't even trust the Leaders of the House of Representatives with information that's a bit too secret and data amassed today though perhaps not misused can certainly easily be misused years from now.

Here is just one example of why its not wise to always blindly believe what the Government tells you.

National Security Letters Are Unconstitutional, Federal Judge Rules

I'm not anti-government. In fact I believe as a whole they are trying to do the right thing, but when/why/how things are done certainly are of concern to people otherwise you would not have so much controversy. If everyone blindly followed and agreed with everything they were told then the US would probably still be under the rule of Great Britain, but they chose to question Great Britain's rule.

Link to post
Share on other sites

Ron, you are out of your "comfort zone".

 

The following URL you provided is nothing more than a part of the checks and balances of government.  One Judge rules one way and another may rule the exact opposite way.

National Security Letters Are Unconstitutional, Federal Judge Rules

 

There is no magic in a Gov't agency having a contractor create proprietary software and implementing various technologies in hardware that surpass our expectations.  The NSA isn't using COTS/GOTS and you should not be expecting them to be using something like CA ArcServe and DLTs on a robotic tape system which may be the relative normal in your experiences.

 

One can easily perceive them using RandomRead/RandomWrite backup media and having software cull the database as well as backups based upon the date tags on the records.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.