Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
General Discussion
In reply to the discussion: If you're OK with revelations of NSA snooping, you're part of the problem [View all]OnyxCollie
(9,958 posts)131. This guy thinks otherwise.
http://www.themediaconsortium.com/reporting/wp-content/uploads/2008/03/affidavit-bp-final.pdf
My name is Babak Pasdar, President and CEO of Bat Blue Corporation. I have given this affidavit to
Thomas Devine, who has identified himself as the legal director of the Government Accountability
Project, without any threats, inducements or coercion.
I have been a technologist in the computer and computer security industry for the past nineteen years
and am a "Certified Ethical Hacker" (E-Commerce Consultants International Council.) I have worked
with many enterprise organizations, telecommunications carriers, as well as small and medium sized
organizations in consulting, designing, implementing, troubleshooting, and managing security systems.
This statement is to make a record ofmy concerns about the privacy implications for our society from
what I personally witnessed at a major telecommunications carrier, as summarized below.
What I know:
I know I saw a circuit that everyone called the "Quantico Circuit."
I know that all other sites had store numbers or affiliate numbers. The "Quantico Circuit" was
the only site being migrated that had such a unique name.
I know that it was a third party connecting to the client's network via the "Quantico Circuit."
I know everyone was uncomfortable talking about it.
I know that connecting a third party to your network core with no access control is against all
standard security protocols, and would fail almost any compliance standard.
1 know that I was a trusted resource. During the project, I at all times had access and control
over the communications to the most sensitive of the organization's systems. This included
their sales applications, billing systems, text messaging and mobile internet access, including email
and web. I even had a client badge for entry to the building and access to facilities.
I know the client had Network VCRs situated at various locations throughout their data centers.
These devices collected and recorded all network communications and had the capacity to store
them for days, possibly weeks.
I know that many of the organization's branch offices and affiliate systems did not have that
unfettered access, because I instituted the controls.
What is likely, based on normal industry practice:
A third party had access to one or more systems within the organization.
The third party could connect to one or more of the client's systems. This would include the
billing system, fraud detection system, text messaging, web applications. Moreover, Internet
communications between a mobile phone and other Internet systems may be accessed.
The client could connect to one or more of the third party's systems.
The client's Data and Cell networks are interconnected.
It is unlikely that any logging was enabled for any access to the Quantico circuit, because the
client's technical experts suggested that this was not enabled. They were tentative in even
discussing the subject. Even if logging was enabled the logging system was so inappropriately
sized that it was useless.
What is possible due to consistency with known facts but for which I don't have proof:
The third party may be able to access the billing system to find information on a particular
person. This information may include their billing address, phone number(s), as well as the
numbers and information of other people on their plan. Other information could also include
any previous numbers that the person or others on their plan called, and the outside numbers
who have called the people on the plan.
The third party may be able to identify the Electronic Security Number (ESN) of the plan
member's phones. This is a unique identifier that distinguishes each mobile device on the
carrier's network.
With the ESN information and access to the fraud detection systems, a third party can locate or
track any particular mobile device. The person's call patterns and location can be trended and
analyzed.
With the ESN, the third party could tap into any and all data being transmitted from any
particular mobile device. This would include Internet usage, e-mails, web, file transfers, text
messages and access to any remote applications.
It also would be possible in real-time to tap into any conversation on any mobile phone
supported by the carrier at any point.
It would be possible for the third party to access the Network VCR devices and collect a variety
of information en masse. The Network VCR collects all communications between two systems
indiscriminately. It would then archive this information making it available for retrieval on demand.
The third party could access the Network VCR systems and collect all data
communications for single mobile device such as text messaging, Internet access, e-mail, web
access, etc. over some period of minutes, hours, days or weeks. The same can be done for
communications of multiple, many or even all mobile devices for some period of minutes,
hours, days or weeks.
Even if the client did not provide specific login and access for the third party to one or more of
their systems, without any access controls it is possible for the third party to leverage
vulnerabilities to "compromise" the client systems and obtain control or collect sensitive
information.
Edit history
Please sign in to view edit histories.
294 replies
= new reply since forum marked as read
Highlight:
NoneDon't highlight anything
5 newestHighlight 5 most recent replies
RecommendedHighlight replies with 5 or more recommendations
If you're OK with revelations of NSA snooping, you're part of the problem [View all]
DisgustipatedinCA
Jun 2013
OP
"U.S. Intelligence Mining Data from Nine U.S. Internet Companies in Broad Secret Program"
Hissyspit
Jun 2013
#162
There is a difference in phone records of calls and actually monitoring the calls.
Thinkingabout
Jun 2013
#156
Is there really? The vast majority of calls are not monitored by humans, but they are retained and
leveymg
Jun 2013
#249
Phone call records are just what it says, a list of phone call from a calling party to a called
Thinkingabout
Jun 2013
#277
The NSA collects all sorts of data, from credit records to email to telephone calls.
leveymg
Jun 2013
#278
Are you saying when the NSA receives the call records it also gets the voice content
Thinkingabout
Jun 2013
#282
NSA installed signal splitter equipment at telco hubs and ISPs that allows it to tap into those
leveymg
Jun 2013
#284
Monitoring of calls is wire tapping, this s different from obtaining records of calls.
Thinkingabout
Jun 2013
#285
NSA does both and a lot more. It operates many programs. PRISM is just one of them.
leveymg
Jun 2013
#289
Yes NSA does more but on the phone records they are simply a record of calls and length.
Thinkingabout
Jun 2013
#294
Too many people think they need protecting from evil forces. So are OK with this shit! n-t
Logical
Jun 2013
#5
...and when the evil force is our own government we won't be able to make corrections to it.
L0oniX
Jun 2013
#151
The lack of logic of worrying about standing up for what is right because 'it might give some
sabrina 1
Jun 2013
#20
The retention and minimization rules are by Presidential Order, not agency rules. Overreach is by
leveymg
Jun 2013
#81
Agreed, but agency rules also restrict the collection and holding of data to non-us entities.
SlimJimmy
Jun 2013
#97
My understanding is that the Retention Act is ignored and that the current Presidential Order
leveymg
Jun 2013
#239
Here's the problem. The IRS has rules and regulations concerning the disclosure
SlimJimmy
Jun 2013
#242
I agree. That's one of the inherent dangers of the NSA and other agencies collecting data.
leveymg
Jun 2013
#250
There is enough disappointment to go around but I am disappointed in our judicial system
rhett o rick
Jun 2013
#143
I think this is traffic analysis. Content of the calls is not collected. I don't think
alfredo
Jun 2013
#79
Bush didn't go through the FISA court, Obama did. Of course we need to know the leanings of the
alfredo
Jun 2013
#102
That is correct, Bush did not go through the FISA court which was exposed if you remember and became
sabrina 1
Jun 2013
#117
I would like to see Obama surrender many of the new powers granted to Bush. They were using
alfredo
Jun 2013
#123
The problem with the collection and storage of this data is that it allows the NSA to develop a
SlimJimmy
Jun 2013
#100
We are not as fear ridden as we were under Bush, that is why there is pushback. Obama isn't
alfredo
Jun 2013
#111
I heard earlier today that this has been occurring for at least seven years. With the
SlimJimmy
Jun 2013
#113
At least Obama complies with the FISA law. Can we trust the FISA court? I hope so. Repeal
alfredo
Jun 2013
#116
Congressional oversight by leadership plus chair and ranking member of the intelligence committees
FarCenter
Jun 2013
#16
They, including Obama when he was a Senator, voted for the FISA Bill, which RETROACTIVELY
sabrina 1
Jun 2013
#47
I think you are right. Congess would have already been briefed in the appropriate
SlimJimmy
Jun 2013
#114
If you don't acknowledge that Congress as well as the administration is part of the problem
cali
Jun 2013
#14
It's funny that it was shown that the Bush administration shouldn't have needed expanded powers to
brewens
Jun 2013
#15
Exactly. I guess the 'little people have nothing to worry about if they are doing nothing wrong'.
sabrina 1
Jun 2013
#22
Time to write a web-bot that will randomly use these words in political forums.
