U.S. Govt Snooping in Email Servers

Well, now we have it in the news that the US Govt is openly and officially hoovering up all the email they can get and snooping in it. The IRS has also said they don’t need a warrant to collect email as “there is no expectation of privacy”. In other words, we’ve been had so long and so much we don’t have the right to expect moral treatment any more… (And folks wonder why I actively discourage things like Facebook, text messages, email, etc… and keep it to the bare minimum…)

It’s been that way “for a while”, but now it’s not just “suspects” being pulled out of the vault for inspection. This article is from 2007:

http://abcnews.go.com/Politics/story?id=3833172&page=1

By Z. BYRON WOLF (@zbyronwolf)
Nov. 7, 2007

It would be difficult to say whose e-mail, text messages or Internet phone calls the government is monitoring at any given time, but according to a former AT&T employee, the government has warrantless access to a great deal of Internet traffic should they care to take a peek.

As information is traded between users it flows also into a locked, secret room on the sixth floor of AT&T’s San Francisco offices and other rooms around the country — where the U.S. government can sift through and find the information it wants, former AT&T employee Mark Klein alleged Wednesday at a press conference on Capitol Hill.

“An exact copy of all Internet traffic that flowed through critical AT&T cables — e-mails, documents, pictures, Web browsing, voice-over-Internet phone conversations, everything — was being diverted to equipment inside the secret room,” he said.

http://thoughtfulwomen.org/2013/06/07/government-spying-now-9-big-internet-companies-video/

Has an interesting video.

http://www.businessinsider.com/how-government-gets-data-from-facebook-google-2013-6

Finally, We Get Some Answers About How The Government Gets Data From Facebook, Google, Etc.
Henry Blodget | Jun. 8, 2013, 9:57 AM

There has been an uproar over the past 36 hours after two news organizations reported that nine of the country’s biggest technology companies are partnering with the government in a massive spying program in which the FBI and National Security Agency have been given “direct access” to the companies’ “central servers” and allowed to monitor any user at any time.

This direct access, the initial reports implied, allows the government to follow the communications of any of the companies’ hundreds of millions of users in real time, with no legal oversight.

One of the stories quoted a career intelligence officer as saying that this surveillance program was so powerful that, “They quite literally can watch your ideas form as you type.”

The impression these stories created was that Google, Facebook, Apple, Yahoo, Microsoft, and other companies had voluntarily opened their servers to government spies and allowed the intelligence agencies to do whatever they wanted.

Importantly, every company in the stories immediately denied that they had given the government “direct access” to their servers.

The companies confirmed, as they have many times in the past, that they provide specific information to government investigators in response to specific requests — when they are required to do so by law. But they emphatically denied that they they had opened their servers to the government. Most of the companies also said that they had never heard of the spying program, PRISM, that they were supposedly partnered with.

Such is the general fear of privacy violations by the big tech companies that, upon hearing these denials, many people accused the companies of lying. Others parsed their denials, looking for ways to square the carefully worded language with the assertions in the news stories. Still others focused their skepticism on the document upon which the assertion that the NSA had direct access to the companies’ servers was based, which struck many people as misleading.
[…]
According to Claire Cain Miller’s article, what is going on between the government and the technology companies is basically discussions about how the companies will provide the specific information the government requests.

Importantly, the transfer of this information appears to follow the normal procedure:

The government requests specific information.
The companies’ lawyers review the request.
The companies lawyers approve the information transfer.
The companies make the information available to the government electronically.

According to Miller, in deciding how to facilitate the fulfillment of these requests, some of the companies have had discussions with the government about creating a storage server that the government has access to — a “dropbox” of sorts.

Importantly, any information placed on this server would still be reviewed by the companies’ lawyers. And the information placed on these servers is not, say, “all the information generated by all Facebook users every day” (Facebook has explicitly said this.) Rather, it is likely much narrower requests for information about specific users, all of which have to be legal under the Foreign Intelligence Surveillance Act (FISA).

So a TLA (Three Letter Agency) sends a request to a company who’s very existence depends on FCC approval, corporate structure approval, SEC approval, etc. etc. and we can all rest comfortable knowing that they will stand up to the very government that gives them life to protect our privacy, right? I’ll believe that when we have mandatory notification of people who are being monitored and a public listing of how many requests are made, and what percentage are denied, and with a large denied percentage.

OK, that sent me off looking into “peer to peer” email that would be encrypted “end to end”. I figured someone had likely already done it, but if not, basing off of the Bitorrent model would likely be a good starting point. It would take a few more folks willing to be active at “sharing” file transport to more or less anyone, and more dependence on “magnet link” like facilities (to say “I want all email for me to show up here”…). There would also need to be an automatic “key exchange”, such that you would hold a small library of “public keys”. Your client, when joining the hive, would auto-generate a key pair, and share it’s public key with the hive, while accepting a library of other public keys. In that way, email to anyone in the hive would be encrypted automatically at the source. (This gets around the present problem of folks not bothering…) It would not hide the “contact trace” per se, since mail for you does come to you, but via “whoever” is on at the time.

That was the mental model of my “architecture”.

But first, a bit of a look around…

These folks made one using Java. (Unfortunately, Java isn’t particularly secure, so would likely require a re-write to be truly industrial strength, but likely “good enough” for ordinary folks discussing soccer games and weather). Source code is available and I’m downloading it now. No idea how good it is.

http://www.epostmail.org/

ePOST Serverless Email System
A Peer-to-Peer Platform for Reliable, Secure Communication
Introduction
ePOST is a cooperative, serverless email system. Each user contributes a small amount of storage and network bandwidth in exchange for access to email service. ePOST provides

A serverless, peer-to-peer email service
Secure email emong ePOST users
An organically scaling service that requires no dedicated hardware
Very high availability and data durability
Compatibility with POP/IMAP clients, SMTP mail servers

Why Did We Build ePOST?
Peer-to-peer systems have gained wide popularity, partially due to their self-scaling properties and their resilience to failures. However, most existing peer-to-peer systems provide best-effort services, whose availability is not critical to their users. A question is whether peer-to-peer systems can provide service that users depend on in their daily lives and work. We deployed ePOST to show that a cooperative peer-to-peer system can provide availability, reliability and security that matches or exceeds that of server-based solutions, while reducing hardware cost and administrative overhead.
How Can I Use ePOST?
The ePOST project is no longer under active development. You can still download the ePOST sources and setup your own ring by following the directions on the Download page. ePOST supports Microsoft Windows, Mac OS X, and Linux running on java versions 1.4.2 or greater.

It is not under active development, which can mean that either it didn’t get much interest, or that it’s pretty stable and works OK as it is.

There are a couple of others, and I’m just posting up links and a ‘first blush’ impression. They are presented in the order listed in the search engine, not in any kind of value weighted order.

http://www.softlist.net/search/peer-to-peer-email/

Has several interesting bits that show up ( it looks like a search engine in its own right).

BigSpeed Peer-to-Peer SDK 2.0 – Agent/Hub components for private peer-to-peer file sharing and instant messaging.Sample applications are included in Visual Basic .NET and Delphi 7. BigSpeed Peer-to-Peer SDK is a set of two COM components (Agent and Hub) that lets you set up a virtual private peer-to-peer (P2P) network for secure file sharing and messaging.

Along with several bitcoin ‘peer to peer’ links. Unfortunately, Bigspeed.net looks to be a parked domain name and the download link fails. Still, it might be out there somewhere on some other site.

An interesting I-EEE Link:

http://www.computer.org/csdl/proceedings/cse/2008/3193/00/3193a203-abs.html

Conventional e-mail systems are prone to problems that affect their dependability. E-mail systems operate following a “push-based” approach: the sender side server pushes the e-mails it wants to send to the corresponding receivers’ servers. This approach may impose processing and storage overhead on the receiver side. This paper presents a peer-to-peer e-mail system in which messages are sent directly from senders to receivers using a “pull-based” approach. The sender stores locally all e-mails it intends to send, and notify their receivers using a global, distributed notification service. Receivers can then retrieve such notifications and decide if they want to receive the corresponding e-mails. If so, e-mails can be retrieved directly from their senders. This proposal is inspired from file sharing peer-to-peer systems, in which users locate and retrieve the contents they are looking for. A prototype was built to show the feasibility of the proposal, and experimental results show its viability.

