Tag Archives: Technology

How Does the NSA Do What it Does, and Why is it Worrisome?

By now, everyone has heard of Edward Snowden, the NSA (the National Security Agency), and the many (classified) documents that Snowden leaked to the American public about some of the NSA’s secret surveillance programs. Yet another recent article by The Washington Post (“NSA infiltrates links to Yahoo, Google data centers worldwide, Snowden documents say“)  portrays how complicated the NSA’s programs actually, and how much data they are indiscriminately monitoring from around the world.

Last October, I had a friend make the following comment: I understand how it’s a clear violation of the 4th, but I’m fuzzy on what exactly they’re doing and how.

In this blog post, I will attempt to address this confusion, explain why this is (legally) possible, but also explain why the facts in this particular Washington Post article are so disturbing.

The NSA has built relationships with governments and organizations worldwide that allow them to place internet monitoring equipment worldwide, outside of US territory.

So how does this allow the NSA to monitor emails and other internet data coming from the States? As explained in the Washington Post article, giant tech companies like Google and Facebook process massive amounts of data throughout their numerous data centers. They routinely backup this data to other data centers, sometimes to ones that are located outside of the US.

Even companies the size of Google and Facebook don’t maintain 100% of their own network connections – the physical cables connecting their data centers on different continents – and so they rely on the huge telecommunication and ISP companies that provide those services.

If the NSA is able to control (or at least monitor) the internet hardware operated by these ISPs that provide the corporations’ ability to exchange data between their data centers, then this constitutes as a classic attempt at a “man-in-the-middle” attack. The only problem left to solve for the NSA, then, would be to break the encryption (something that is often times more easily done than you would think).

The vision of the NSA is “Global Cryptologic Dominance through Responsive Presence and Network Advantage” (C/F http://www.nsa.gov/about/values/index.shtml). The NSA argues that monitoring internet traffic is necessary because it allows them to search for keywords and keep tabs on known terrorists.

On the other hand, millions of Americans’ data is intercepted and automatically processed through filters – without a search warrant, which many argue is a clear violation of the 4th Amendment (search and seizure only with probable cause and with a search warrant).

By monitoring hardware outside of US jurisdiction, the NSA argues, it is legal for them to monitor all of the internet traffic that flows through those devices – regardless of where that data is coming from. The argument is that there is reasonable doubt the data they are monitoring is tied to an American, because it isn’t on American soil.

Another way the NSA is able to monitor Americans’ internet and phone communications is that often times, technically, they don’t. Instead, they ask their counterparts in different countries (such as the Government Communications Headquarters – GCHQ – in Britain) to do the dirty work. That way, the NSA can argue that they aren’t actually the ones doing the monitoring.

In essence, the NSA has built a massive world-wide surveillance system and maintains close ties with similar organizations from other countries to exchange information and broaden their ability to monitor traffic.

Why is this worrisome? After all, the majority of Americans simply don’t care – or do they?

Very rarely will an American have something to hide, and be negatively affected by the NSA’s monitoring program. However, as an IT professional and security guy, I argue this is worrisome because of two main reasons:

  1. If the data exists, it is vulnerable.
  2. If the potential for abuse is present, there is always potential for abuse!

First, if the data exists, it is vulnerable.

The very fact that the NSA is storing huge amounts of data (often times personal data on individuals) raises a security and privacy concern. Perhaps the NSA has the best of intentions, and will always work to keep that data safe. But as I’ve written several times on the Develop CENTS blog, data that is stored on any computer system is never 100% safe. There’s an old saying among IT professionals: A truly secure computer is turned off, unplugged, encased in concrete, buried 5 feet deep, and guarded 24/7. The point? Hackers know this truth, and, now that they know where so much data is stored, they just have to figure out a way to get to the data.

No system is completely secure, and that goes for the NSA’s computer system and network.

Secondly, if the potential for abuse is present, there is the potential for abuse!

No individual, system of government, or entity is infallible, and this is true for achieving one’s own ambitions. The very fact that the NSA stores (and monitors) so much data about American citizens is worrisome, because that data could be used for nefarious ends.

Take the example of Edward Snowden. Here was a dude working for the NSA that obviously had access to a lot of classified information. If he had wanted to, he could have kept quiet and sold the data on the black market or to other countries. He didn’t. Instead, many argue that he has provided a very big, very good, public act of service.

But the question remains: What if he HAD used this data (or other data that hasn’t been released on individuals) for nefarious purposes? The security situation in the United States could have been a lot worse than it is.

Another potential for abuse comes from the U.S. government itself. What if a department, branch of government, the White House administration, or even an individual in the higher ranks of government wanted certain information on an individual – or a group of people? The reasoning could be anything, such as learning business trade secrets or getting ahead in a political campaign.

Remember, if the data exists, it is vulnerable. Someone has access to that data, or could illegally gain access to that data. There is, and always will be, the potential for abuse.

