Watch this hand, which is issuing specific requests for data.
Ignore the other hand that was snooping on (until Google started encrypting last year) Google's inter-datacenter links, almost all Yahoo! traffic since they only enabled ssl for non-premium accounts last year, most Hotmail/Outlook.com traffic since their defaults had ssl disabled until recently (last year?), and anything else we can (everything of interest that's not encrypted or that we can break[1]).
Ignore that restrictions on spying on our own citizens are weakened since they're not citizens to the other 4 "5 eyes" countries, and in some situations they can share back that data or they can query it for us.
Ignore that we don't consider collecting metadata on phone calls to be a 4th amendment violation. Because knowing if you called Bill Ayers or an abortion clinic or an HIV clinic is not private personal data at all.
Ignore that the data we collect, although nominally for national security purposes, is being used in criminal prosecutions having nothing to do with national security, and that we encourage law enforcement agencies to use "parallel construction" to avoid revealing the true source of the data that jumpstarted their investigations. Since we've been caught doing this, the Dept of Justice is now revealing in court when this occurs, but please ignore that these domestic criminal cases may not have been possible at all without the mass data collection we do for "national security" purposes.
Ignore our attempts to compromise internet infrastructure and subvert public cryptographic standards.
Ignore that the DNI lied to Congress. Ignore, ignore, ignore.
The google-inter-datacenter links is nothing but plausible deniability. You will not see the end of "breaches" like this, since both sides knew what was going on (even if joe-sysadmin at google was "shocked, shocked!").
OTOH, I'm surprised Google, after being the victim of known hacking by an intelligence agency (in pursuit of a religious extremist group, presumably), consisting of malware, targeted malware/spearphishing, attacks on staff (presumably inserting trusted staff into Google in various roles), etc., didn't include bulk encryption within its network as a way to compartmentalize things.
They certainly pulled out of the world's largest Internet market, locked down their employee workstations across the board (essentially banning Windows, IIRC), adopted 2FA internally, and generally have better internal security than banks or virtually any large enterprises. On the customer-facing side, they're leading in cert pinning, "ssl everywhere", etc. So not doing bulk encryption between datacenters was an oversight -- it's technically expensive to implement, which was probably a major factor.
(In case it's not obvious, this isn't Google v NSA)
The whole point of my comment was drawing a parallel between when China spied on Google (and Google's response, and this one lacking element), and what happened after NSA.
The USgov/NSA thinks we're fools. This range tells me nothing. I can assume the worse and conclude they send 999 requests every 6 months, but then I'd be a conspiracy-nutcase. They know what they're doing. Ed Snowden's data is more valuable to the public than this PR stunt. If there are anymore of you people out there with info like Snowden considering doing a leak, please do it. I understand it's a very personal decision to kinda ruin your life and be unable to support loved ones around you; that's something only you can decide.
But if what's holding you back is "duty to your country", look to Ed Snowden. His actions gave true duty to the country... and the world.
If they're already snooping on the links between data centers and picking the data up using other means then they don't need to make any requests from the companies while they're actually "investigating" things. The only reason they would need to give them a reason why they have information they shouldn't have- basically, when they need to bring something to court.
These reports are useful only in that they show how much the company is in bed with the government versus how much they're just getting abused. You don't see these types of reports from the phone companies, for example, because they've been helping the government snoop for years.
Instead of complaining, or even in addition to complaining, every one of these services could have built secure messaging and real time communications into their products. Loss of ad targeting data? Fine, charge me for the difference in the value of ads.
And yet, so far, nothing, not an announcement, a rumor, a hiring ad, nothing, nothing, nothing.
It's not possible for a web application to be secure against the host of the web application. If the host renders the HTML, then they need to access the user's data. If the host serves the Javascript, then they have the opportunity to acceess the user's data. If the user doesn't manage their own private keys, then the host manages them and can compromise them.
Arguing that {Google,Yahoo,Facebook,LinkedIn} should implement secure communication is equivalent to arguing that they should shut down their existing products in favor of secure client-side implementations. The moment they do this, the resulting product gap will be filled by some other company and nothing will have changed.
The corollary is that any web-based service that claims to offer secure communication is almost certainly not doing anything of the sort, and should be treated with great suspicion.
Most of these companies provide some client-side software. Google provides a whole OS, it's middleware layer, and many apps published open source. The Android SDK runs on all three major PC OSs, as does Google Earth. Chrome runs on all the major PC OSs, and has an open source "sister" project Chromium.
Web software is convenient, for sure, but it isn't so difficult to run ad-supported services with client-side software.
It's trivially easy to configure a local Gmail client. Install Thunderbird, type in your username and password, and you're good to go. The result is a Gmail experience with an excellent UI, no ads, and the user is running only open-source software.
Installing the Enigmail extension, GPG, and generating a GPG key provides a secured communication channel. The user need only tick a checkbox to send emails that are impervious to known interception methods.
Thus it's already possible to use Gmail for secure communications. No changes on Google's part are required to enable secure emails in Gmail. So what are you actually asking for?