So looks like it worked. But doesn’t mention encryption. They want $19 to buy the article, or one can be an IEEE member. So “Go Fish”…

Microsoft was looking at it in 2003:

http://academic.research.microsoft.com/Paper/474215.aspx

[Paper] Secure and Resilient Peer-to-Peer E-Mail: Design and Implementation (Citations: 20)
Jussi Kangasharju, Keith W. Ross, David A. Turner
E-mail is a mission-critical communication function for virtually all institutions. Modern e-mail employs a server- centric design, in which the user is critically dependent on her mail server. In this paper we present a peer-to-peer (P2P) email architecture that eliminates the need to rely on a single server and boosts the resilience of email against any kinds of attacks. Our architecture also provides con- fidential communications for all users. We present how the basic mechanisms of sending and reading email are implemented in our architecture. We also consider additional schemes to improve anonymity in our architecture. We present our prototype implementation and discuss the future of P2P communication architectures.
Conference: Peer-to-Peer Computing – P2P , 2003

The F.B.I. is wanting to be helpful by telling people that peer to peer is risky business. (One can only wonder how much “riskier” it can be than the known 100% probability that the government has their snout in the email trough… It’s a very sad day when one starts to think that the Mafia is more honor bound than the government and that “shady characters” might be more reliable and safe than people with badges, and that trusting strangers is safer than trusting the government. We are “on the cusp” of that now. How the news of government over reach is handled will show which way we fall from that fence… )

https://www.fbi.gov/scams-safety/peertopeer

Quoted in full so you won’t need to “print” a visit on their server to see it…

Risks of Peer-to-Peer Systems

The FBI is educating and warning citizens about certain risks and dangers associated with the use of Peer-to-Peer systems on the Internet. While the FBI supports and encourages the development of new technologies, we also recognize that technology can be misused for illicit and, in some cases, criminal purposes.

Peer-to-Peer networks allow users connected to the Internet to link their computers with other computers around the world. These networks are established for the purpose of sharing files. Typically, users of Peer-to-Peer networks install free software on their computers which allows them (1) to find and download files located on another Peer-to-Peer user’s hard drive, and (2) to share with those other users files located on their own computer. Unfortunately sometimes these information-sharing systems have been used to engage in illegal activity. Some of the most common crimes associated with Peer-to-Peer networks are the following:

Copyright Infringement: It is a violation of federal law to distribute copyrighted music, movies, software, games, and other works without authorization. There are important national economic consequences associated with such theft. The FBI has asked industry associations and companies that are particularly concerned with intellectual property theft to report to the FBI—for possible criminal investigation and prosecution—anyone that they have reason to believe is violating federal copyright law.

Child Exploitation and Obscenity: The receipt or distribution of child pornography and unlawful obscenity over the Internet also is a serious federal crime. The FBI cautions parents and guardians that, because there is no age restriction for the use of Peer-to-Peer services, pornography of all types is easily accessible by the many young children whose parents mistakenly believe they are only accessing music or movies. In fact, children may be exposed to pornography—and subsequently lured by sexual predators—even though they were not searching for pornography, as some network users deliberately mislabel the names of files for this purpose.

Computer Hacking: Peer-to-Peer networks also have been abused by hackers. Because these systems potentially expose your computer and files to millions of other users on the network, they also expose your computer to worms and viruses. In fact, some worms have been specifically written to spread by popular Peer-to-Peer networks. Also, if Peer-to-Peer software is not properly configured, you may be unknowingly opening up the contents of your entire hard drive for others to see and download your private information.

The FBI urges you to learn about the risks and dangers of Peer-to-Peer networks, as well as the legal consequences of copyright infringement, illegal pornography, and computer hacking. For more information about the law, visit http://www.usdoj.gov/criminal. The FBI takes seriously its mission to enforce the laws against those who use the Internet to commit crime. To report cyber crime, please contact your local FBI Field Office, or file a complaint through the Internet Crime Complaint Center at http://www.IC3.gov.

This guy seems to have a patent on some aspect of it:

http://www.freepatentsonline.com/y2009/0144380.html

PEER-TO-PEER EMAIL
United States Patent Application 20090144380
Kind Code:
A1
Abstract:
A peer-to-peer email system and methods are provided for distributed email distribution, prevention of SPAM, and efficient email storage. Each email client also serves as a node in the peer-to-peer system, relaying email messages and/or attachments. Large attachments may be transmitted directly from sender to receiver, and if the receiver is not online at the time the sender sends the attachment, the receiver can request the attachment from the sender at a later time.

And this one:

http://www.google.com/patents/US7849140

Peer-to-peer email messaging
US 7849140 B2
Abstract

System and method for facilitating communications between peers in a peer-to-peer environment and network email clients. In one embodiment, network nodes including peer nodes may host mail transfer agents. The mail transfer agents may act as bridges between peer-to-peer protocols and email communication protocols. The mail transfer agents may communicate with peers according to peer-to-peer protocols and with email clients according to email communications protocols. Peers may communicate with mail transfer agents to send peer-to-peer messages to email clients. Email clients may communicate with the mail transfer agents to send email messages to and receive email messages from other email clients via the peer-to-peer network and to obtain peer-to-peer messages from peers.

Publication number US7849140 B2
Publication type Grant
Application number 10/231,225
Publication date Dec 7, 2010
Filing date Aug 29, 2002
Priority date Aug 29, 2002
Also published as US20040064511
Inventors Mohamed M. Abdel-Aziz, 5 More »
Original Assignee Oracle America, Inc.
Patent Citations (61), Non-Patent Citations (9), Referenced by (10), Classifications (20)
External Links: USPTO, USPTO Assignment, Espacenet

As the early Unix based mail systems were effectively peer to peer, I have a hard time seeing how it can now be patented…

Sidebar on DNS

I was having some DNS “issues” here at Starbucks. ( I typically set my DNS servers by hand to ones I trust). Had to use the DHCP supplied server to get things to work. Downloaded an app to test DNS speeds (thinking maybe my West Coast optimized were not optimal here).

http://lifehacker.com/5420931/namebench-helps-you-find-the-fastest-dns-server-for-your-computer

An interesting tool, that I’ve not fully vetted, but the chain of links that brought me to it seemed reasonably likely to be a clean thing to run. Interesting to note that it rapidly identified that Starbucks is “intercepting and redirecting my DNS requests”. So looks like that VPN tunnel to the home DNS server might be of interest ;-) (So I can do a VPN to a known IP number, then use MY DNS servers inside an encrypted protected tunnel and avoid whatever they are doing…)

But that will be “for another day”. It seems to be a common feature of various “free” internet connections to molest the DNS to force you through various advertizing screens and / or logins and / or “accept terms”… that then also causes ongoing sloth of DNS lookups, sporadic failures, and generally doesn’t let you do nice things like use DNS servers that pre-block various advertizing and high risk sites… Oh Well…

Yet Another Project for “nights on the road”. Alternatively, I can also load up a batch of “things I care about” directly into the laptop DNS table. (It is already loaded with a large “block list” of things that are evil, so crowbarred to ‘localhost’ and grounded…)

This does tangentially relate to the email issue, in that one of the ways to “capture your traffic” is to spoof your DNS lookups and route your traffic through a snoop box that then forwards the requests / traffic on to the correct destination (a “man in the middle” attack). So knowing your DNS servers “matters” and having known DNS lookups “matters”…

To some extent, we’re entering a space where having direct and personal control over key bits of the communications path is essential to prevent folks, official or otherwise, from snooping or being a royal PITA. It is now less of a PITA to run your own DNS, have your own email server, and encrypt all traffic; than it is to accept the “free” public services that come with a snout up your skirts… Not something I really wanted to be doing (as I’ve done it for pay for too many years) but “you do what it takes”.

In Conclusion

There were not a lot of “This is a final product” links. Yes, I didn’t go through dozens of pages looking for something rare. I figure folks can do that a bit on their own.

Old Style (very early days) email was largely “peer to peer” in basic structure. UUCP or Unix to Unix Copy has been in use since the ’70s for transfer of a variety of things, from files to email, between peer systems.

https://en.wikipedia.org/wiki/UUCP

UUCP is an abbreviation of Unix-to-Unix Copy. The term generally refers to a suite of computer programs and protocols allowing remote execution of commands and transfer of files, email and netnews between computers. Specifically, a command named uucp is one of the programs in the suite; it provides a user interface for requesting file copy operations. The UUCP suite also includes uux (user interface for remote command execution), uucico (the communication program that performs the file transfers), uustat (reports statistics on recent activity), uuxqt (execute commands sent from remote machines), and uuname (reports the UUCP name of the local system).

