HomeLatest ThreadsGreatest ThreadsForums & GroupsMy SubscriptionsMy Posts
DU Home » Latest Threads » Forums & Groups » Main » General Discussion (Forum) » What Your Email Metadata ...

Thu Jun 27, 2013, 04:45 PM

What Your Email Metadata Told the NSA About You (The AtlanticWire)

President Obama said "nobody is listening to your telephone calls," even though the National Security Agency could actually track you from cellphone metadata. Well, the latest from the Edward Snowden leaks shows that Obama eventually told the NSA to stop collecting your email communications in 2011, apparently because the so-called StellarWind program "was not yielding much value," even when collected in bulk. But how much could the NSA learn from all that email metadata, really? And was it more invasive than phone data collection? The agency is well beyond its one trillionth metadata record, after all, so they must have gotten pretty good at this.

To offer a basic sense of how StellarWind collection worked and how much user names and IP addresses can tell a spy about a person, even if he's not reading the contents of your email we took a look at the raw source code of an everyday email header. It's not the exact kind of information the NSA was pulling, of course, but it shows the type of information attached to every single one of your emails.

Below is what the metadata looks like as it travels around with an email we've annotated the relevant parts, based on what The Guardian reported today as the legally allowed (and apparently expanded) powers of the NSA to read without your permission. After all, it's right there behind your words:



As you can see, at the bare minimum, your average email metadata offers location (through the IPs), plus names (or at least email addresses), and dates (down to the second). The Guardian's Glenn Greenwald and Spencer Ackerman report that Attorney General Michael Mukasey and Defense Secretary Bob Gates signed a document that OK'd the collection and mining of "the information appearing on the 'to,' 'from' or 'bcc' lines of a standard email or other electronic communication" from, well, you and your friends and maybe some terrorists.

MORE AT:
http://www.theatlanticwire.com/technology/2013/06/email-metadata-nsa/66657/

40 replies, 2676 views

Reply to this thread

Back to top Alert abuse

Always highlight: 10 newest replies | Replies posted after I mark a forum
Replies to this discussion thread
Arrow 40 replies Author Time Post
Reply What Your Email Metadata Told the NSA About You (The AtlanticWire) (Original post)
KoKo Jun 2013 OP
Warren Stupidity Jun 2013 #1
uponit7771 Jun 2013 #4
Warren Stupidity Jun 2013 #5
uponit7771 Jun 2013 #6
Warren Stupidity Jun 2013 #10
kelliekat44 Jun 2013 #23
intaglio Jun 2013 #2
KoKo Jun 2013 #13
intaglio Jun 2013 #40
uponit7771 Jun 2013 #3
Armstead Jun 2013 #7
bunnies Jun 2013 #8
NRaleighLiberal Jun 2013 #9
HappyMe Jun 2013 #11
KoKo Jun 2013 #15
aquart Jun 2013 #28
NRaleighLiberal Jun 2013 #34
backscatter712 Jun 2013 #12
Luminous Animal Jun 2013 #14
xchrom Jun 2013 #16
KoKo Jun 2013 #17
Skidmore Jun 2013 #18
KoKo Jun 2013 #19
KoKo Jun 2013 #35
Skidmore Jun 2013 #36
Recursion Jun 2013 #21
Recursion Jun 2013 #20
limpyhobbler Jun 2013 #25
Recursion Jun 2013 #26
limpyhobbler Jun 2013 #30
Recursion Jun 2013 #31
limpyhobbler Jun 2013 #37
Recursion Jun 2013 #39
Recursion Jun 2013 #22
KoKo Jun 2013 #24
limpyhobbler Jun 2013 #27
Recursion Jun 2013 #29
KoKo Jun 2013 #33
valerief Jun 2013 #32
Recursion Jun 2013 #38

Response to KoKo (Original post)

Thu Jun 27, 2013, 04:47 PM

1. but Snowden strangles small kittens and might move to ECUADOR!

 

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Warren Stupidity (Reply #1)

Thu Jun 27, 2013, 04:49 PM

4. or he's an asshole more bent on embarrassing US\NSA than advancing 4th amendment rights?

Reply to this post

Back to top Alert abuse Link here Permalink


Response to uponit7771 (Reply #4)

Thu Jun 27, 2013, 04:51 PM

5. how are the revelations of massive surveillance of everyone embarrassing?

 

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Warren Stupidity (Reply #5)

Thu Jun 27, 2013, 04:52 PM

6. cause they're not "revelations" to people who know about the PA

Reply to this post

Back to top Alert abuse Link here Permalink


Response to uponit7771 (Reply #6)

Thu Jun 27, 2013, 04:55 PM

10. so the revelation that the NSA has been conducting a massive surveillance of everyone does not

 

embarrass the NSA or the government. OK.

Does this information advance the protection of 4th amendment rights, perhaps by revealing that they have pretty much been scrapped under secret provisions of the patriot act?

Reply to this post

Back to top Alert abuse Link here Permalink


Response to uponit7771 (Reply #4)

Thu Jun 27, 2013, 07:37 PM

23. BINGO!

 

Reply to this post

Back to top Alert abuse Link here Permalink


Response to KoKo (Original post)

Thu Jun 27, 2013, 04:47 PM

2. And if that data was not there the E-mail would never arrive n/t

Reply to this post

Back to top Alert abuse Link here Permalink


Response to intaglio (Reply #2)

Thu Jun 27, 2013, 05:36 PM

13. AhHAH! But, who is Watching the Watchers who were and are Collecting?

Looks so innocent..but, you could build a profile out of that...if you had the other person's data that the post is going to...

Reply to this post

Back to top Alert abuse Link here Permalink


Response to KoKo (Reply #13)

Fri Jun 28, 2013, 02:30 PM

40. One day the answer to the "Who Watches ..." question

may be answered in the same way that Sergeant/Captain/Commander was answered when he asked ...

Reply to this post

Back to top Alert abuse Link here Permalink


Response to KoKo (Original post)

Thu Jun 27, 2013, 04:48 PM

3. Thought it was phone call meta data, any proof email meta data is being collected?

tia

Reply to this post

Back to top Alert abuse Link here Permalink


Response to KoKo (Original post)

Thu Jun 27, 2013, 04:53 PM

7. Mine tells trhem that I'm very boring

 

Reply to this post

Back to top Alert abuse Link here Permalink


Response to KoKo (Original post)

Thu Jun 27, 2013, 04:53 PM

8. This is why proxies have been around for years.

 

Personally, Ive never been under the impression that the internet was private.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to KoKo (Original post)

Thu Jun 27, 2013, 04:54 PM

9. I suspect I am boring the shit out of them with my endless gardening emails

Reply to this post

Back to top Alert abuse Link here Permalink


Response to NRaleighLiberal (Reply #9)

Thu Jun 27, 2013, 04:56 PM

11. I never send any.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to NRaleighLiberal (Reply #9)

Thu Jun 27, 2013, 06:17 PM

15. Bok Choy...with Cherry Tomatoes ...Sauteed Garlic, Red Pepper Strips

Add a little Olive Oil enough to cover pan bottom of size you choose for the quantity of BokChoy...Heat Oil to Medium...then lightly saute garlic anf then add white stems of BokChoy, sliced cherry tomatoes, a few long slices of Red Pepper..sprinkle with a little sea salt or regular salt...cook for a minute...or until white stems, red pepper strips and tomatoes look a little wilted...then add water or chicken broth (just a little 'cause you want to try to saute, steam...and add the green leaves cook on medium another couple of minutes...cover and turn heat off or low (depending on how long 'til serving).

Adjust as necessary for your tastes....

But, worked very tasty out for quick accompanyment to store bought Rotisserie Chicken.

Thought you might like this with your tomatoes coming in...I've got cherries which is the only ones I can grow on my deck.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to NRaleighLiberal (Reply #9)

Thu Jun 27, 2013, 07:54 PM

28. Excellent.

Perhaps they will have to hire someone to decode them.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to aquart (Reply #28)

Thu Jun 27, 2013, 08:16 PM

34. Ah, yes...I am talking in code. tomato...pepper...brandywine...all so subversive!

Reply to this post

Back to top Alert abuse Link here Permalink


Response to KoKo (Original post)

Thu Jun 27, 2013, 05:02 PM

12. B-b-b-but it's LEEEEEEEEGAL!!!

Quit talking smack about my daddy, you libertine meanies!

Reply to this post

Back to top Alert abuse Link here Permalink


Response to KoKo (Original post)

Thu Jun 27, 2013, 06:06 PM

14. ...

Reply to this post

Back to top Alert abuse Link here Permalink


Response to KoKo (Original post)

Thu Jun 27, 2013, 06:43 PM

16. Du rec. Nt

Reply to this post

Back to top Alert abuse Link here Permalink


Response to KoKo (Original post)

Thu Jun 27, 2013, 06:51 PM

17. We here on DU can be pretty sophisticated...but many of us are not so High Tech

and to see that the "Subject Line" of our posts are being monitored is interesting to me.

I have niece and nephew on FaceBook who have their locations tracked and they think it's VERY COOL that wherever they go or eat...if they send a friend a post...that their location is shown and it stays up on Facebook ...Forever. They post everything about themselves...and as they grow older I would worry.

Would many people here on DU want what we did in our Teens and On for all our LIVES being Monitored and Stored in a Data Base for some "Unlimited time? Would we trust that they would DITCH than info EVEN IF CONGRESS TOLD THEM TO DO IT?

Why would you stop something you've been doing that's LEGAL under American Law just because useless CONGRESS told you to do it? WHY....it's such a trove of Information to Track your Buying/Selling/Food/Personal Interaction/Personal Preferences that US Marketing Companies have been having to spend big bucks on "Focus Groups and Marketing Survey's" for YEARS. Now you can just get that Info from the Private Contractors who Collect this Info from us and are Paid by the NSA with WHAT RESTRICTIONS on 2nd PARTY SALES TO ANY COMPANY WHO WANTS TO HAVE ACCESS US TO MANIPULATE US AS CONSUMERS...

DO YOU GET IT? We are DATA MINED...FOREVER and don't know HOW MANY have ACCESS TO THIS INFO....

Reply to this post

Back to top Alert abuse Link here Permalink


Response to KoKo (Reply #17)

Thu Jun 27, 2013, 06:59 PM

18. So how many are ready to opt out of the handy dandy tubes of the internets?

Not seeing any jumpers.

Realistically all our data sloshes around. I was treated for cancer a few years back. With in three months of my surgery and radiation therapy, I started receiving information from funeral directors. Had never received this type of advertisement before. Either they got the info from the hospital, the cancer center, the pharmacy, or from the cancer register in the state. Still don't know how they came by it. But they did.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Skidmore (Reply #18)

Thu Jun 27, 2013, 07:29 PM

19. Our Medical Records are now sold by Hospitals. They say it's to give you "Support"

but us olders know different. I was on a "Cancer Survivor List" for years after a Colectomy for a Cancerous Colon Lesion. It was because I did my research and took my "good chance" statistics from Mayo Clinic and other Leading Colin Cancer Research Sites that I refused the "Experimental Chemo" that some drug company was pushing on me Post Surgery. It would have involved major debilitation with some neck IV that I would have to wear for 3 to 6 months. Yet the stats from major Sites with Research said I was "Low Risk," and this was only if I was a "patient who did not want one cell of cancer available to metasticize in my body...ever." I got that info from extra 4th opinion from Duke Medical School's Top Colon Cancer Oncology Head. It was a scare tactic to get me to use an Experimental Drug and it was only ON MY OWN that I did Indie Research (have Med Background...so had an advantage on knowing where to look for latest data and how to read research reports, though).

Anyway...it's been 15 years....and for the first 10 years I got constant Invitations to "Survivors Celebration Milestone Party" at the Hospital where I had the Surgery. It was a Love Fest with Food, Music and Survivors Stories. (They were Monitoring Me to see how long I'd live since I DID NOT take their Advice). I'm not saying that those who needed that support weren't happy to have their hospital spend money for that Big Event every year and that many didn't feel it worthwhile. But, what the insurance company paid for my operation probably got a Kick Back from my Hospital throwing those "Survivor Parties" all those years...

That was my first taste of how our MEDICAL INFO has been monitored and how it can be used against us for Insurance Denial and for Experimental Reasons and other Meta Modeling used by Third Parties. I was a MARKED PERSON...used because SOMEONE had my DATA!

Edited...for typo's ... & very emotional issue for me...

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Skidmore (Reply #18)

Thu Jun 27, 2013, 08:21 PM

35. Did it Creep You Out?

Think about that Magnified...!

Reply to this post

Back to top Alert abuse Link here Permalink


Response to KoKo (Reply #35)

Thu Jun 27, 2013, 08:28 PM

36. Believe me, I understand the dynamics and scale.

I've said before that the communications genie as it relates to the web was let out of the bottle a couple of decades ago and no rules applied up front for its applications. It was unsettling but not surprising given my understanding of how businesses seeks to market.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to KoKo (Reply #17)

Thu Jun 27, 2013, 07:33 PM

21. Subject line is not part of metadata.

Just to be clear: subject is not part of metadata.

Very specifically, it comes after the

DATA

command of the SMTP transaction, at which point the server stops logging.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to KoKo (Original post)

Thu Jun 27, 2013, 07:32 PM

20. #2 in this case doesn't tell anyone anything

10.52.27.45 is in non-routable space, so it doesn't tell anybody anything.

Also, much less spatial information is conveyed by IP addresses nowadays than was true 20 years ago.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Recursion (Reply #20)

Thu Jun 27, 2013, 07:51 PM

25. That's probably why they used it as an example. Like when they say 555-5555 for phone numbers on TV.

In real life people at home have routable IPs assigned.

Also if the gov't has anybody's IP address they can easily figure out exactly where the person is connected, simply by asking the ISP for the physical address where the IP address is assigned. They might need a subpoena depending on the ISP but I doubt they would need a warrant. Not 100% sure whether they would need a subpoena for that, or a "national security letter".

