June 7, 2013

Google's official blog: "What the ...?"

"You may be aware of press reports alleging that Internet companies have joined a secret U.S. government program called PRISM to give the National Security Agency direct access to our servers...."
First, we have not joined any program that would give the U.S. government—or any other government—direct access to our servers. Indeed, the U.S. government does not have direct access or a “back door” to the information stored in our data centers. We had not heard of a program called PRISM until yesterday....
Hey! They sound like Obama... found out when they heard about it in the news, just like you....

AND: Here's Mark Zuckerman's official response at Facebook:
Facebook is not and has never been part of any program to give the US or any other government direct access to our servers. We have never received a blanket request or court order from any government agency asking for information or metadata in bulk, like the one Verizon reportedly received. And if we did, we would fight it aggressively. We hadn't even heard of PRISM before yesterday.
I was contemplating the possibility that PRISM is a fake, a decoy of some kind, but I see that government officials — in the opinion of the NYT — have admitted it exists:
Government officials defended the two surveillance initiatives as authorized under law, known to Congress and necessary to guard the country against terrorist threats...

In confirming its existence, officials said that the program, called Prism, is authorized under a foreign intelligence law that was recently renewed by Congress....

38 comments:

The Godfather said...

So two news sources, the WaPo and Guardian, have reported this program, in which Google and others are supposedly involved, and Google (and I think others) have denied it. If this had come out a month ago, the Google denial would have killed it. Now, I'm not so sure. We're being reminded that even paranoids have real enemies. Are you ready to play "Who Do You Trust?"

Crunchy Frog said...

They don't have direct access through a back door. Instead, they ask us for the information and we hand it to them through the front door.

Crunchy Frog said...

Actually, given how brilliant Google's own data mining is, it wouldn't surprise me if they were doing the grunt work themselves.

mrs whatsit said...

That slide show you posted about earlier -- supposedly a top secret product used to brief NSA analysts -- not only identifies Google as a "Prism provider," but states specifically that Google began providing information on 1/14/09. So, who's lying?

Mitchell the Bat said...

PRISM?

I'm disappointed they missed the opportunity to call it SPECTRE.

Bryan C said...

Of course, there's no reason anyone at Google would need know about this. At least no one we've ever heard of. That's the whole point of having back-door access.

lemondog said...

Dissecting Big Tech's Denial of Involvement in NSA's PRISM Spying Program

The similarity in all the statements is clear. All mention that they would only comply with orders for requests about access to information if forced to do so under the law and that they do not provide "back door" or "direct" access to their servers and to user account information.

Experts believe that commonality in statements could mean a few things. The first is that the companies simply can't talk about this to begin with.

"If these companies received an order under the FISA amendments act, they are forbidden by law from disclosing having received the order and disclosing any information about the order at all," Mark Rumold, staff attorney at the Electronic Frontier Foundation, told ABC News.



Elsewhere Zuckerberg says the report is OUTRAAAAGEOUS........ hehheheheheh

The Godfather said...

This was so much easier to deal with when Bush was President. Then we knew that anything the Administration did was wrong, and anything it was accused of doing it did.

Oso Negro said...

Fuck the little fuckers at Google, too.

garage mahal said...

The most agonizing part of working at PRISM must be knowing both ends of Craigslist missed connections, and not being able to say anything.

elkh1 said...

Disinformation from Google.

Will Schmidt deny that under oath?

Moose said...

All the internet companies named are releasing similar statements.

MayBee said...

Isn't there an ex Google in the Obama admin? Google has wiped stuff for Obama before, like the caches of the General Betrayus ad when Obama brought him into the admin.

These are all such Obama companies. Interesting Apple wasn't online until after Jobs died. It these slides are to be believed.

Ignorance is Bliss said...

The first rule of NSA's PRISM: Don't talk about NSA's PRISM.

The second rule of NSA's PRISM: Don't talk about NSA's PRISM.

SteveR said...

Google has no credibility regarding a privacy issue. None. Sell outs

Bill, Republic of Texas said...

Moose said...
All the internet companies named are releasing similar statements.

6/7/13, 5:46 PM

That is what makes me suspicious. I think they have been told (either by gov't or a group of themselves) what to say. It is designed to sound reassuring but in few months we'll know that there was not a "backdoor" but a "sidedoor" or some other bullshit.

MayBee said...

If they are complying with FISA orders they can't legally admit it. Do their statements work if they are legally complying with a secret court order? It seems like they do.

Bob said...

That word "direct" keeps appearing everywhere.

MayBee said...

Remember how quick Google was to lock down the gmail accounts of people who went to bat for Althouse a few years ago?

MayBee said...

Obama is at a fundraiser at the former News Corp. President Peter Chernin's house in Santa Monica tonight. Which is weird because Obama hates Fox, the whole James Rosen thing, and the New Corp spy thing in the UK.

edutcher said...

Are we talking the same Google that was working hand-in-glove with the Red Chinese government up to a couple of years ago?

You really want to buy that without some independent verification?

rehajm said...

Once plated golf with a software developer from Zurich. His company developed all the software for the Swiss banks. Swiss bank can't use software from the US, he said.

