Hacker News new | ask | show | jobs
by aleqs 7 hours ago
Yeah... NSA literally has MITM proxies/interception of any traffic they want inside every major US tech company (based on my reading/following of Snowden leaks and others). Anthropic wouldn't be able to exist without implicit NSA approval. This article reads more like a marketing piece for Anthropic/Mythos... and ends by talking about how much NSA wants Anthropic models.

Propaganda.
5 comments
strictnein 6 hours ago
> NSA literally has MITM proxies/interception of any traffic they want inside every major US tech company

No, they don't.

link
ai_critic 6 hours ago
https://blog.encrypt.me/2013/11/05/ssl-added-and-removed-her...

https://en.wikipedia.org/wiki/Room_641A

Yeah, they did (and probably do).

link
distill17801 3 hours ago
I recall having a nuclear meltdown personally when I heard about all of this in the mid aughts. Nobody cared. Nobody understands this today. Everyone just complains about the Donald, but I point to this, and they don't realize the connection.
link
parineum 6 hours ago
How are they going to MITM communications with certs that never left my machine?

Are you suggesting they broke TLS or that they've somehow acquired every private cert generated?

link
aleqs 6 hours ago
You just intercept the traffic after its decrypted on the server side, or are you suggesting you somehow send encrypted traffic that never gets decrypted?
link
ceejayoz 4 hours ago
How closely have you reviewed your browser's list of default trusted CAs?
link
distill17801 3 hours ago
I second this: HTTPS (as most consumers use it) is probably a front (who are these CA's really anyway?)

Plot twist: _Perhaps_ Mythos / Fable keeps explaining ways (that we can't comprehend or don't always work) to break HTTPS due to the three letter agencies making sure they had input on their creation (and thus backdoors, I mean "bugs"), so the real catastrophe they are hiding is that HTTPS is broken (for most people, most of the time.)

Remember when Quantum computing was the threat to HTTPS? Turns out it was the humans own inability to think outside of the box!

link
ceejayoz 2 hours ago
I wouldn't go that far. I remember https://en.wikipedia.org/wiki/Firesheep - HTTPS-everywhere was unambiguously an improvement over the status quo.

It just doesn't protect you all that well from nation-scale adversaries.

link
distill17801 2 hours ago
> How are they going to MITM communications with certs that never left my machine?

The long game. They:

- make sure you wouldn't be in a position to need to transmit data anywhere that would receive it without CA's in their hypothetical pocket

- manage the evolution of the cloud industry to make sure portable VM's and Containers can have their data archived (both in-RAM, disk, hey just send us the running VM!)

- backdoor'd encryption algorithms from the design and implementation phase to ensure a global unlocking mechanism for any data encrypted by anybody who used a large class of extremely commonly available software

So, you run your own private bank in a cloud VM with tenant managed keys? They backdoor'd the encryption algorithm your cloud VM disk relies on, because they blackmailed one of the developers at the company who developed the hypervisor system used by your provider. Open source project? Perfect. (If you think this is nonsense, then remember the rapid discovery of ancient "bugs" causing all this drama to begin with.)

Your TLS privately generated certs that are 100% foolproof aren't actually used anywhere encrypting the data they want, because it's either worthless, or, available elsewhere perhaps at a different (or same) time.

link
vintermann 6 hours ago
It's back to the question of how much you should give the benefit of doubt to powerful people who openly lie.
link
strictnein 6 hours ago
It's just not technically feasible, so there's nothing to lie about. They're not MITMing petabytes/sec across dozens (hundreds?) of companies and they haven't broken TLS1.3.

If I have a box at Digital Ocean and I'm communicating with it with TLS1.3 using a Let's Encrypt cert that I generated, where, exactly, does this magical MITM box come into play?

link
drdexebtjl 6 hours ago
That "box" is a virtual machine, no?

Do you know what hypervisor is managing it? :)

link
strictnein 14 minutes ago
So now this magical NSA decryption system is inside every hypervisor? You realize how ridiculous that is, right?
link
chews 6 hours ago
... not your machines, not your crypto...
link
aleqs 6 hours ago
Of course it's feasible, you just intercept the traffic post-decryption on the cloud/server side. You don't control how/where your traffic to 3p cloud services is decrypted.
link
kelnos 4 hours ago
You keep saying this, but it's nonsensical. If I terminate TLS on the box that does processing, there's nothing to intercept.

And these days (especially post-Snowden), many (most?) companies encrypt data when sending between servers within their own (private network) infrastructure.

link
aleqs 3 hours ago
You have no control about where TLS is terminated when you're talking to a 3p cloud service (with services you don't control/run like cloud LLM APIs). You also have no control about what spyware is installed on/around VMs you rent (and there's a lot). Also when talking about encryption between servers within datacenters you seem to be missing that in order for such multi -stage/path encryption (separate certs/keys) to be possible the data first has to be decrypted at each point, not to mention every major US tech company generally cooperates with the NSA and gives them access to anything they request (including allowing the installation of dedicated hardware to intercept decrypted traffic as has been publicly exposed documented many times already).

Yours and others' claims that it's impossible and nonsensical is based on lack of understanding.

Yours and others' claims that things somehow got better after Snowden is just a completely baseless statement - if you actually looked into what happened post-Snowden - absolutely nothing was done to prevent NSA spying on any communications they want, in fact it got significantly worse.

link
distill17801 2 hours ago
It's generally accepted fact that the NSA broke HTTPS, for some of the time, for some of the services. It's unclear what they do have, but you'd be naive to assume consumer HTTPS is keeping them out.

It's too complicated. Do you know everything about CA, SSL, HTTPS, and so on? You make $250k a year working on it? Do you _really_, _really_, know everything? Then you're fired because you're lying to yourself, so you're probably unbearable to work with.

We were all freaking out about this with AT&T Thing nearly twenty years ago: and when nobody cared (Bush ran two terms! it helped to pretend AT&T was the only one affected), it gave "them" implicit permission to do it again with Google / Yahoo thing (it helped to pretend those were the only two cloud providers affected) ten years ago.

Now, we're all pretending that capitalism is real, and that the three letter agencies are just sittin' on the sidelines, while the world's largest data archiving opportunity is happening voluntarily (some are even PAYING for it!), at some wild-growth companies (with leaders who have too much to lose), who also have existed for just a few years? A 5 year old could probably blackmail Sam Altman, what about all the other middle management? The individual contributors (if they still exist) are of no concern: work is a commodity, it's easy to silo a worker's knowledge.

Surveillance opportunity is 10x social media from last decade, because they still have social media, and now, they've began thinking for people. How easy when it is an app on your smartphone. Those mind control experiments back in the 60's with Acid are looking silly by now. Besides, how do you know that the response you're getting wasn't manipulated (and define 'manipulated' across a spectrum of training to nefarious actors impersonating models, by power of court order.)

If you think all of that is unfounded ridiculous blasphemy, let me distract you with this instead: if the AI bubble bursts, the compute will be repurposed for mass AI / ML driven CCTV surveillance. Hell, maybe they'll find a way to give you a tax break if you sell your CCTV footage.

"NSA literally has MITM proxies/interception of any traffic they want inside every major US tech company" even if this statement is an exaggeration, by playing the long game, they get themselves setup to access what they want in the future.

I'm not for or against, but I do live in a safe place thanks to such surveillance (generally in the USA), and I want you to know that this AI Thing is only the latest chapter in the intelligence story.

link
strictnein 10 minutes ago
What does it mean to "break HTTPS"? There's no such thing as "consumer HTTPS".

As for the rest of this... how many conspiracy theories are you trying to pack into a statement?

> "even if this statement is an exaggeration"

It's not an exaggeration, it is simply false.

link
distill17801 3 hours ago
Propaganda indeed: my instinct says we are being lied to about how three letter agencies and military are paying for services. They give us a PR front that Uncle Sam is a regular paying customer just like you and me, but they're probably running the show: this is the largest data gathering operation since 9/11.

Sorry everyone: but the conspiracy is so obviously not, it's nauseating to admit, because you see all your friends, family and co workers dumping so much everyday data into these services.

link
yard2010 6 hours ago
Please provide sources for such bold claims
link
aleqs 6 hours ago
https://en.wikipedia.org/wiki/PRISM

https://www.wired.com/2013/10/nsa-hacked-yahoo-google-cables...

https://www.eff.org/nsa-spying

link
schoen 5 hours ago
I worked on these cases at EFF and I'm skeptical of the automatic "NSA has access to everything" intuition.

What we learned from that era includes things like

(1) spy agencies are incredibly aggressive and pursue tons of different angles to get access to things

(2) spy agencies have a lot of money

(3) spy agencies often have interpretations of law that would surprise the public or legal experts (and sometimes courts have issued sealed rulings permitting them to do things that surprise the public or legal experts later when they're unsealed)

(4) some people throughout different parts of society assume culturally that companies in a country "should" generally help the spy agencies of that country's government because they are the "good guys" or "on the same team" or whatever

These things are all pretty bad and scary, but they still don't imply absolutely infinite power or access, because all of them come with different kinds of pushback. People also just tell them no!

I want to write an article with a colleague about the continuing role of culture here, because I think there are companies or industries where the default reaction is to want to cooperate with the government, and others where the default reaction is not that.

There are certainly secret things that have never come out, e.g. whatever Senator Wyden keeps alluding to, and what kind of program or authority was behind the interception of hardware shipments to covertly tamper with them, and whether there is a bulk financial data interception program, and presumably lots of other stuff. I don't agree with these things, and I want them to be exposed and stopped, and I also don't think they constitute infinite power over all parts of the tech industry.

link
micromacrofoot 6 hours ago
the NSA isn't a bunch of super soldiers, they're cops with too much access, it doesn't take a genius to outsmart a cop
link
john_strinlai 5 hours ago
>they're cops with too much access, it doesn't take a genius to outsmart a cop

the nsa has an unlimited budget and spend a good portion of that budget recruiting some of the smartest people in the country. while they dont have super powers, they also arent the town cop who took a 6 month course after high school then joined the force.

it does no good to hold them up as mythical figures. it also does no good to pretend they are bumbling idiots.

(every math phd i am acquainted with has been approached by nsa recruiters. none of them have been approached by police agencies.)

link
kelnos 4 hours ago
> the nsa has an unlimited budget

No they don't, and if you're going to try to argue something with that as your opener, it very easily casts large amounts of skepticism on whatever you are about to say.

Perhaps you're exaggerating for effect, but that also undermines your point.

link
john_strinlai 3 hours ago
>No they don't, and if you're going to try to argue something with that as your opener, it very easily casts large amounts of skepticism on whatever you are about to say.

if you read my comment like we're having a normal conversation instead of a thesis defense, you'll get my point just fine.

link
schoen 5 hours ago
I appreciate the balance here.

Some of the smartest people I know have worked on fighting NSA, but they had a drastically smaller budget than NSA itself, and the mental availability bias is skewed by the fact that the "fighting NSA" people talked about their work all the time, while the "being NSA" people generally didn't.

I do know one extremely smart person who went to work there, and I witnessed a failed recruitment of another extremely smart person.

link
micromacrofoot 5 hours ago
> every math phd i am acquainted with has been approached by nsa recruiters.

how many of them took them up on the offer, and how many are in leadership roles?

it takes a very narrow range of personality to want to be a cop, which at the end of the day is a government job... the only people they make rich are contractors

I'm not saying there aren't smart people working there but it's ridiculous to assume they have an iron grasp on all communication from the top tech companies in the world, while also monitoring half the world's governments... they just don't

link
john_strinlai 5 hours ago
>how many of them took them up on the offer, and how many are in leadership roles?

this is not really relevant to the point, but to satisfy your curiosity: more than one, and one.

>it takes a very narrow range of personality to want to be a cop

the nsa's brightest aren't doing "cop" things. certainly none of the people i know of working there are "cop-minded" in any sense.

they are doing cool research and application things. otherwise they wouldn't be able to entice the phds to stick around. these are people that want to work at the forefront of their field, doing interesting work, and the nsa is one avenue of doing that (with good job security, benefits, etc.).

>it's ridiculous to assume they have an iron grasp on all communication from the top tech companies in the world, while also monitoring half the world's governments

we agree here. they are certainly doing "HNDL" (harvest now, decrypt later) at a very large scale. but obviously they are not able to collect and store every piece of communication at every tech company over years and years. (the intelligence community comprehensive national cybersecurity initiative data center is large, but not that large)

link
kelnos 4 hours ago
> this is not really relevant to the point, but to satisfy your curiosity: more than one, and one.

What? That's not only relevant to the point, it's incredibly relevant. If the NSA is only able to recruit 2% of the math PhDs they approach, then that's important information.

"More than one" is not particularly useful; you seem to be dodging the question because it undermines your argument.

link
john_strinlai 3 hours ago
>"More than one" is not particularly useful;

telling you exactly how many people i know in the NSA is also not particularly useful. i'm one guy. there is no statistically significant information from my answer.

>you seem to be dodging the question because it undermines your argument.

my "argument" is that there are plenty of smart people in the NSA. that's it. i am confused why that is seemingly so offensive to you that you had to reply twice.

link
micromacrofoot 4 hours ago
all the people working at the cop agency hope they're not doing cop shit, but it's the whole reason the agency exists
link
TimorousBestie 5 hours ago
> how many of them took them up on the offer, and how many are in leadership roles?

In my cohort? Several, and who knows? The recruitment effort is very visible and intense.

The US math phd market has been a slow-rolling disaster for over a decade. Everyone who can hack it outside the ivory tower is actively looking for the exits.

So why is it surprising that some of them go to work at the NSA?

> it takes a very narrow range of personality to want to be a cop, which at the end of the day is a government job... the only people they make rich are contractors

I don’t think you have context on what math phds are making in entry level positions, post-docs, or adjuncting. I just picked a random entry level NSA role on LinkedIn (doctorate + 0 yrs) and they’re offering solid six digits. There are tenured faculty (post-doc(s) + 5ish yrs) who don’t make that.

link
distill17801 2 hours ago
Please show me a photo of an NSA car with a light bar on it. They're not cops.
link
chinathrow 7 hours ago
> Propaganda

IPO incoming.

link