Although UUCP was originally developed on Unix in the 1970s and 1980s, and is most closely associated with Unix-like systems, UUCP implementations exist for several non-Unix-like operating systems, including Microsoft’s MS-DOS, Digital’s VAX/VMS, Commodore’s AmigaOS, classic Mac OS, and even CP/M.

Given that, any patent on peer to peer email will of necessity be limited to some particular technique, and NOT a general patent over the whole turf.

Still, it is encouraging that some folks are looking into the idea of peer to peer email and care enough (i.e. see a product potential enough) to do a patent.

OK, from my perspective, there isn’t a simple “click and install” product, and certainly not a ‘thriving community’ like the bitorrent crowd. Too bad. Would be nice to have it all wrapped up and working…

Still, not much stands in the way. First off, anyone can set up an old style UUCP link between two systems and just shovel mail back and forth inside a private group. Anyone doing anything they wish to keep private needs to learn to run their own mail server. (It isn’t that hard. I’ve run many. While the fine points of SPAM filter maintenance and mail header parsing are a bit tough, a basic “send mail to @myfriend.com via smtp.myfriend.com” is pretty easy.)

It also looks like a “quick path” likely exists via taking a known working mail reader (even some of the web browsers understand email these days) and configure it to do opportunistic encryption (i.e. put an ‘exit’ in the code to look in a database of known public keys and always encrypt if possible. If no key exists, issue a ‘request for key’ to the destination and delay delivery of the email for ‘a reasonable time’ to see if a key is presented). Then take some of the torrent code and convert it to send email instead (that ought to be near trivial as a process – put email in an encrypted container, send torrent file for that container to the destination, let them pick it up whenever they want… )

I’m “way rushed” right now, what with coming up to speed on a new job and having 8+ hours a day at work, then another 2 or so of “overhead” for things like finding dinner and doing “laundry while on the road” and such. So it is unlikely that I can get to this “soon”. Still, it looks both doable and necessary. With luck “the open source community will provide”… faster than I can find time to do it myself.

There are many SMTP (Simple Mail Transfer Protocol) agents available, so simply setting up your own mail server is a reasonable “first step” for many folks / groups. Simply put: You don’t NEED a central mail service like google or AOL or whatever handing over all your “stuff” to the government. You can make your own server.

http://www.thefreecountry.com/utilities/email-servers.shtml

Free Mail Servers

The free mail servers (sometimes called Mail Transfer Agents, or MTA for short) on this page allow you to transmit email from one computer to another, using something called the Simple Mail Transfer Protocol, or SMTP for short. For example, it can receive email from an email client (software) and send it to another system. They can also allow email clients to retrieve its stored messages using either the Post Office Protocol, or POP3 for short, or the Internet Message Access Protocol, or IMAP. The email servers can either deliver the messages directly to the destination (end-to-end delivery) or relay them to another mail server for further transmission.

Please note the following:

The programs mentioned on this page are not for the ordinary email user. If all you want is a computer program that allows you to read and write email, please see the Free Email Clients page instead. On the other hand, if you want free email services (like webmail or the like), please go to the Free Email, Webmail, and Email Forwarding page.
[…]

hMailServer (Windows)

This mail server for Windows, hMailServer, supports the SMTP, IMAP and POP3 email protocols. It also includes a score-based spam filtering system (SpamAssassin) and can be integrated with antivirus software (to scan incoming and outgoing email). Other features include support for server-side rules, SSL, multihoming, virtual domains, routing, built-in backup, etc.
Mercury Mail Transport System (Windows, Novell NLM)

Mercury supports the following protocols: SMTP, POP3, IMAP (IMAP4rev1), SSL (for SMTP, POP3 and IMAP), PopPass, HTTP (for mailing list management), finger and PH (for directory lookups). It can handle multiple domains on one system, supports aliases, autoresponders, forwarding, filtering, Bayesian spam filtering, mailing lists, multiple queues, domain mailboxes (that receives all mail sent to a particular domain), customisable (“customizable” in US English) notifications (such as delivery failure messages), greylisting, relaying, killfiles, blocklists, full session logging, the ability to listen on multiple ports, the ability to relay messages via SMTP or use full end-to-end delivery, the ability to restrict which connections are allowed (based on address range), etc. (This is just a subset of the list of features available: the full list is too long to mention here. Please see their site or documentation for details.) This mail server is only free for private or non-profit use.
Apache James (Windows, Mac OS X, Linux)

Apache James is a mail transfer agent (“MTA”) that implements POP3 and SMTP. IMAP support has been added to the version 3 series of the software, which, at the time I write this, is still under development. The software can also function as an NNTP news server. The software is written in Java, which means that it can run on any system that has a Java Virtual Machine installed.
Citadel (Linux)

Citadel is actually a groupware program (with instant messaging, bulletin boards, shared calendars, mailing list server, etc), but it is listed here because it includes an email server. It supports ESMTP, POP3, and IMAP, and also includes a webmail interface. Access to your email over TLS/SSL is also supported. It has built-in spam filtering with support for things like blacklists, SpamAssassin, and an antivirus. Binary packages for Debian/Ubuntu Linux are available. For all other Linux users (or perhaps also users of other Unix type systems, including Mac OS X), you will need to compile the program yourself from the source code.
Postfix (Unix-type systems) (Source code only)

Postfix is a mail transfer agent with support for SMTP, DKIM, DomainKeys, SenderID, TLS encryption and authentication, junk email filtering, etc.
qmail (Unix-type systems) (Source code only)

This software, qmail, is an SMTP server for Unix-based systems like Linux (and presumably also Mac OS X). It was written to be a secure replacement for sendmail (another mail server). It also provides a POP3 service.
Sendmail (Unix-type systems) (Source code only)

Sendmail supports SMTP, ESMTP, UUCP, etc. It is known (or perhaps more accurately, notorious) for being hard to configure, the result of its attempt to provide the administrator with the ability to control many things.
Qpopper (Windows [with cygwin], Mac OS X, Linux) (Source code only)

Qpopper supports POP3 and TLS/SSL. It also features authentication via login name/password, APOP, Kerebos and PAM. As far as I can tell, it does not implement any support for SMTP, which means that you can send outgoing mail through this email server from your email software. It is released as source code, so you will need to compile the program into an executable before you can use it.

“Sendmail” is a royal PITA. Period. Avoid it unless you are a masochistic Unix Sys Admin with a death wish… or can convince your boss it is important and the best; so as to assure job security …. ;-)

Of those on the list, the ones with TLS Transport Layer Security (i.e. encrypted communications links like SSL) offer a bit more security against folks with sniffers on the wire. Citadel looks like the most interesting one at this time.

As I’ve got Linux in a virtual Machine on the laptop, and packed one of my Raspberry Pi boards, I’ll likely take a shot at configuring Citadel or something like it in a VM or on the RPi, just to see how clean it is.

THE big exposure here, though, is that you need a DNS entry so folks can find you, and that means a registration of a domain, and that means things like name and contact information in the public domain… so a sub-text to all this is finding a way to do that WITHOUT publishing your name, address, phone number, etc via the DNS / Domain reg process. It may be that a ‘dark net’ is the way to go here for true privacy and security. (i.e. a ‘roll your own’ DNS of ‘illegal’ domains like .onion and then mail transport in TLS / SSL tunnels via that darknet under the covers of the “legal” internet). That way you can DHCP a “real” IP address, then enter the darknet and find other folks for the email exchange.

I likely need to look more at Onion and TOR to see if they have already done this. If not, it’s right up their ally.

OK, I’ve about finished my Espresso, and this is pretty much all I can do on this topic in one session. It’s not high on my priority list (for the simple reason that I don’t put ANYTHING in Email that I do not want read by 20 government employees, 6 systems admins, my spouse, my boss, and have on the front page of a newspaper. You are encouraged to act in the same way… IFF you want to communicate something in private, put it in a file, encrypt the file, and send it as an attachment (while “public key” is best, since then there is no ‘key exchange’ exposure; it is also possible to have a ‘protocol’ with someone like a spouse, where you just know that the password is, for example, “The dog’s name concatenated with the day sent and your full street address and ending with moms maiden name”… the longer the key the better…)

I encourage folks to encrypt any and all messages sent, even the “irrelevant ones”, as the more the world “goes dark” and encrypted, the more The Powers That Be will get the message that we don’t like them in our bedrooms, our bank accounts, or our mail. We have left behind the days when innocent people could depend on their innocence to protect them from intrusion and abuse ( the IRS scandal shows that – having “the wrong” political opinions can be enough…) so it’s time to be defensive.

Even if all you do is encrypt a bit of trash and attach a bogus encrypted file to random email messages ( to folks who know they are not real and will not ‘spill the beans’ in an open email…) that tends to ‘clog up the system’ of monitoring. Adding a few more petabytes of “trash” will fill the various servers and snooping agency budgets with yet more crap. Maybe then an audit or two will show them not worth the cost. Yes, a mild form of “passive aggressive” complaining.

With that, I’m on to my next topic.

Subscribe to feed

Advertisements

About E.M.Smith

A technical managerial sort interested in things from Stonehenge to computer science. My present "hot buttons' are the mythology of Climate Change and ancient metrology; but things change...
This entry was posted in Political Current Events, Tech Bits and tagged , , , , . Bookmark the permalink.

35 Responses to U.S. Govt Snooping in Email Servers

  1. Gail Combs says:

    For what it is worth MemoryVault over at Jo Nova’s said:

    Sorry, but I’m a bit confused as to why this is even “news”.

    .
    Way back in 1987 it was exposed that Australia, the USA, the United Kingdom and New Zealand has agreed to spy on their own, and each others citizens, including the recording of all phone calls, and share the information.

    .
    The agreement was under a larger framework known as “The UKUSA Pact”. The Australian HQ for it was a huge, fortress-like building laughably claimed to be a “local telephone exchange”. It is now more honestly officially called the “Deakin Defence Offices” – see link –
    http://goo.gl/maps/FUdGC

    .
    As well as telecommunications tagging and monitoring, this is where all your record cross-matching occurs between the ATO, Centrelink, State Births Deaths and Marriages, Vehicle Rego, Land Titles, and so forth, as well as private banking info…..

    As I recall there was some sort of loophole where the UK could spy on US citizens without having to worry about UK law or US law …. So they agreed to spy on the citizens of other countries and thereby avoid privacy laws and then share the information.

  2. adrianvance says:

    The problem is not “spying” on citizens looking for criminal activity. The problem is data mining to isolate people by party, boost your voters and trash the opposition’s with slander and tricks. It is thought this is how Obama won re-election; by a new, not yet illegal manipulation. We analyze this.

    See The Two Minute Conservative via Google or: http://adrianvance.blogspot.com and when you speak ladies will swoon and liberal gentlemen will weep.

  3. omanuel says:

    Thanks, E. M. Smith, for another reminder that there are now few, if any, constitutional limits on our government.

    Climate-Gate emails and documents in late Nov 2009 were the first easily visible confirmation of the validity of President Eisenhower’s warning in his farewell address to the American people in Jan 1961

    Fear and loathing of humans with knowledge of the source of nuclear energy that destroyed Hiroshima and Nagasaki in Aug 1945 have compromised the integrity of government science and constitutional limits on government: http://tinyurl.com/marwkc5

    Ted Nordhaus and Michael Shellenberger seem to be coming to a similar conclusion: http://tinyurl.com/o3tahb2

    Oliver K. Manuel

  4. BobN says:

    I think everyone should make an encrypted 10M file and just keep passing it around. If you pass that back and forth to a friends list, the system will clog very quickly.
    I have checked with various sources and I get conflicting answers as to the legality of passing or receiving an encrypted file in or out of the country.

  5. sandy mcclintock says:

    If you have 2 hours spare and are interested in conspiracies tru http://www.youtube.com/watch?feature=player_embedded&v=NeQ07-ZmZTM

  6. Petrossa says:

    They can have my emails, anything that’s really private gets encrypted in a file and sent via a private server.

  7. Another Ian says:

    BobN

    Perhaps that file could be made of the data Mann used for the hockey stick?

  8. Gail Combs says:

    Another Ian, Is that with or with out the whole tree? I can just see sending this OOPs forgot the rest link

  9. CompuGator says:

    [New IPA via DHCP; I’d powered down everyting for Saturday’s thunderstorm.]

    It might be helpful for perspective, to readers with less seniority than Chiefio, to point out that in the 1980s, the peer-to-peer system known as uucp required that users address e-mail by specifying explicit end-to-end routing, naming each computer that served as an intermediate node, in the order it was to be used. If any of the specified nodes was not answering its modem(s), at best, a message simply waited until the modem(s) was answering again; if it waited too long, the sender got a failure notice. Not ideal for grandmas, who nowadays are typically oblivious to their dependence on DNS to exchange Internet e-mail with the grandkids. Perhaps uucp was enhanced with some kind of automatic routing in the 1990s?

    Altho’ all uucp (e-mail) machines were nominally equal, some were much more equal than others, e.g.: gatech, harpo (Bell Labs), purdue, ucbvax (U.C. Berkeley). That was a combination of reciprocity agreements that provided a long reach, geographically, their willingness to spend money to transfer other peoples’ bits, initially at direct-dial long-distance phone rates, and to devote whatever computer overhead was needed to operate it. They tended to be suppliers or early adopters of unix, and not on ARPAnet, which had a parallel e-mail universe.

    Because of long-distance rate structures, some nodes delayed message transmissions until the overnight hours. So sending a transcontinental e-mail message in the morning, and getting a reply before nightfall, was an exciting surprise.

  10. Jerry says:

    ‘The F.B.I. is wanting to be helpful by telling people that peer to peer is risky business. ‘

    LOL, maybe that is a warning! “You trying to sneak around with a peer to peer, encrypted stuff? What you hiding? Why you going to all that bother? Do you currently or have you ever owned a pressure cooker? Do you or do you not believe in Global Warming? Do you or do you not believe Global Warming is your fault? We told you there was a risk and now YOU are gonna have a really baaad day – starting NOW!

  11. E.M.Smith says:

    @BobN:

    Make it a bag of random bits and it will be legal. After all, then it isn’t really encrypted is it?… It would be a ‘nice touch’ to name it with something that implies encryption and even include an encryption header on the file, but if, in fact, it is just random noise, then it isn’t and can’t be an encrypted anything…

    @Petrossa:

    A nice and simple method. Personally, I like multiple layers so the encrypted file as an attachment to an encrypted email inside an encrypted connection…. Then again, I’m a Systems Admin at heart and they ARE out to get the sys admin ;-)

    @Another Ian & Gail:

    Oh, that’s rich! Personally, I like encrypting things like “The password to this file is: FrogsAreGreenYou1diot; now aren’t you proud of decrypting it?” I’ve also been known to encrypt Microsoft Software like Word or Excel (as they contain a LOT of bits ;-) and then the person decrypting it can be accused of illegally accessing private copyrighted software ;-)

    @CompuGator:

    Who you calling Senior, sonny boy? I was doing email before …. oh dear…

    Sendmail was the answer to the “next node” choices in UUCP. In the beginning it was all long hand, as you described. Then sendmail made it all automatic with address rewriting all all sorts of exciting things that let your email tour the world before someday, maybe, being delivered ;-)

    FWIW, I mention UUCP not as a preferred method, but only as an existence proof of prior art of “site to site” mail sending…. FWIW, at one time Apple was a very important node in the distribution of news and mail. That was when I was there…. I hired a “mail guy” and told him to do what he wanted with the Vax in terms of being a good neighbor… and he got a bit “exuberant” ;-)

    @Jerry:

    I must confess, I DO have a fondness for pressure cookers. I have 3 or 4 of them. Mostly used for canning, but occasionally for meals. Sadly, it had never occurred to my pea brain to think of them as bomb making material. It makes a kind of sense; but they are a bit big (imho). Also the handle gets in the way. Besides, they are expensive…. and why ruin such a fine cooking tool?

    Oh Well, even the most inventive and devious mind can only think of so much, and the domains of cooking and “improvised boom stuff” are not connected in my brain… or were not until Boston.

    Personally, I’d be more inclined to try packing the “stuff” into a tire and see how it does. With a 50 PSI normal operation pressure, they can take some force before letting go. Might need to keep the speed down on the drive to the destination though ;-) Maybe it’s not such a good idea…. ;-)

    Wonder if those tubs you use for bear proofing food would work… Though just some sched 40 PVC ought to do it too (and would not show on metal detectors)… Oh dear, the mind is wandering again…

    Frankly, though, I’m glad they are fixating on explosives. There are far far more damaging things that could be done (and those I share with no one… though I’ve seen some of them in print already.)

    Sometimes I do wonder if the Jihadies are just getting ginned up by the west as part of an intricate indirection to get us to give up our liberties for ‘security’. Then I remember that they have had this attitude for 1300 years… but if you wanted to pick a group easy to get ‘juiced’ and worked up…

    Oh Well, above my pay grade. I just oil the machinery… and sometimes speculate.

    @Computgator:

    Oh, and do remember that there was a network of private leased lines, so some blocks of email went “site to site” over that before hitting the phone lines. Apple came up first on 9600 baud modem, then I signed a P.O. for a T1 (or maybe 1/2 a T1…) to Olivetti down the street. For a couple of years all “our stuff” came via them until we added some more lines. Then we started being a bit ‘center of the net’ for distribution… as we added connections wisely and had a Vax who’s only job was internet email / news shoveling and being a ‘honey pot’ to attackers… it was about $1/2 Million machine in those days. Anyone at the company could get an account on “the public machine” but had to listen to a lesson on being wide open exposed and being used as bait in the honey pot… Yes, our “honey pot” was a very realistic looking one, as it was actually used… but with folks who knew they were exposed and were not to do anything truly company confidential on it. (Even ‘family and friends’ could get accounts – a big deal in those days). Mostly it just shoveled net news and email around. And let employees send important email to spouses like “Yes, I will pick up milk.” ;-) It had a semi-hard to spot 9600 baud hard wire modem line to the “inside” and some dedicated firewall / router stuff so only news / mail got through. Zero “sessions”. Took a lot of grief from folks want that to be opened up. Yet it kept out the “Internet Worm” that took down damn near everything else… but that’s another story…

    Ah, the days…

    (I remember it being a big deal when we went to 56kb modems on the dial bank as all the mail to lots of other sites suddenly went very fast ;-)

  12. PhilJourdan says:

    The biggest stumbling block to P2P email is – the number of people you can send it to. I think the government has over reached on declaring all Email as public. But that will take years in the courts to determine.

    And then you have those “wink-wink” agreements between the UK, US and Oz that Gail referenced. And not much can be done there. The government is shirking its duties of protecting its citizens, but then that is old news.

  13. Power Grab says:

    I always considered email as something that was not really private. Computers don’t really care who manipulates them. Never did. Never will.

    I don’t have much trouble understanding why TPTB want to dig up dirt on everyone there is dirt to be dug up on, but I’ve always wondered just how interested they are in people who don’t have dirt to dig up.

    I also have wondered how much future trouble will be caused to people for whom dirt has to be concocted by TPTB. Or how much trouble will be caused for innocent people whose data has been mistakenly intermixed with data for less-than-innocent people.

    I guess all those bogus emails that were supposedly intended for someone else, but ended up in my inbox, were just phishing emails? But how about the ones where a legitimate company, with whom you have established a legitimate connection, reveals that they aren’t keeping your customer status straight in all their systems? Is that just evidence that the folks querying the databases don’t really know their stuff? And how helpful should I be in advising them of their errors?

  14. Jason Calley says:

    @ E.M. “It’s a very sad day when one starts to think that the Mafia is more honor bound than the government and that “shady characters” might be more reliable and safe than people with badges, and that trusting strangers is safer than trusting the government.”

    There are two major differences between the Mafia and the current government:
    1) The Mafia does not have a flag.
    2) The Mafia does not tell you it is for your own good when they break your legs.

    @ E.M. “Sometimes I do wonder if the Jihadies are just getting ginned up by the west as part of an intricate indirection to get us to give up our liberties for ‘security’. ”

    At this stage, that is my working assumption. People hate to hear me say it, but there are at least two major frauds being used at present for controlling and guiding the masses. The obvious one (at least to most readers of your excellent blog) is the CAGW fraud. The more “progressive” in our country find this fraud almost irresistible. It hits all of their favorite buttons and justifies them as saviors of humanity. The less obvious one (at least to most readers of your excellent blog) is the world wide terrorist fraud. The more “conservative” in our country find this fraud almost irresistible. It hits all of their favorite buttons and justifies them as saviors of humanity.

    It took me a long time to actually believe that the terrorist threat is false, but here are three very quick reasons.
    1) The total lack of border control by either party, any administration. If terrorism were real, would any administration actively work to allow millions of unchecked people to enter the US?
    2) The involvement of the FBI in the 1993 World Trade Center attack.
    3) The refusal of the US to accept the Taliban’s offer to turn over Bin Laden for trial in an international court.

    I suspect we have all been manipulated by masters of the art.

  15. Petrossa says:

    i found this paper extremely to the point (pdf): An Orwellian America https://dl.dropboxusercontent.com/u/1828618/An_Orwellian_America.pdf

  16. E.M.Smith says:

    @PhilJourdan:

    There can be a rapid shift in behaviour once something catches on… The other problem is that even with P2P, some email will go through servers to “others”. That, then, becomes a potential leak of otherwise hidden messages and “contact traces”. So a dozen folks are all having a conversation on P2P, and one adds their cousin on a generic email server… Now that whole message copy (whatever is kept in the reply text ) AND all the folks on the copy list are exposed as “in contact” with each other and about whatever is in the thread copy history.

    So you either prevent that (and hobble the product), or “nag on attempt” and accept the exposure. Neither very good.

    @Power Grab:

    Nothing but personal desire prevents having secure and private email. It takes caring enough to encrypt everything.

    The basic problem is that EVERYONE “has dirt”. The laws have made such that you can find something on every single person if you just look long enough. Every year even more truly innocent behaviour becomes criminalized. This is not an accident. You can lose your job for saying “Like your hair, new style?”. My Mother specifically taught me to do that (in another era) and “Managers and the Law” class informed me it had been made a termination grounds. Any woman wondering why she gets no compliments need look no further than that.

    I once tried keeping a count of how many laws I broke in a single day doing “ordinary” things. I stopped counting before lunchtime… (The “Conspiracy to …” laws rack things up fast. Tell the taxi driver “Can you get me to the airport quick!” and it’s conspiracy to break the speed laws… but I doubt that one is on the books… though “who knows”…) Rolling a few stop signs on a right turn (law says full and complete stop…) failure to signal lane changes (though no other cars on the freeway in the dead times) jaywalking to the bank (though the street is empty) it all adds up. I had a couple of “possession of” that I noticed as well. (Have a friend that smokes MJ and leaves a roach in the ash tray? Possession and ‘aiding and abetting’… Encourage him/her by saying “sure, you can smoke it” and add a “conspiracy to” charge… ) And on and on…

    So the notion that “they only use it against criminals” is just self deception. Sorry.

    There are also “must do” laws, so, for example, the spouse is in a “must call the cops” job. IF she suspects a kid is having certain categories of “issues”, she MUST call the cops on the parents / guardians or SHE goes to jail. Not sure, or just forget? Not an excuse… She figures that it’s likely there’s one or two a year where she OUGHT to be suspicious and make a call, but just doesn’t “get it right” as the evidence isn’t in her face enough… FWIW, she is THE most scrupulous person I know about trying to follow every single law. To the best of my knowledge she has never had any traffic ticket or parking ticket. (Drives me nuts… ;-) So you ever wonder why the cops get called on some parents for what are clearly “bogus” reasons? Because someone in a “must report / must call” position is not sure and errs on the side of “I won’t go to jail if I call”… (A family recently got called in to child protective services for wanting a second opinion on their kids medical condition. The first Dr. “called them in” for failure to properly care for their kid since they didn’t take is opinion immediately…)

    So please realize that YOU are not INNOCENT. Nobody is. “This behaviour is by design.” IMHO.

    @Jason Calley:

    I’d go one further.

    It isn’t that the “terrorist threat is false”. It is real. Just “created for effect”.

    The British Crown has been setting two groups against each other so that they could be the ‘peace keeper’ or saviour for hundreds of years. This is NOT a new technique.

    @Petrossa:

    Only had time to skim it tonight, but does look interesting and likely has much in it that is correct. I’ll likely have time to savor it later this week.

  17. Jason Calley says:

    @ E.M. “It isn’t that the “terrorist threat is false”. It is real. Just “created for effect””

    Well, I agree… I just didn’t think I should take it quite that far, in case I lost my audience. :).

    @ E.M. “The British Crown has been setting two groups against each other so that they could be the ‘peace keeper’ or saviour for hundreds of years. This is NOT a new technique.”

    True. Another very successful money and control technique has been the “get people hooked on drugs” route. Drugs from Afghanistan, drugs from South East Asia, drugs from South America. Here is a bit of dark humor: The Brits forced the Chinese to import and consume vast quantities of opium. I don’t think the Chinese ever forgot that chapter of history. Today, the Chinese have “hooked” much of the West — but not with opium. The drug of choice is cheap, disposable consumer goods. “Oooohhh! Latest fashions! Latest TV! Yeah, it will be in the land fill in three years, but I’ll be the first on my block to get it!” Here in America, we are running the most massive trade deficit in history, much of it with China. Just like China’s wealth was bled dry for opium, we are bleeding for cheap goods. Our political and financial leaders have encouraged this close trade with China ever since Nixon. Why? Because every dollar that leaves our shores delays the effects of monetary inflation. The Powers That Be can create more hot dollars to be spent among themselves and their friends without the price distortion being so evident. Nice job if you can get it.

    Disclaimer: Long term, large scale, I am still very optimistic about the future of humans on Earth. Much of the current pain is birth pangs.

  18. CompuGator says:

    Jason Calley says (11 June 2013 at 12:00 am):

    It took me a long time to actually believe that the terrorist threat is false, but here are three very quick reasons.
    1) The total lack of border control by either party, any administration. If terrorism were real, would any administration actively work to allow millions of unchecked people to enter the US?

    This was correctly placed at number 1, because it is sufficient (in the word’s formal mathematical sense): Q.E.D.

    But here’s the rest of the story: Both parties made it easier for millions to remain unchecked: The first-term Obama Administration, plus its Congress, hobbled a major opportunity that’s not only authorized, but also mandated by the U.S. Constitution: the U.S. Census of 2010.

    Despite the widely trumpeted threat of terrorism, the federal government deprived itself of potentially useful information. Forms completed and returned by U.S. Mail were typically accepted at face value, as one might expect. So a Hossein Khomeni, fresh from Iran, could easily get away with claiming instead to be, say, a Hispanic man named Jose Camaro. It’s not clear to me how that kind of fraud could be practically detected.

    But even in all ‘nonrespondent’ face-to-face field interviews (i.e.: the ones for which census workers were paid to walk the neighborhoods to each address that did not satisfactorily complete & mail back the forms they’d been sent), it required that oral answers to all required questions be accepted at face value, and trustingly transcribed by the census worker. In 2010, no proof of identity nor residence was ever required for anyone, not even for the person identified as the source for the answers for a particular address. Odd, considering that full names & birthdates of each resident at each address are required (beginning in 2000).

    It’s especially fascinating that the 1990 & 2000 Census questions “11. Language Spoken at Home”, “12. Place of Birth”, “13. Citizenship”, and “14. Year of Entry to the U.S.”, were removed for the 2010 Census (numbered here as used for 2000). And no questions were asked about religious affiliation.

    Yet our federal government claims a national-security justification for recording private e-mail and other Internet content produced by U.S. citizens, secretly, and without even secret warrants signed by secret judges.

  19. Jason Calley says:

    @ CompuGator
    Ouch! You make some painfully relevant points about the census. I wish you were wrong about them, but they all make way too much sense to discount them.

    I have yet to meet anyone — liberal or conservative — who could give any sort of coherent response to the question, “Why are our borders effectively unguarded if the US is in a war against foreign terrorists?” The most common response is “No, I don’t like that either. They ought to do something about that.” No reconsideration of basic assumptions, no second look at justifications or lack thereof. Actually thinking can be very frightening for most people; they instinctively recoil.

    You say, “Yet our federal government claims a national-security justification for recording private e-mail and other Internet content produced by U.S. citizens, secretly, and without even secret warrants signed by secret judges.”

    Very few people seem to understand the very important difference between gathering data with a warrant and just gathering data at will. When a warrant is issued there is a clear track of who was gathering what sort of data at what time and from whom. Not so when data is gathered at will. This leads to a sort of temptation that is lacking when warrants are issued. If I gather data from phone calls, emails, etc. and there is no clear record, what is to prevent me from using the info for my own good? For example, if I had found information in August of 2001 that planes would be flown into the Trade Center, I would be able to make enough money to last the rest of my life. All I would have to do is buy futures on airlines that I knew would be involved. Maybe invest heavily in the types of security equipment that I knew would soon be popular, then just sit back and let it happen. No honorable man would even wish to have such power; the temptation would be obvious. On the other hand, a dishonorable man would certainly claim that it was “for the good of the nation.”

  20. BobN says:

    @ EM – When you join the mafia, you have expectations of what you will be doing going in. When you join the government you expect the best intentions, what to do when you find out they are corrupt. No one (hardly ever) puts there head in a noose and jumps. I think most people would just find another job and fret about what they know. I really don’t know what I would do. I would like to think I would go talk to a Senator and let them handle things, but there is risk in that also.

    @all – The terror threat is real, but the politicians do not see the real danger. To them its an opportunity to use the high anxiety it puts in people. Scare them and they will let you trample their rights. We are turning into a police state, just look how aggressive even the cops are getting. Why is DHS more concerned with Christians and Veterans than Muslims. There is an agenda being played out, non of it good. Why would a country at war with Islam keep bringing Muslims in by the 100k at a time. Why would Obama want to bring all the Syrian refugees here, its not a humanitarian effort.

    I don’t believe they are just storing meta Data. I bet they store it all and with that information the government has leverage over everyone. Something before the Supreme Court, just dig a bit, I bet you can change a vote, same thing for Congress. It total power sitting there, it will be used.

    I believe the borders are open for several reasons. Cheap labor, that isn’t cheap when you look at the social costs. Voting power is obvious. Long term I believe they want to combine Canada and Mexico as part of the US, what better way than to make the borders irrelevant. These issues have priority over security as DHS policies make no sense and do expose us to serious risk. With all the data they have, why not use it to detect illegals and deport them. Obviously, that is not the true agenda.

  21. Gail Combs says:

    Jason Calley says:
    ….@ E.M. “Sometimes I do wonder if the Jihadies are just getting ginned up by the west as part of an intricate indirection to get us to give up our liberties for ‘security’. ”

    At this stage, that is my working assumption. People hate to hear me say it, but there are at least two major frauds being used at present for controlling and guiding the masses. The obvious one (at least to most readers of your excellent blog) is the CAGW fraud. The more “progressive” in our country find this fraud almost irresistible. It hits all of their favorite buttons and justifies them as saviors of humanity. The less obvious one (at least to most readers of your excellent blog) is the world wide terrorist fraud. The more “conservative” in our country find this fraud almost irresistible. It hits all of their favorite buttons and justifies them as saviors of humanity…..
    >>>>>>>>>>>>>>>>>>>>>

    Some of the ‘conservatives’ are well aware of the second fraud. G. Edward Griffin, a John Bircher (a progressives definition of conservative) started Freedom Force International, a network of men and women from all parts of the world who are concerned over loss of personal liberty and expansion of government power. and wrote Days of Infamy.

    THE STRATEGY TO GET THE U.S. INTO WAR
    there were different motivations and different agendas for pushing the United States into war. Colonel House became the coordinator for all of them. He went back and forth across the Atlantic and consulted with the Round Tables in both England and America. He arranged a secret treaty on behalf of President Wilson to bring the United States into the War. The reason for secrecy was that the Senate would never have approved it. There was still strong public opposition to war and, had it been revealed that Wilson was engaging in a secret – and unconstitutional – treaty to get the U.S. into war, it would have been politically disastrous to his Administration….

    en months before the election, which returned Wilson to the White House because he ‘kept us out of war,’ Colonel House negotiated a secret agreement with England and France on behalf of Wilson, which pledged the United States to intervene on behalf of the Allies…..

    Of course the fatal moral weakness of the foregoing scheme is that we should plunge into the War, not on the merits of the cause, but by a carefully sprung trick. 1

    AGGRAVATE, INSULATE, FACILITATE
    The trick eventually evolved into something far more dramatic than peace negotiations. It called for three strategies in one. They were: aggravate, insulate, and facilitate.
    The first stage was to aggravate the Germans into an attack, literally to goad them until they had no choice but to strike back. Much of this was implemented from the British side. Churchill established the policy of ramming German submarines….

