NSA Collects Email Contact Lists, Instant Messaging Chat Buddy Lists From Overseas With No Oversight At All
from the well,-there's-that dept
The Washington Post is out with the latest revelations from the Snowden leaks and it shows that the NSA relies on foreign telcos and “allied” intelligence agencies to scoop up data on email contact lists and instant messaging buddy lists to help build its giant database of connections. Remember a few weeks ago how it was reported that the NSA was basically building a secret shadow social network? It seems like this might be one of the ways it’s able to tell who your friends are.
There are a variety of important points here. First off, this information is not coming directly from the tech companies (which, again, suggests that earlier claims that the NSA had direct access to all their servers was mistaken). Rather they’re picking this information up off the backbone connections in foreign countries. It also explains why they get so much data from Yahoo — because, for no good reason at all, Yahoo hasn’t forced encryption on its webmail users until… the news of this started to come out.
And here’s the big problem: because all of this information is collected overseas, rather than at home, it’s not subject to “oversight” (and I use that term loosely) by the FISA court or Congress. Those two only cover oversight for domestic intelligence. The fact that the NSA can scoop up all this data overseas is just a bonus.
Also, while the program is ostensibly targeted at “metadata” concerning connections between individuals, the fact that it collects “inboxes” and “buddy lists” appears to reveal content at times. With buddy lists, it can often collect content that was sent while one participant was offline (where a server holds the message until the recipient is back online), and with inboxes, they often display the beginning of messages, which the NSA collects.
In fall 2011, according to an NSA presentation, the Yahoo account of an Iranian target was “hacked by an unknown actor,” who used it to send spam. The Iranian had “a number of Yahoo groups in his/her contact list, some with many hundreds or thousands of members.”
The cascading effects of repeated spam messages, compounded by the automatic addition of the Iranian’s contacts to other people’s address books, led to a massive spike in the volume of traffic collected by the Australian intelligence service on the NSA’s behalf.
After nine days of data-bombing, the Iranian’s contact book and contact books for several people within it were “emergency detasked.”
Because of this mess, the NSA has tried to stop collecting certain types of information, doing “emergency detasks” of certain collections. This, yet again, shows how ridiculous Keith Alexander’s “collect it all” mantra is. When you collect it all, you get inundated with a ton of bogus data, and the information presented here seems to support that.
Filed Under: buddy lists, chat, contacts, email, information, nsa, nsa spying, nsa surveillance, telcos
Comments on “NSA Collects Email Contact Lists, Instant Messaging Chat Buddy Lists From Overseas With No Oversight At All”
Well I guess we owe a great big “thank you” to all those heirs of assassinated Nigerian warlords. By spamming us with their requests to take thier money, they were actually shielding us from the NSA’s email dragnet.
Wow. They’ve already violated the 1st, 2nd, 4th, 5th, 6th, 8th, 9th and 10th amendments already so they may as well start in on the rest…
“Immunity from state scrutiny of petitioner’s membership lists is here so related to the right of petitioner’s members to pursue their lawful private interests privately and to associate freely with others in doing so as to come within the protection of the Fourteenth Amendment.”
— NAACP vs State of Alabama
Re: Re:
They arguably violated the third amendment when they forced companies to put computers into their data centers. What’s the seventh amendment say, I’m sure they are trying hard on that one as well.
Re: Re: Re:
The 7th amendment is right to trial by jury. So I guess they got rid of that one with gitmo.
Apparently ranked by unpopularity:
“444,743 e-mail address books from Yahoo, 105,068 from Hotmail, 82,857 from Facebook, 33,697 from Gmail and 22,881 from unspecified other providers,”
Think it’s clear that Yahoo followed by Microsoft are the most unpopular / most despised. SO what I surmise is that this “new” factoid is sheerly PR to create the illusion of distance between the spying mega-corporations and NSA, putting the most unfavored at top of list. There’s no other explanation given than similarly biased musing, so don’t claim that you know…
Mike pounces on and plays up: “suggests that earlier claims that the NSA had direct access to all their servers was mistaken” — when the only “evidence” here is another alleged Powerpoint slide. — But there IS more evidence so publicly available that don’t require proof: Google and the other mega-corps go on getting tens of billions every year, are effectively exempt from anti-trust, pay almost no taxes, billions kept offshore… The payoffs are indirect but can’t be much clearer that the mega-corporations ARE willingly going along with NSA. Pro-corporate Mike just refuses to see the BILLIONS — while clutches at one contrary Powerpoint slide.
Re: Apparently ranked by unpopularity:
You have never surmised something correctly in your life.
Re: Apparently ranked by unpopularity:
You and your Google bashing! Give it a rest.
Yahoo and Hotmail predate Gmail by 10 years! It stands to reason that they’d have significantly more accounts for the NSA to snoop into.
I may be reading this incorrectly...
But is this article suggesting that the fastest, easiest way to get my email removed from the NSA dragnet is to let a spambot take it over?
Re: I may be reading this incorrectly...
And we thought spam was trash…
Re: I may be reading this incorrectly...
Or you could have some fun sending spam to tons of people, in ways met to be as hilarious as possible.
Like for example, send all the women on your contact lists spam email selling them erectile dysfunction and male penis enhancement spam.
And send all the men emails telling them to lose weight with some expensive weight loss medication so they can all fit into their bikinis by spring! (I’ve seen spam viruses actually do this one when hijacking accounts where almost all the contacts are men)
Overseas surveillance: Obviously. Welcome to the 21st Century.
FUD or valid, there are endless incentives for every country on the planet to surveil every other country. That’s an ancient human problem. Humans don’t trust each other. We constantly have trust issues. So obviously the NSA is going to surveil everything it can lay its hands on, and have time to analyze, from outside the USA. Utter DUH Factor.
The problem is when the NSA destroys the 4th Amendment of the US Constitution. That’s not acceptable. Bullying the FISA courts is not acceptable. Treating US citizens as default criminals is not acceptable. Collecting ANY citizen surveillance data without probable cause is not acceptable. It is in fact treasonous behavior punishable by the severest penalty of law.
For review, the 4th Amendment to the US Constitution:
“The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.”
And directly quoting Benjamin Franklin:
“They who can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety.”
And directly quoting Theodore Roosevelt:
“To announce that there must be no criticism of the president, or that we are to stand by the president, right or wrong, is not only unpatriotic and servile, but is morally treasonable to the American public.”
IOW: It’s prosecution time, Bush, Obama, Republican, Democrat, off to prison and trial with you.
Re: Overseas surveillance: Obviously. Welcome to the 21st Century.
All servers are ‘overseas’ for us Brits. So all those taps GCHQ does for their NSA masters, are on Brits.
And surprise surprise, the ‘37000 selectors’ the NSA runs on that data? Well it was doing other things with the data, like grabbing all the address books, buddy lists, passwords, any keys it can on British data.
All helped by traitors in GCHQ and MI5 and a few in the Cabinet.
Thank you Snowden. It’s a pretty bleak world, and its clear we don’t have a free democracy in the UK, but at least we know where we stand now.
NSA as a target
Looks like NSA is becoming more and more attractive as a hacker target – one break-in and you get it all !!
The hits just keep coming
Just when you think you’ve seen it hit rock bottom, the NSA comes out looking even worse with the latest data dump. It’s a damned disgrace.
and regardless of what changes are made, if any, the NSA and all other security agencies will continue doing exactly what they have been doing up to now. if anyone was serious in sorting this mess out, they would have actually done something by now but not a single change has been made. the one thing that would have made a difference was stopped by a few totally uneducated and unconcerned Congress people. that was the one and only chance and it’s gone!
This is just infuriating. I use an Android phone, and sync my phone contacts with my Gmail account. Now the NSA might be hoovering my contact list (including unlisted and private numbers and email accounts) since I am a non-American. Gah!
Re: Re:
Don’t do that, then. You can use an Android phone without syncing any data to Google’s (or anyone else’s) servers at all. I highly recommend that you just store everything on the phone itself, and back up the data onto your desktop machine.
Now we know why they outlawed spam.
So how long before we find out that it’s not just metadata, not just your buddy list nor contact list but also the contents of every email.
Greenwald says he has some major blockbusters coming. I can not help but believe that is one of them. So far there is little they haven’t been into. I just can not see them leaving out the main purpose of sending an email if they are interested in who you talk to, for how long, where. Seems like stealing the bread and leaving the meat and that don’t sound right.
How long before real-time buddy lists?
Ok, so they can get this stuff from overseas, supposedly. Do you really want to believe this?
I mean, they’ve admitted to so much stuff being collected here, (with absolutely no apologies, either) and we just take it.
They’re lying-of course they’re taking it from domestic services-and anything you say can and will be used against you in a court of law, too.
Too bad nobody will ever be prosecuted for this and other crimes against the Constitution. Guess the DOJ has better things to do.
Why am I NOT surprised!
That being afflicted by a spambot would keep me off of the NSA’s “watch this dude” list… :rolleyes: