[tekacs]

As much as it might feel nice to make suggestions such as this, it's probably worth remembering that this sort of data is probably gapped from the external network (no data flow outward).

If anybody knows (and has experience) well enough about keeping data safe (indeed through doing quite the opposite), it's these guys. Whilst it's well established that in software there's not much we can do to avoid bugs and other vulnerabilities, there's rather something to be said for practical operational security in making it almost impossible for data of this form (and especially volume) to be leaked - good luck trying to get data across an air gap or indeed something monitored physically to the extent that this all is.

(caveat: spies and other infiltrators would perhaps, in certain circumstances be in a position to leak this sort of stuff - there is only so much that can be done to avoid this, of course (oh - and also others on the inside willing to leak information))

[dkersten]

I used to work on anti-fraud software for SMS and we had VPN access to a lot of the installed hardware.

I'd be more worried about an employee leaking data. Most telcos have many many employees and a carefully planned leak would be difficult to detect and prevent. In one installation I was involved in, we had access to all SMS messages in the system, in realtime, before the recipients got them. It would have been pretty easy to copy them to a memory stick and then leak them sometime later.

[tekacs]

Compartmentalisation in intelligence is rather more established and effective than in private sector companies, to the best of my knowledge, though.

[zxcdw]

Just because it is possible to be very safe in theory and to some extent in practice doesn't mean that so will happen ifinitely from now on. People manage the data, people manage the access to the data and most importantly people make mistakes. Given that it is possible for the data to leak, there's a small probability for it happening, and thus it will happen eventually. Anything that can go wrong, will go wrong. Murphy's law.

Also it's not just NSA doing this. Maybe in the US, but I assume that in Europe there are many similar centralized government databases full of information about people. And Asia.

The point is, given enough time the shit will hit the fan somewhere. No matter what. Don't try to deny this.

[tekacs]

Oh I don't doubt that it will somewhere - this is a reminder that others aren't going to stop doing it, though and also that of all the places, the NSA seems like an unlikely source of such leaks.

Also, whilst they undoubtedly keep data around awhile, it's not kept indefinitely, surely - it has a shelf life after all. Whilst someone might get this stuff wrong in the future, again, surely that would come about most likely due to some discontinuity in this process (like if they were forced to stop awhile and then continued, losing operational details in the process).

[orofino]

So were the systems for managing the Natanz nuclear facility in Iran. The system can be compromised, given the proper will and facilities.

[tekacs]

Again, I don't doubt, but one has to ask whether the value of that data is in fact all that substantial to anyone of malicious intent - there would, I would think, be far, far easier ways to obtain that data and again, the volume of it here would likely preclude attempts to remove it wholesale - if someone wanted localised data, why not get it from the same (likely more vulnerable) source the NSA did?

Also once again, I would guess that those with intent to cause disruption, fear or harm (even dissent) would probably have an easier time of things a dozen other ways. In building secure systems, it's always worthwhile to gauge the value of some data to an attacker and the cost to them of obtaining it.