Rocketeer said...

Bob nailed it: Direct. DIRECT. "DIRECT."

That's a pretty big legal hatch to jump through when it comes out they were knowingly proving access, but it wasn't "direct."

Blue@9 said...

I dunno, I think they would have done the "decline to comment" if they were involved --nobody is required to lie.

Note that Google also denied "back doors" in addition to "direct" access.

It could well be that the NSA has tapped these companies without their knowledge.

sydney said...

I believe Lemondog more than I believe Google or our government.

Revenant said...

All of the companies involved are stating, as clearly as they are legally permitted to, that the NSA took their customer data.

They deny only the means by which the NSA got the data, and the particular means (giving the NSA server access) isn't the one any of them would have used anyway. When a third party wants your data you replicate it and give them the replica.

Mark said...

Well, yeah "direct" is a loophole you could drive the USS George H.W. Bush through, but consider another possibility:

The NSA was harvesting the data clandestinely.

They are a spy agency, after all. They'd have to be REAL good, because Google has great engineers, but it certainly isn't out of the question these days, is it?

Mark said...
This comment has been removed by the author.
Mark said...

Revanent, the problem the NSA would have in asking politely is that the request itself exposes information that the Administration might not want Google to have, because would they trust Google to not (knowingly or unknowingly) keep that information secure?

My guess is that Silicon Valley is suddenly a lot less Administration-friendly right now.

Dustin said...

There is something very Clintonian about the denials. They are all unnecessarily specific about what they are denying.

What if the servers are mirrored in real time to systems intended to facilitate this program. That seems like the best way to make this program work at all. In a common sense way, the government has direct access, but in a legalistic way, you could deny that.

Or who knows? I just don't trust any of these folks these days.

Revenant said...

Revanent, the problem the NSA would have in asking politely is that the request itself exposes information that the Administration might not want Google to have, because would they trust Google to not (knowingly or unknowingly) keep that information secure?

Anyone who revealed the information would be guilty of a felony. You can bet your ass they'd be prosecuted for it, too.

Besides, not that many people would need to be in the loop. If they do offsite backups of their data (which they undoubtedly do) all they need to do is give the NSA access to the facility handling the backups. Given that the federal government constantly requests data from Google and other internet companies that wouldn't raise any eyebrows.

Revenant said...

Also, Mark, you can't "clandestinely" harvest all of Facebook or Google's traffic information. We're talking about a mountain of data; the traffic caused by the data pull would itself trip alarms within the company.

If the NSA had the kind of capabilities you ascribe to them they wouldn't NEED data from Google and Facebook. :)

Mark said...

Rev, it's an engineering problem. Replicating between server farms means pushing those bits through physical media. If the data can be forked onto two paths then Google doesn't need to know the second data stream exists.

If the second streams exist (and I understand we're talking about webs of connections but again, No Such Agency, right?) then it's just a matter of hacking two encryption algorithms. And and has been pointed out, these are considered by the DoD as munitions, so if I were a total bastard working for NSA/DOD back when I would have made it a point to do what had to be done to have those algorithms in hand.

I seriously encourage anyone interested in thinking how this could work look into Google's AppEngine Datastore. It's brilliant and totally vulnerable to physical interception attacks. If their encryption were solid that wouldn't be an issue. But again, welcome to our glorious nanny state.

Mark said...

Too many programmers have never actually spliced two pieces of conducting material.

Mark said...

Anyone who revealed the information would be guilty of a felony.

Agreed. But Bradley Manning existed in the US military. Would a Bradley Manning be less likely to exist within Google?

Again, the point is the NSA would have damned good reason to fine a way to monitor Google's data storage secretly if it could. And it seems like they're gearing up for the world of tomorrow.

Revenant said...

Rev, it's an engineering problem. Replicating between server farms means pushing those bits through physical media. If the data can be forked onto two paths then Google doesn't need to know the second data stream exists.

You're ascribing magical powers to the NSA. Again, if they had those capabilities they wouldn't need to mine data from Google in the first place.

stlcdr said...

When one has limited resources, out of necessity, the most expedient and simple ways are chosen to get the job done. A National Security Agency with limited funds would have to be smart to do the job they are charged with.

With modern technology, and an ever increasing bucket of cash, any sort of 'smartness' goes out the window: a huge dragnet, based on information someone else has obtained and something will be found (a.k.a. if it saves one life...).

The very fact that such things are 'leaked' demonstrates a severe lack of intelligence in these so-called intelligence agencies. While there are some extremely competent foot-soldiers, the leadership is anything but.

The problem with this dragnet of information, there's going to be documented evidence of wide swaths of individuals and groups wanting to 'kill the president' or 'destroy the government'. And it will come as a surprise to the extent that such groups are branded as terrorist organizations (the current buzz-word). We have all seen such a report.

It's the combination of this lack of discernment in the government intelligence agencies, leaders that are highly partisan, access to large amounts of individual information, and a general populace that, on the whole, is passive and trained to listen to [government] talking points that is simply the recipe for a dictatorship.

tiger said...

The operative words in both those statements was 'direct access'.

I'm sure they were given indirect access.