Reply to this post

Back to top Alert abuse Link here Permalink


Response to limpyhobbler (Reply #25)

Thu Jun 27, 2013, 07:54 PM

26. Right, but that just says where the server I'm sending from is physically located, not me

For example, if you send from webmail, your own connecting IP address doesn't get logged, because your computer is requesting Gmail's (or whatever's) SMTP client to send on its behalf.

Honestly, very few people actually initiate SMTP sessions from their own computers anymore; most ISPs don't even allow it.

(Also, from the looks of it, that's a legit header sequence; the outside routable address checks out, and the 10. address is probably just the mail exchanger's local address on their LAN.)

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Recursion (Reply #26)

Thu Jun 27, 2013, 08:04 PM

30. Whenever I look at email headers I see the actual IP address of the sender in there somewhere,

not only the address of the sending mail server. Sometimes it is called "X-Originating-IP". (If they are behind a NAT you will see the public NAT address but that's neither here nor there).

[strike]Alot[/strike] A few people run a local mail server at home, or at their small business, etc.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to limpyhobbler (Reply #30)

Thu Jun 27, 2013, 08:06 PM

31. I've seen that from hotmail but nowhere else

The logs I have just start with the initiating SMTP client.

Do people really still run their own SOHO mail servers locally? That's so 1999.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Recursion (Reply #31)

Thu Jun 27, 2013, 08:31 PM

37. I do see x-originating-ip when I view full headers in yahoo mail

But I think maybe it is up to the sending server whether or not to include the field, so email recipient can see the originating IP address.

A few people do run email servers at home. Hobbyists, people who have a reason to do it for work, paranoid people.


OK so let's say this. There are 2 different things.

1) There are email headers

2) There are email server logs

Those are two different things. So you're thinking the gov't only has access to the server logs, and not the headers which would be stored in the mailboxes. I think that's what you meant.

So then I would say hey the email server logs must include the ip address of the connecting party. Just like a web server log. So I don't buy the idea that the government doesn't have access to IP addresses and the easy ability to match that to an email address, and a real name, even if it might take an extra step.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to limpyhobbler (Reply #37)

Thu Jun 27, 2013, 08:34 PM

39. Right. The servers log all the headers before the DATA command

The extended headers (everything starting with "X-" as well as the MIME commands ("content-type blah/blah" etc.) are part of the message content.

They get the data from the ISPs, if we're to believe the FISA warrant leak, and the actual SMTP headers are what the ISPs store.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to KoKo (Original post)

Thu Jun 27, 2013, 07:34 PM

22. Gah! Also, everything after the Date: field is not logged.

That's in the DATA segment of the SMTP transaction. It is not part of the message log.

How hard is it for journalists to just ask somebody who knows what they're talking about?

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Recursion (Reply #22)

Thu Jun 27, 2013, 07:43 PM

24. Don't know...why don't you post on Atlantic Web Site in Comments to the Reporter or

send her an E-Mail...I think she has her address there at her "ByLine." Start a discussion with her.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Recursion (Reply #22)

Thu Jun 27, 2013, 07:54 PM

27. Yo, how do you know they are not collecting the full headers and calling that metadata.

I understand you're saying everything in the DATA segment is not collected. But how would you know the government is not considering that full email header information as part of the metadata? Did the NSA say that in a statement or something?

Reply to this post

Back to top Alert abuse Link here Permalink


Response to limpyhobbler (Reply #27)

Thu Jun 27, 2013, 07:56 PM

29. Because they're getting it from the mail servers themselves, and I know what they do and don't log

The data that comes from the mail servers stops with the DATA command (OK, it writes a count of how many bytes of data follow, but that's it).

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Recursion (Reply #29)

Thu Jun 27, 2013, 08:14 PM

33. They should NOT be coding my Send to and From Information....in their data files.

I consider my E-Mails like mailing a letter. They can look at the Send and To if they have a Court Order....but, not the "Opening Statement" in my Letter to anyone...which is what Subject Line is in an E-Mail. It's like opening up your letter and looking at your first line sentence to whom you are sending the letter.

You are trying to say they then "seal the envelope back up" and never read the REST of the LETTER. I say...NO...they are reading without Warrent a huge Group of Selected E-Mails because someone you know or just got on a List Serve with or any other Group and some "suspected terrorist" is on that list....so they READ MY E-Mail for Subject line and then Further.

Until it's proven differently ....I believe they are going after as much data as they can catalog to store it in sophisticated buildings they are already looking for financing for AFTER UTAH Facility fills up!

Reply to this post

Back to top Alert abuse Link here Permalink


Response to KoKo (Original post)

Thu Jun 27, 2013, 08:08 PM

32. Isn't 4 Sender Email? nt

Reply to this post

Back to top Alert abuse Link here Permalink


Response to valerief (Reply #32)

Thu Jun 27, 2013, 08:32 PM

38. That's one of several problems with this article (nt)

Reply to this post

Back to top Alert abuse Link here Permalink

Reply to this thread