What are your questions? Do you have any comments? Leave them below, or contact me!

Filled With Awesome Wonder (And Excitement)

It’s 3am on January 1st, 2013. I just spent over 1 & 1/2 hours writing this blog post. I was planning on spending part of the night (after New Year’s celebrations) working on configuring a new a new server (yes, I’m a geek 24/7). I won’t go into all the details, but if you’re also a geek and curious, then here’s the summary: I’m building a new Postfix + Dovecot server. Postfix is done and working, but I’m still working out a few bugs with Dovecot. I’ll get around to (finishing) the configuration of this Dovecot server, but this blog post isn’t supposed to be geek-related at all.

This will be more personal. This post originally started out as a short Facebook status, and then it turned into a Facebook note. But now as I’ve continued to write, it has turned into this blog post of over 1,000 words!

I was listening to some worship music (specifically the CD Songs 4 Worship Ultimate) and thinking about all of the different interests and passions that seem to pull me in (what I feel are) completely different directions and feeling a bit confused, as I’ve felt for a while, in a number of areas.

As the CD was playing on my iPhone, I pulled out the devotional “Daily Light” and the first verse for January 1 is  also one of my longtime favorite verses, and was exactly what I needed to read tonight (morning now): Philippines 3:13-14, “But one thing I do: forgetting what lies behind, and straining toward what is ahead, I press on toward the goal for the prize of the upward call of God in Christ Jesus.”

Each time a new song came on this CD, I’ve been renewed this evening (morning, now) a little bit more. I’ve also been closely following the Tweets that people are tweeting from the triennial Urbana (Student Missions) conference for the last few days, and as it has wrapped up tonight in St. Louis. (Urbana is an international missions conference, made up primarily of students, that meets every 3 years the week between Christmas and New Year’s, in St. Louis, MO. I’ve never been to the conference, but heard about it from a good friend of mine when she and I worked together in Boston in 2009-2010).

Sometimes, I feel that I have two incompatible interests (technology and community development). On the one hand, I’m a geek, I know server administration,  I know Linux, and I find myself in front of a computer more often than not. On the other hand, I love to travel, I love different cultures (and the study of different cultures and cross-cultural communication). I strongly desire to build long-term relationships with residents AND those who “doing” development and missions in developing countries.

As many of my readers know, I am working very, very hard to launch my own business. Develop CENTS will very soon be launched into a full time venture.  2013 is going to be a very interesting and exciting year. As some of my close friends know, I will be shortly leaving my current full-time employment to attempt this launch into a full time venture. Develop CENTS exists to provide affordable technology consulting services to nonprofit organizations transforming underdeveloped communities worldwide, and to provide technology education and jobs to members of communities in which these NGOs work. The mission and vision of Develop CENTS meshes with the interests I have, which I outlined earlier.

However, sometimes I feel like I’m spinning my wheels. One of my biggest fears in launching Develop CENTS has been that I would “get stuck” behind a computer 8 hours a day. While computers and technology are a big passion of mine, they are not my deepest passion, nor can they fulfill me. My deepest desire is to help people all over the world, both in developing countries and in developed countries, in two areas:

  1. The first desire I have is to help people meet the same Lord & Savior that I have been given the grace to know. I believe in the God described in the Bible. I believe that he is a loving and everlasting God. I believe that I – and everyone else in this world – are messed up (“sinners”). I believe that one day, by God’s grace, through faith and not through any other works of my own, I will spend eternity with my Creator. And I firmly believe that anyone’s decision to make that faith their own is the most important decision that person can ever make. The alternative is not pleasant. However, while I believe God is sovereign over all, I also believe that God has given us free will and will not force this decision on anyone.
  2. The second desire I have is to help people become empowered so that they can support themselves. I firmly believe that there are ways we can help people (the materially poor), but I also firmly believe that there are ways that Outsiders try to help “Insiders” (the “poor”) that actually do more harm than good. I believe that anyone who seek to do “missions” or “community development” work have a responsibility not to do more harm than good. (I studied “Community Development” for my B.A. in college at Covenant College. Two of my professors, who also work for the Chalmers Center have written a book called When Helping Hurts. If what I’m writing resonates with you, and you haven’t read this book, then go read it).

But I know that it is not true I will sit behind a computer 100% of my time, and become a recluse. I have a vision to partner with Community Development and Missions organizations worldwide, and build lasting relationships. I have a vision to work with people. I firmly believe that technology is a means to an end, and not an end in and of itself.

I firmly believe that Develop CENTS can and will help nonprofits worldwide. I am very, very excited to see that happen, and to see my desires and passions flow through the business model. The road may be hard and possibly lonely at times.

But for now, my Lord is saying to me “This is the way: Walk in it.”

With excitement, I start 2013, and I greatly look forward to seeing the ways in which my passion for missions, community development, and technology will mesh.

Happy New Years!