[FoRK] Specific System Architecture

Frank Bergman (fraber) fraber at fraber.de
Mon Jun 10 07:42:46 PDT 2013


> Any thoughts on the specific system architecture to 
> implement what's described here?

- The PRISM tuple-store ...
  http://en.wikipedia.org/wiki/Apache_Accumulo

- ... still provides some challenges...
  http://www.pdl.cmu.edu/SDI/2013/slides/big_graph_nsa_rd_2013_56002v1.pdf

- ... in the Bluffdale datacenter.
  http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/


1M square feed apparently hold a Yottabyte of data. 
You don't need that amount unless you want to store 
all data.

Anybody wonders why European and other "Rest of the 
World" businesses are "lagging" in public cloud 
adoption?

Cheers!
Frank

---

http://www.twitter.com/projop ... still :-)
http://www.facebook.com/projectopen.org ... deprecated




-----Original Message-----
From: fork-bounces at xent.com [mailto:fork-bounces at xent.com] On Behalf Of
Stephen Williams
Sent: Monday, June 10, 2013 2:06 AM
To: Friends of Rohit Khare
Subject: Re: [FoRK] Ok, what are they actually saying?

On 6/9/13 4:36 PM, Lucas Gonze wrote:
> I'm trying to parse this baroque language. What does it mean that 
> company systems don't offer a download feature, if they support FBI 
> computers on the premises that perform data export?
>
> Any thoughts on the specific system architecture to implement what's 
> described here?

One obvious interpretation is that the on-premise system is skimming and
decoding all traffic, via a mirror port on the switch for instance, building
its own local database that can then be remotely queried.  Allows huge local
bandwidth with minimal off-premise access by performing a distributed search
locally.  Not a bad tradeoff.  Probably a derivative of Room 641a.

Just don't lose that system or allow it to be hacked as it likely has some
interesting keys and technology.

The process described below seems to have actual cross checks and auditing
to guard against overreach and abuse, at least in obvious ways, which is
refreshing compared to the past.

>
>
>
> http://www.washingtonpost.com/world/national-security/us-company-offic
> ials-internet-surveillance-does-not-indiscriminately-mine-data/2013/06
> /08/5b3bb234-d07d-11e2-9f1a-1a7cdee20287_print.html
>
> According to a more precise description contained in a classified NSA 
> inspector general's report, also obtained by The Post, PRISM allows 
> "collection managers [to send] content tasking instructions directly 
> to equipment installed at company-controlled locations," rather than 
> directly to company servers. The companies cannot see the queries that 
> are sent from the NSA to the systems installed on their premises, 
> according to sources familiar with the PRISM process.
>
> Crucial aspects about the mechanisms of data transfer remain publicly 
> unknown. Several industry officials told The Post that the system 
> pushes requested data from company servers to classified computers at 
> FBI facilities at Quantico. The information is then shared with the 
> NSA or other authorized intelligence agencies.
>
> According to slides describing the mechanics of the system, PRISM 
> works as
> follows: NSA employees engage the system by typing queries from their 
> desks. For queries involving stored communications, the queries pass 
> first through the FBI's electronic communications surveillance unit, 
> which reviews the search terms to ensure there are no U.S. citizens 
> named as targets.
>
> That unit then sends the query to the FBI's data intercept technology 
> unit, which connects to equipment at the Internet company and passes 
> the results to the NSA.
>
> The system is most often used for e-mails, but it handles chat, video, 
> images, documents and other files as well.
>
> "The server is controlled by the FBI," an official with one of the 
> companies said. "We do not offer a download feature from our server."
>
> Another industry official said, "No one wants the bureau logging into 
> the company server."

sdw

_______________________________________________
FoRK mailing list
http://xent.com/mailman/listinfo/fork



More information about the FoRK mailing list