PrestonLocke
Jun 2013
#66
"Government, on some level, at least believes it has my best interests at heart"
ohheckyeah
Jun 2013
#216
this is the sort of thing they used to scare us about the Soviets when I was a kid....
mike_c
Jun 2013
#26
The fall of the USSR may have been one of the worst things to happen to the U.S.
Xithras
Jun 2013
#46
Chilling isn't it? I was thinking the same thing recently. But should we be surprised really? Human
sabrina 1
Jun 2013
#232
So in your view, once I voted for Obama, I need to shut up and take my lumps?
DisgustipatedinCA
Jun 2013
#67
If you think tapping and storing phone data just started under Obama you are naive and childish.
Pisces
Jun 2013
#37
I did not meant to attack you directly, my post is a generality. These things are not new.
Pisces
Jun 2013
#103
There may be spin that this was "invented by Obama", but it's not coming from me
DisgustipatedinCA
Jun 2013
#53
It is wrong on both sides of the fence. However, Congress DID allow this, and it included Democrats
still_one
Jun 2013
#62
Can you even imagine the shitstorm if it turned out the Obama administration had STOPPED doing this?
mn9driver
Jun 2013
#73
A fundamental problem is our government's INTENTIONAL view that 4th amendment doesn't apply...
cascadiance
Jun 2013
#82
So we now live in a country where the Death Penalty is administered without charges, without
sabrina 1
Jun 2013
#264
I'm not here to satisfy your whims. I told you I was apprised of all you mentioned
DisgustipatedinCA
Jun 2013
#272
I am sure it did. OWS fought them off guard so they have taken steps to make sure it doesn't
Dustlawyer
Jun 2013
#263
If you think this just about 'billing' and not content, you're just kidding yourself.
KG
Jun 2013
#98
What's really scary is all 3 branches of government including both parties are okay with it.
dkf
Jun 2013
#127
Everyone who was yelling about sheeple under Bush now have become sheeple :(
pam4water
Jun 2013
#141
What do you mean?? We are safe now & Michelle Obama is a very snappy dresser, so STOP SAYING THAT!!!
Kurovski
Jun 2013
#148
I don't give a fuck what media you fucking consume, that's not the goddamned point.
Kurovski
Jun 2013
#171
You could also include Current TV (if you get it). Bill Press in the morning is very
SlimJimmy
Jun 2013
#236
Fuckin A. "Natural allies" my ass. You support this you are the fucking enemy
TheKentuckian
Jun 2013
#149
The US is ripe for a dictatorship and if it should happen we won't be able to do anything about it.
L0oniX
Jun 2013
#153
Not that old talking point again 'the reality based community'. It was invented to slam Liberals
sabrina 1
Jun 2013
#222
"Proud Member of the Reality Based Community" is a democratic slam against Karl Rove
ConservativeDemocrat
Jun 2013
#267
Which is why it was so reprehensible for so-called Democrats, to use it to slam Democrats with. If
sabrina 1
Jun 2013
#268
The reality based community was NOT invented to slam liberals, as you stated
ConservativeDemocrat
Jun 2013
#280
It definitely is not effective as a slam against 'real democrats' at least you are right about that.
sabrina 1
Jun 2013
#283
Until the Patriot Act is overturned, I can't complain. Until then, it's the law.
SleeplessinSoCal
Jun 2013
#165
You mean Amy Goodman, Thom Hartmann, Glenn Greenwald, The Nation, who were the other 'pack rats'
sabrina 1
Jun 2013
#219
NSA has direct server access to your email, photos, file transfers, live chat, search history...
nashville_brook
Jun 2013
#194
What Do You Think the NSA Does? This is just another from the SCANDAL machine.
CdnExtraNational
Jun 2013
#213
I think a lot of people didn't understand what the NSA does, and simply trusted that they weren't
leveymg
Jun 2013
#240
"protesting against a lame duck president" is not my point. You may swim in those circles. I don't.
DisgustipatedinCA
Jun 2013
#256
so, anyone who disagrees with your drivel agrees with the NSA snooping? Are you an imbecile?
bigtree
Jun 2013
#261
Great comment, nothing to add just wanted to let you know those who are willing to tolerate the
sabrina 1
Jun 2013
#292