    Churchill ordered British ships to remove their names from the hulls and to fly the flags of neutral nations, especially the American flag, so the submarine captains couldn’t tell what nationality the ships really were. He wanted Germans to torpedo American ships by accident….

    The second prong of the strategy was to insulate. That means to insulate the victims from information that would have allowed them to protect themselves. You can’t have a surprise attack if you warn the victims in advance. It was important not to let any of the Lusitania passengers know that the ship was carrying war materials and was likely to be sunk. They could not be allowed to know that several of its decks, normally assigned to passenger quarters, had been cleared out and loaded with military-related supplies, including ammunition and explosive primers. They could not be informed that they would be riding on a floating ammunition depot. The German embassy tried to warn American civilians not to book passage on that ship. They placed an advertisement in fifty newspapers….

    The third prong of the strategy was to facilitate. That means to make it easy for the
    enemy to strike and be successful. On the morning of the sinking of the Lusitania, Colonel
    House was in Britain and recorded in his diaries that he spoke with Sr. Edward Gray and
    King George. They calmly discussed what they thought the reaction of the American
    people would be if the Lusitania were to be “accidentally” sunk…..

    On this voyage she had been ordered to turn off one of her boilers. She was running on three turbines instead of four. At only 75% speed, she was now vulnerable to attack from all sides.
    The Juno was a British destroyer that had been assigned to escort her through those dangerous waters. At the last minute, the Juno was called back by the British Admiralty and never made its rendezvous. Inevitably, the Lusitania, running at reduced speed, and without protection, pulled into the periscope view of the U-20 German submarine. One torpedo was fired directly mid center. There was a mighty explosion. As the Germans were preparing for the second torpedo, much to their surprise, there was a second explosion, and the whole bottom of the ship blew out…..

    Griffin goes on to write about Pearl Harbor where the same strategy is used again. The question of course is “Is Griffin just blowing smoke despite his references?” So I looked at what is happening today to see if the same pattern is being repeated.

    AGGRAVATE:
    The EU and the USA have certainly been stirring up the middle east so that is a check.

    INSULATE:
    Insulate is de rigueur these days with the press firmly in the pocket of TPTB. Heck look at Benghazi. Benghazi Patsy? Maker of Anti-Islam Video Remains in Jail

    …Nakoula Basseley Nakoula became even more famous when the Obama administration falsely stated that the Benghazi attack resulted from a protest over the video….

    Stirewalt pointed out that when the slain victims of Benghazi arrived back in the U.S., President Obama and Hillary Clinton were telling the families that the video was to blame and vowing to punish the man who made it….

    The Benghazi Scandal Grows

    CIA director David Petraeus was surprised when he read the freshly rewritten talking points an aide had emailed him… this new version — produced with input from senior Obama administration policymakers​—​was a shadow of the original.

    …The original CIA talking points had been blunt: The assault on U.S. facilities in Benghazi was a terrorist attack conducted by a large group of Islamic extremists, including some with ties to al Qaeda.

    These were strong claims. The CIA usually qualifies its assessments, providing policymakers a sense of whether the conclusions of its analysis are offered with “high confidence,” “moderate confidence,” or “low confidence.” That first draft signaled confidence, even certainty: “We do know that Islamic extremists with ties to al Qaeda participated in the attack.”

    There was good reason for this conviction. Within 24 hours of the attack, the U.S. government had intercepted communications between two al Qaeda-linked terrorists discussing the attacks in Benghazi. One of the jihadists, a member of Ansar al Sharia, reported to the other that he had participated in the assault on the U.S. diplomatic post. Solid evidence. And there was more. Later that same day, the CIA station chief in Libya had sent a memo back to Washington, reporting that eyewitnesses to the attack said the participants were known jihadists, with ties to al Qaeda….

    Insulating isn’t working quite as well as it used to….

    FACILITATE:
    This is the key point. The first two can be considered bureaucratic bumbling and CYA. Facilitating takes intent and that is exactly what we are seeing.
    A primary point is Radical Islam makes inroads among Latin America’s Native peoples

    2009, Colombian authorities dismantled a network of narcotraffickers linked to Islamist terrorists. Funds derived from the narcotrafficking are believed to have been diverted to Hezbollah – an Islamist terror organization….

    The growth of Hezbollah is due to the strategic alliance reached by enemies of the United States. These are President Ahmadinejad of Iran and President Chavez of Venezuela. The latter has expressed support for the Shiite Muslims in Iran and Syria and allows them free sway in Venezuela – an important source of petroleum to the U.S. The Venezuelan government owns CITGO, a network of gasoline stations and refineries in the U.S.

    Islam has shown growth in Latin America, once a monolith of the Catholic faith. For example, the Wayuu Guajira people of Venezuela and Colombians– native Americans who live in the tropical forests – have provided numerous converts to Islam over the last decade and some of them are declared jihadis – warriors for Islam. Efforts to convert native peoples to Islam have been fostered by Iran with investments of money and other resources. Wayuu Guajira Indians are the largest indigenous group in Venezuela and Colombia (about 135,000 in Colombia and 170,000 in Venezuela). On October 23, 2006, the police in the Venezuelan capital found two explosive devices near the American Embassy….

    So the US government has been aware of declared jihadis in Latin America. More recently

    Hezbollah Terrorists On Our Southern Border July 19, 2010

    Although U.S. officials cannot confirm reports of the arrest Jamel Nasr recently in Tijuana, they should acknowledge that the reports are consistent with increasing concern that Hezbollah is seeking an operational base in the Americas. Nasr was no ordinary tourist or would-be immigrant. He is a made member of the Lebanese-based terror group, Hezbollah.

    Mexican authorities have released few details about his arrest….

    So what does the US government do to protect the USA?
    1. Make ‘Profiling’ by police (and the military) illegal: House Hearing Will Examine Illegal Profiling and Police Misconduct By Local Law Enforcement Acting As Federal Immigration Agents

    2. Fast and Furious where the US government supplied criminals (“a network of narcotraffickers linked to Islamist terrorists”) with over two thousand firearms including AK-47-type rifles. link

    3. Leave the Mexican border wide open.
    Janet Napolitano refused to build the border fence required BY LAW. She also reduced the number of border guards in 2010. State national guard units in border states were called up and sent overseas and when private citizen groups stepped in to help beef-up surveillance (a la neighborhood watch on steroids) and reported their findings to the border patrols, Napolitano responded by giving the Mexicans their exact positions….

    I discussed this in detail earlier in this comment.

    And there is more recent news on further cuts to Mexican border protection.

    U.S. REP. RON BARBER TO NAPOLITANO: ‘Present Congress and the American people a clear plan that assures that our borders will be protected Mar 27, 2013

    …Border Patrol agents have been told that because of the indiscriminate cuts of sequestration, they must take off one unpaid day every two weeks from April 7 until the end of the fiscal year on Sept. 30.

    In addition, their overtime has been severely reduced. Those two mandates have cut the pay of Border Patrol agents who work in the Southwest by up to 40 percent….

    Barber added. “There still are many border residents and families who do not feel safe because the drug cartels come through their land every day. They still depend on you to protect them and their homes.”

    “…the drug cartels come through their land every day???” and the US government is wasting time, money and effort sniffing e-mail about whether or not the grand kids are potty trained yet….

  22. philjourdan says:

    @Jason Calley – China’s drug is short lived. Before China, there was Taiwan, and before them, South Korea, and before them Japan. As those countries economies improved, their prices rise and someone else replaces them. Already India is making inroads into Chinese markets due to a lower labor cost. The cycle will go on, and China will find itself having to deal with imports from other low cost nations.

  23. p.g.sharrow says:

    @philjourden; you are so correct. The Chinese bubble is leaking badly. Those that invested their wealth there will find extracting it, from this “Tar Baby”, most difficult. I see the re-industrialization of America as the next big boom. The tide of bureaucracy is beginning to ebb and the pendulum will swing against those that would use government to accumulate wealth. We don’t need them. pg

  24. CompuGator says:

    Power Grab says (10 June 2013 at 1:51 am):

    I always considered email as something that was not really private. Computers don’t really care who manipulates them. Never did. Never will.

    For that matter, neither do inanimate paper envelopes care, when they bear a government postal stamp on the outside and more paper on the inside. But in the U.S.A., there’s a centuries-old expectation that its contents will be treated as a private communication between sender and addressee. Right now, I don’t know to what extent that expectation has federal law behind it. Or whether it, too, has been subverted in more modern decades by the Orwellian
    PATRIOT Act, FISA, NDAA, &c.

