Hacker News new | ask | show | jobs
by docPangloss 2071 days ago
I referenced PRISM in a comment to a recent Apple article on HN a couple of days ago. It triggered HN and Apple fans and the comment ultimately got shadow-banned by moderators.[1]

Anyway, it’s astonishing that so many people willfully continue to use products/services offered by the core companies that are members of PRISM surveillance. Members provide access to ALL user data/information to NSA et al. Here are some technology/telecom company members (and approx. date joined):

* Microsoft (2007)

* Yahoo! (2008)

* Facebook (2009)

* Google (2009) / YouTube (2010)

* Apple (2012)

* Dropbox (tbd)

* Verizon (and probably T-Mobile/Sprint, AT&T, etc.)

These member companies are effectively an extension of three letter agencies (intel) and are above the law.

A dozen+ countries participate in PRISM, too.[2]

Want to Break Out of the PRISM? It’s relatively easy. The nonprofit Prism-Break provides people a path to get started.[3]

Resources/Notes:

[1] https://news.ycombinator.com/item?id=24738743

[2] https://en.wikipedia.org/wiki/PRISM_(surveillance_program)#C...

[3] https://prism-break.org/en/
4 comments
zepto 2071 days ago
The problem is that what you are saying is false, and the links you provide don’t back up your assertion in the slightest.

Perhaps some of these companies ‘joined’ prism willingly, but Google and Apple both deny having done so.

The dates you quote are from slides indicating when prism started to acquire data from these companies. They have nothing to do with membership or joining.

Data was obtained from these companies without their particpation, and they have taken measures to harden their systems since this was made public, for example in Google’s case prism obtained data by intercepting their underground fiber optic cables. Data was previously sent unencrypted between data centers along these, but after the intrusion was discovered, Google moved to encrypting this traffic.

If you can find evidence that either of these companies willingly became members of prism, then please present it.

Otherwise, you are repeating false claims.

link
lawnchair_larry 2071 days ago
You are correct that parent is wrong (and horribly wrong, to the point of downright fabrication beyond anything Snowden has ever said), but actually you are also wrong. Under PRISM, data cannot be taken without participation. The simple reason for that is that “participation in PRISM” more or less means you respond to court orders.

You are confusing it with other programs. The one you are referring to was reported as a joint operation with GCHQ called MUSCULAR.

Google and Apple’s denials of PRISM participation are kind of semantic. One, they do not refer to it by any NSA codename, so they can truthfully say they don’t participate in something called PRISM, whatever PRISM supposedly is. Second, PRISM was incorrectly described as direct server access without approval. Both companies can truthfully claim that they do not participate in such a program, whether that program is PRISM or not. The truth is that they do “participate”, but that isn’t what PRISM actually enables.

That’s the best denial they can give due to the nature of the gag order.

From trumancenter.org:

If the NSA’s descriptions are accurate, the NSA’s PRISM program allows them to seek electronic data on non-U.S. Persons under FISA warrants applied to foreign electronic traffic travelling through U.S. servers with filters and controls to prohibit use of data of U.S. Persons that may get caught up in the dragnet. The expressly prohibits the use of FISA warrants toward U.S. Persons, but it is not as clear as to what happens to data on U.S. Persons that get picked up in large dragnets aimed at non-U.S. Persons. Much of the accuracy of claims depend on the certified disclosures to Congress by the Attorney General that such safeguards exist and are in place.

So, “participation” means you respond to FISA warrants, which isn’t optional.

link
zepto 2071 days ago
I’m not wrong.

We know they respond to fisa warrants. Nobody claims otherwise.

But - also know from Snowden we know that that PRISM is not just an aggregation of responses to fisa warrants.

PRISM also involved intercepting Google’s bulk traffic from their fiber without Google’s knowledge, and various other kind of interception.

If you equate PRISM with aggregating fisa warrants responses, then what you say is true.

However it is not actually accurate to make that equation.

And even if court ordered data was aggregated as part of PRISM, that doesn’t constitute ‘participating’ in PRISM in any by the most semantically stretched way, since they didn’t know about it.

If you are going to argue like this, you may as well say that the end users ‘participated’ in prism, by giving their data to these companies. In a way that’s true.

But it’s not true in the common understanding of what it means to participate.

link
lawnchair_larry 2070 days ago
No, that’s not correct. As I said, that was MUSCULAR, not PRISM.

The interception against US companies like Google was not done in the US, and there is a good reason for that. You are mixing up different programs.

Feel free to dig up the original reporting. They were distinct programs. PRISM requests are serviced by the provider and go through the FBI.

https://en.m.wikipedia.org/wiki/MUSCULAR_(surveillance_progr...

link
zepto 2070 days ago
I stand corrected.
link
lawnchair_larry 2069 days ago
Thanks, nobody ever owns it after digging in ;)

This is what I meant by quasi-voluntary. They were not oblivious and hacked without their knowledge (under PRISM, that is - they were other ways), but they didn’t exactly have a choice.

link
ksk 2071 days ago
I think you're correct in general (in terms of standards of evidence), but if we are to accept Google's claims at face value, then why would you not also accept the leaked emails as evidence of collaboration?

Specifically, this[1] email exchange:

NSA Director (Keith Alexander) to Google's CEO :-

"It was good seeing you recently after the meeting earlier this month"

"Google’s participation in refinement, engineering and deployment of the solutions will be essential."

Make of that what you will..

[1] : https://www.huffpost.com/entry/nsa-google_n_5273437

link
zepto 2071 days ago
They are evidence of some kind of collaboration.

The problem is that evidence of collaboration doesn’t substantiate anything at all about participation in prism or any other illegal or underhanded scheme.

We know that Google does have portals to service lawful government information requests.

It’s also entirely possible that Google participated in some kind of analytics development based on their web indexing and nothing to do with private user data.

Either of these would be at least plausible explanations for these comments as “they joined prism and handed over all data to the NSA”.

Innuendo is not evidence.

link
ksk 2071 days ago
I guess we'll have to wait for another leak to get confirmation on the exact nature of the relationship.
link
zepto 2071 days ago
Absolutely.

But until we do, there is no evidence to support these claims.

link
aborsy 2071 days ago
But the NSA doesn’t need willingness.

If you operate in the United States, you must obey the US laws, among which are the espionage programs (claimed to be national security measures).

link
zepto 2071 days ago
Sure, but that’s irrelevant.

Not only do we not have evidence of willingness. We don’t have evidence they even knowingly participated, whether willing or not.

link
fsflover 2071 days ago
> Perhaps some of these companies ‘joined’ prism willingly, but Google and Apple both deny having done so.

And you of course trust them.

link
zepto 2071 days ago
No, but not trusting them doesn’t mean that I accept any old bullshit people want to say about them without supporting evidence.
link
fsflover 2071 days ago
Practically everything that Snowden leaked turned out to be true. I would not call that bullshit.
link
zepto 2071 days ago
I am not calling Snowden’s leaks bullshit either.

Nothing Snowden leaked actually corroborates DocPangloss’s claims.

Snowden showed that these orgs were compromised by prism, not that they willingly joined.

That’s the point.

link
fsflover 2071 days ago
> Snowden showed that these orgs were compromised by prism, not that they willingly joined.

Not true. Snowden showed that Apple and Google were "commercial partners" with PRISM: https://en.wikipedia.org/wiki/Global_surveillance_disclosure....

link
mikestew 2071 days ago
It triggered HN and Apple fans and the comment ultimately got shadow-banned by moderators.

No, the moderators appear to have done no such thing. But with that opening sentence, and closing with the equivalent of "wake up, sheeple!", I can see why it got downvoted to a light gray.

link
saagarjha 2071 days ago
> triggered HN and Apple fans

This is generally not the best way to garner sympathy for your comment.

link
meowface 2071 days ago
>it’s astonishing that so many people willfully continue to use products/services offered by the core companies that are members of PRISM surveillance

I don't think it's practical to expect either ordinary consumers or tech-savvy people to completely avoid all use of any Microsoft, Facebook, Yahoo, Google, YouTube, Apple, Dropbox, or Verizon/T-Mobile/Sprint/AT&T product or service, or to use Tor or I2P 24/7 as that website seems to suggest.

In how many cases were those companies essentially forced or heavily pressured to participate?

link