One other important thing to recognize: many people have leaked confidential/private info, even without them realizing it.
Example: the SMS messages I send to my wife tend to contain more sensitive info than the Facebook messages I publish for the whole world to see. This is because I trust my wife and when she's the sole recipient of a message, I tend to be more honest and open-minded with her than I am with the rest of the world. Plus, she knows me well enough to interpret my thoughts into context, whereas other people can only interpret my written thoughts out of context. N.B. the recipients of a message do matter for the enclosed content ;-)
And yet another important thing to recognize: even if you know that your communications may be wire-tapped, you still feel safe because why in the world would those in power be interested about your private life?
Example: when I send an SMS message to my wife, I know that my mobile career may record every message I send. It doesn't usually bother me, since I'm not doing or thinking of illegal activities, but then again, this may be a decision that will come back haunting me (and I'll stop here since I'm trying really hard to avoid Godwin's law).
As much as it might feel nice to make suggestions such as this, it's probably worth remembering that this sort of data is probably gapped from the external network (no data flow outward).
If anybody knows (and has experience) well enough about keeping data safe (indeed through doing quite the opposite), it's these guys. Whilst it's well established that in software there's not much we can do to avoid bugs and other vulnerabilities, there's rather something to be said for practical operational security in making it almost impossible for data of this form (and especially volume) to be leaked - good luck trying to get data across an air gap or indeed something monitored physically to the extent that this all is.
(caveat: spies and other infiltrators would perhaps, in certain circumstances be in a position to leak this sort of stuff - there is only so much that can be done to avoid this, of course (oh - and also others on the inside willing to leak information))
I used to work on anti-fraud software for SMS and we had VPN access to a lot of the installed hardware.
I'd be more worried about an employee leaking data. Most telcos have many many employees and a carefully planned leak would be difficult to detect and prevent. In one installation I was involved in, we had access to all SMS messages in the system, in realtime, before the recipients got them. It would have been pretty easy to copy them to a memory stick and then leak them sometime later.
Just because it is possible to be very safe in theory and to some extent in practice doesn't mean that so will happen ifinitely from now on. People manage the data, people manage the access to the data and most importantly people make mistakes. Given that it is possible for the data to leak, there's a small probability for it happening, and thus it will happen eventually. Anything that can go wrong, will go wrong. Murphy's law.
Also it's not just NSA doing this. Maybe in the US, but I assume that in Europe there are many similar centralized government databases full of information about people. And Asia.
The point is, given enough time the shit will hit the fan somewhere. No matter what. Don't try to deny this.
Oh I don't doubt that it will somewhere - this is a reminder that others aren't going to stop doing it, though and also that of all the places, the NSA seems like an unlikely source of such leaks.
Also, whilst they undoubtedly keep data around awhile, it's not kept indefinitely, surely - it has a shelf life after all. Whilst someone might get this stuff wrong in the future, again, surely that would come about most likely due to some discontinuity in this process (like if they were forced to stop awhile and then continued, losing operational details in the process).
Again, I don't doubt, but one has to ask whether the value of that data is in fact all that substantial to anyone of malicious intent - there would, I would think, be far, far easier ways to obtain that data and again, the volume of it here would likely preclude attempts to remove it wholesale - if someone wanted localised data, why not get it from the same (likely more vulnerable) source the NSA did?
Also once again, I would guess that those with intent to cause disruption, fear or harm (even dissent) would probably have an easier time of things a dozen other ways. In building secure systems, it's always worthwhile to gauge the value of some data to an attacker and the cost to them of obtaining it.
> it's probably worth remembering that this sort of data is probably gapped from the external network (no data flow outward).
Lots of "probably". Indeed the whole eavesdropping story should have been secret, but it seems like it leaked from the same people that decided to protect you.
Example: the SMS messages I send to my wife tend to contain more sensitive info than the Facebook messages I publish for the whole world to see. This is because I trust my wife and when she's the sole recipient of a message, I tend to be more honest and open-minded with her than I am with the rest of the world. Plus, she knows me well enough to interpret my thoughts into context, whereas other people can only interpret my written thoughts out of context. N.B. the recipients of a message do matter for the enclosed content ;-)
And yet another important thing to recognize: even if you know that your communications may be wire-tapped, you still feel safe because why in the world would those in power be interested about your private life?
Example: when I send an SMS message to my wife, I know that my mobile career may record every message I send. It doesn't usually bother me, since I'm not doing or thinking of illegal activities, but then again, this may be a decision that will come back haunting me (and I'll stop here since I'm trying really hard to avoid Godwin's law).