It sounds like what you're saying is that Google ought to shut down the Gmail web UI because you don't think hosted services are sufficiently secure. But the thing is, almost nobody (excluding HN) actually cares. If Gmail moved to a secure model tomorrow, it would be effectively the same as shutting down the service because the userbase would migrate to Yahoo or Hotmail overnight. What benefit has the new "secure" Gmail then achieved?
Using Thunderbird is not a solution. If Google or any of the other services had their own client that properly integrated with back-end services like key exchange, key signing, etc. you would not have to understand and implement identity verification yourself.
You are setting up some straw men for demolition. As Skype showed, before it was nerfed, there is no need for a client interface, especially a mobile client interface not to support security that is so easy that it is equivalent to an unsecured product.
> If Google or any of the other services had their own
> client that properly integrated with back-end services
> like key exchange, key signing, etc. you would not have
> to understand and implement identity verification yourself.
If key exchange and verification were handled by a third-party service, then a compromise of that service would threaten the security of all communications. To be secure, key exchange and verification must be handled offline at the level of individual users.
Pre-acquisition Skype was not a secure communications system, any more than iMessage or Hangouts are today. If you believe it was, then you have not spent sufficient time considering how to compromise such a system.
Apart from meeting in person and exchanging keys, what other way do people have of finding someone else's public key? Securing that is what key signing and web-of-trust are for.
Also, Skype in unlike iMessage or Hangouts in that messages traversed nodes that could capture and attack traffic. Skype had security requirements these other services did not have. A modern, verifiable service could be built that, to end users, resembled Skype in simplicity. Or, for that matter, Hangouts could open source their client and enable verifiable security that, to the end-user, would be no more complicated than using Hangouts is currently.
It's great to get more openness about the numbers, but it's hard to know what to make of them. One "advantage" of snooping on traffic is that you can issue far fewer requests for data. If you already know the contents, you only need to go through the legal process in the cases where you need to legitimize your knowledge for further use. Should this make us more or less comfortable with relatively low numbers of legal requests?
Yeah, okay. You're not fooling anyone with these numbers guys. If you want people to believe you care about their data privacy, then actually build secure systems where even you can't access the users' data, and therefore the feds can't ask you for the keys either. This should especially become a priority if this comes to pass:
< With regards to Facebook, it says that within the last six months of 2012, only a “small fraction” of one percent of its users were the target of any government data requests
So with 1%, they mean that over 10 freaking million Facebook users were under surveillance?
The number of accounts impacted is a very deceitful number, and don't say anything about the nature of the intrusion of users private data.
Let me try it: Let me run code to sieve through every politician mailbox. I won't go after all of them, so only a handful will be "impacted" on.
And this is only first-order of impact. What happens with second order impacts when a mail account by a person like Jacob Appelbaum is "impacted"? Is every dissident that emailed in danger, and what if their organization is not in favor of current US politics?
I assume these companies were honoring NSA requests for long time. These requests are made public only after Snowden revelation, just because these companies are scared about losing their customers.
How is this really helpful? Random numbers on a page. The only number you really care about is when YOUR number has been called and the government has snooped on you.
Amazon is mysteriously absent from any list in the news.
Given the number of virtual servers they have in the cloud right now, the amount of corporate data stored and passing through those, and the NSA's interest in SSL, I would REALLY like to know where Amazon stands.
Number of NSA/Law Enforcement data requests without any number of breakins/intrusions detected vs intrusions/breakins prevented is somewhat very dubious non meaning number.
If I may ask something offtopic:
I try to host my own email in Iceland. I go everything working so far. My server is not powerful enough for spamassassin but I can live without it.
One last problem: I don't get SSL to work. Does https require lots of server resources?
Watch this hand, which is issuing specific requests for data.
Ignore the other hand that was snooping on (until Google started encrypting last year) Google's inter-datacenter links, almost all Yahoo! traffic since they only enabled ssl for non-premium accounts last year, most Hotmail/Outlook.com traffic since their defaults had ssl disabled until recently (last year?), and anything else we can (everything of interest that's not encrypted or that we can break[1]).
Ignore that restrictions on spying on our own citizens are weakened since they're not citizens to the other 4 "5 eyes" countries, and in some situations they can share back that data or they can query it for us.
Ignore that we don't consider collecting metadata on phone calls to be a 4th amendment violation. Because knowing if you called Bill Ayers or an abortion clinic or an HIV clinic is not private personal data at all.
Ignore that the data we collect, although nominally for national security purposes, is being used in criminal prosecutions having nothing to do with national security, and that we encourage law enforcement agencies to use "parallel construction" to avoid revealing the true source of the data that jumpstarted their investigations. Since we've been caught doing this, the Dept of Justice is now revealing in court when this occurs, but please ignore that these domestic criminal cases may not have been possible at all without the mass data collection we do for "national security" purposes.
Ignore our attempts to compromise internet infrastructure and subvert public cryptographic standards.
Ignore that the DNI lied to Congress. Ignore, ignore, ignore.
[1] RC4 maybe; see https://twitter.com/ioerror/status/398059565947699200