    The fact that a combination of technology allows a deed to be done, should not be accepted as a justification, any more than it would be in a case of mayhem with sharp knives, or more to the point, violation of personal privacy, or traitorous espionage.

    I do accept that anyone who uses e-mail services that are paid for by an employer,
    should indeed expect that their messages are “not really private”, even those messages that anyone might cluelessy send whose content is solely related to delicate personal matters. Especially if the employer is required to operate under “sunshine” or archiving/retention rules.

    But when I pay my own money to a nongovernmental or commercial enterprise or nonprofit organization to supply me with for personal communication services, I jolly (expletives deleted) well expect my communications: not to be revealed to others, except to the minimum extent necessary to deliver them to the addressee; nor to be disclosed or revealed to any government, unless legally required by a legitimate & legal warrant that’s signed by a judge. That holds regardless of whether my communications are telephone calls, faxes, e-mail messages, or telegraph transmissions.

    [The message text above includes HTML ‘ul’ & ‘li’ tags in their simplest forms; so I hope Chiefio has enabled them herein (or completely strips them out if disabled).]

  25. BobN says:

    I pay Microsoft for the privilege of spying on me. I signed a license agreement when I joined, I don’t remember them telling me that they would be passing my information to the government. It seems like a contract violation. Almost seems like a class action law suit.

  26. Gail Combs says:

    CompuGator says….

    Agreed. It is like Monsanto hiring Pinkerton to trespass onto a farmers land and take samples for genetic testing. The Supreme Court has ruled “expectation of privacy in the “open fields” is unreasonable” lawlibrary.unm.edu/nmlr/16/1/10_note_criminal.pdf‎

    It is MY (expletives deleted) land. I paid for it and continue to pay through taxes. If it is posted No Trespassing I have every right to an “expectation of privacy”….

    This is the creeping Totalitarian state in action and unfortunately the Supreme Court is getting really good at ‘Interpreting’ the Constitution in such a way that we continually lose rights.

    We used to have a RIGHT to a trial by jury. And the jury had the RIGHT to judge both the person AND the LAW. That has been eroded to the point where an UNELECTED bureaucrat determines if you have broken a regulation and can fine or jail you.

    We used to have a RIGHT to assembly and to petition the government for a redress of grievances. Now we have the right to protest only in areas designated by the government. – well away from anyone who matters.

    Unwarranted search has been getting progressively worse from the time an employer/law officer could force you to pee in a bottle to the Grope-N-Fly where TSA assaults & traumatizes three-year-old girl in wheelchair.

    The Supreme Court and Congress now looks at the Constitution as so much A$$wipe yet the typical American could not care less. My Sheep have more spunk!

  27. CompuGator says:

    CompuGator says (12 June 2013 at 4:38 am):

    It’s especially fascinating that the 1990 & 2000 Census questions “11. Language Spoken at Home”, “12. Place of Birth”, “13. Citizenship”, and “14. Year of Entry to the U.S.”, were removed for the 2010 Census (numbered here as used for 2000).

    Sigh. Upon further review–having now examined downloaded census forms of recent decades–I can write that it’s more complicated than that.

    It appears that in 1990, there was only 1 questionnaire form: ‘D-2’, which included not only the important questions about citizenship, foreign origin, and foreign language, but also the intrusive questions about education, employment (including specific working hours), income, household construction (including plumbing), rent or mortgage payments, utilities costs, &c., of ordinary U.S. citizens, which evoked widespread feelings of violation of personal privacy. The facsimile available on line for this 1990 questionnaire looks as if it’s really an appendix for a training manual, so it omitted all pages after the first 7. I assume that it replicated the questions of p. 6–7 (2 whole pp.) for each of a household’s persons 2 to 7.

    In 2000, there were at least 2 forms: the one that kept the ‘D-2’ designation, 38 pp., then known as the ‘Long Form’, which was inflicted on only 1/6 of the households (or so claimed the Census Bureau); an apparently new one, designated ‘D-61A’, 6 pp., known as the ‘Short Form’, used for the majority of households in the continental U.S.A.; and a handful or so more questionnaires, each for a special situation, such as active-duty military or U.S. insular territories.

    It’s the Census 2000 ‘D-61A’ that is practically the same as the Census 2010 ‘D-1’. No ‘Long Form’ corresponding to the 2000 ‘D-2’ was used in 2010, according to a not-especially-detailed Census 2010 Web page. The 2010 ‘D-1’ is the one I received at my home, and it was also used for allNonresponse Followup’ operations, i.e.: the face-to-face field interviews, as far as I know.

    So instead of only 1/6 of Census 2010 households being required to answer the Census 2000 questions about citizenship, foreign origin, and foreign language, none were. (Expletives deleted) odd, when one considers that genuine border security and immigration reform are among the most prominent issues that are again facing the U.S. Congress–and have been for at least half a decade before Census 2010. Just ask the discredited former U.S. Sen. & RNC Chair Melquíades Martinez (R– FL Latin America).

  28. CompuGator says:

    The previously posted cnet.com report by Declan McCullagh (URL cited by ‘LG’ in a related ‘Chiefio’ topic) guesstimated:

    NSA records the phone calls of 500,000 to 1 million peoplewho are on its so-called target list, and perhaps even more.

    Might that range be a useful approximation to the number of people whose Web-browsing is monitored? It’s another activity of the TPTB that McCullagh reported on, during a busy hard-news week for him: “A
    secret interpretation of the Patriot Act led to the [….] NSA may be doing the same for e-mail and Web-browsing logs too
    “.

    I wonder if reading all 3 articles in McCullagh’s NSA series on cnet.com gets U.S. citizens enrolled on the NSA’s “target list”? I assume it’s nearly trivial to filter captured Internet packets for anything like:

    GET /constitutional-rights-abuse-by-TPTB HTTP/1.0

    Such a request’s ‘Internet Header’ would contain the destination (i.e.: server) IP address plus the source (i.e.: requesting client) IP address. I suppose load-sharing via multiple servers (e.g.: CBS Interactive Inc., d.b.a. cnet.com, which seems to have been assigned a block of 4096 host IPAs) could be trivially handled via a subnet mask (e.g.: 255.255.240.0, i.e.: FF.FF.F0.00) to select all its asigned IPAs.

    The requesting client IPA, correlated as necessary with an ISP’s Dynamic Host Control Protocol IPA-assignment log, would incriminate such an ISP-user as not among the sheeple. Maybe even cause that user to be suspected of the subversive sentiments known as Constitutional strict-constructionism. (Gasp!) And thus potentially a hazard to TPTB.

  29. PPugliano says:

    There is a thing called National Security Letter. It’s a nasty thing. Those who get one are forced to give the information requested and can’t talk about it to anybody.

    http://en.wikipedia.org/wiki/National_security_letter

    Apparently, the FBI issued 192,499 such letters between 2003 and 2006 alone. Who knows how many since then.

    That’s patently unconstitutional, but very few people try to challenge it. One who did was the
    owner of Snowden´s email service. In this interview he explains why he closed his email service, Lavabit, rather than comply with the FBI requests.
    http://www.democracynow.org/2013/8/13/exclusive_owner_of_snowdens_email_service

    Another one who challenged it:

    http://www.democracynow.org/2010/8/11/gagged_for_6_years_nick_merrill?autostart=true&get_clicky_key=suggested_related

  30. Gail Combs says:

    PPugliano,
    Thanks for the information.

    The Patriot Act is anything but Patriotic.

  31. omanuel says:

    You are exactly right, Gail.

    Despite all these Orwellian powers, truth is leaking past the gatekeepers of information.

    Lurking beneath the Sun’s thin skin of H & He is the Creator, Destroyer & Sustainer of Life.

    Big Brother is both stupid & totally powerless.

    Oliver K. Manuel

    Sent from my iPhone

  32. adolfogiurfa says:

    @omanuel: Tell the bad kids that their game is over!

  33. omanuel says:

    That is exactly the message:

    This game is over. Time to surrender to a Higher Power:

    http://theinternetpost.net/2013/08/12/the-creator-destroyer-sustainer-of-life/

    Oliver K. Manuel
    Former NASA Principal
    Investigator for Apollo

  34. adolfogiurfa says:

    @omanuel: He is working already but it is not in the news…

Comments are closed.