Hacker News new | past | comments | ask | show | jobs | submit login

> My suspicion is that this is a particularly USAian myopia, which does not bode well for the NSA.

I am telling you literally like it is. Whether or not you want the Fourth Amendment to apply outside of the U.S. (keeping in mind that amendment is the only part of U.S. constitutional law restricting electronic surveillance by the U.S. government anywhere in the world), the fact is that legally speaking it doesn't. I'm not telling you how the world should be here, I'm telling you how it actually is.

This is not specific to the U.S. though. Does Germany have constitutional laws forbidding them to collect intelligence from networks in France?




> Whether or not you want the Fourth Amendment to apply outside

Now you have changed the subject. The original assertion was that it was "easier" for the NSA to collect bulk data outside of the USA. If the 4th amendment was the only factor then it might be so. My point was that the 4th is not the only factor.

For another example of this, how seriously would someone like Lavabit take a US court order to hand over keys and shut up if they were based in Reykjavík?


> Except that legally speaking bulk collection is even easier

Did you miss the "legally speaking" in my original sentence before you accused me of changing the subject?


I did actually miss that, and the purely legal aspect of it is not the whole and interesting picture. But I don't think that it makes a difference.

TAO (I.e computer network exploitation) may be easier if you possess a legal/ethical framework whereby allied counties are free-fire zones; at least up to the point when they're no longer allied.

But bulk data collection is not TAO. As far as I can see, it relies on firstly on physical access to network infrastructure, so you can put a secret room at the Phone company or copy off the network traffic off the undersea cable as it lands. This is legally easier in your own country.

Secondly it relies on legal authority over companies. US agents arrived at lavabit with a US court order to hand over the crypto keys and tell no-one. How would that play for a company based in Reykjavik? I expect that after the laughter and blog posts, a bit like this: http://www.infosecurity-magazine.com/view/30559/iceland-expe...


> But bulk data collection is not TAO.

Except, of course, when TAO allows you access to data in bulk. That was my whole point, and if you guys keep conflating legal jurisdiction, technical capabilities, and scope of effect with each other then you'll have only yourself to blame when you get outwitted and your data ends up in a database with ALLCAPS naming conventions. :P


> when TAO allows you access to data in bulk

You should write an article about that, I do like to learn more. So long as it doesn't consist of "lol you got outwitted :P" style taunting.

Interesting how your loyalties are expressed in that comment. BTW, based on your other comments, what exactly do you do "in the military" ?




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: