On his blog Schneier comments that this meeting was kept small on purpose. I wanted to see who was present at this meeting so I looked up some of their information. Not hard to find, but here you go. I plan on emailing each of them and thanking them for consulting someone the tech industry considers a Security SME.
(If you use Facebook) I recommend following Rep. Amash as he explains every one of his votes in a status update. It's a great way to stay informed, and he actually approaches his decisions with sensible reasoning you'll enjoy (regardless of your political leanings).
Personally the fact that your spam links to the legislators wikipedia pages is top on HN shows that 1) you have nothing to say on the subject, 2) you are a spammer, and 3) that you are probably a complete idiot who could give a shit about the topic and 4) that HN is a complete fucking waste of time with people like you posting in the comments.
Oversight. We keep demanding this thing. But how exactly does oversight of actions that must be performed in secret even work? Who oversees the overseers?
Let's think about the end game. Suppose the Klayman lawsuit [1] goes all the way to the Supreme Court, and they too find the NSA's metadata collection is a 4th Amendment violation. The NSA is ordered to shut this and similar programs down. They comply. They say "we've complied." But how do we know? How do we know they didn't just spin up new collection programs, out of sight even from the overseers, or perhaps even with the tacit approval of the overseers? How would we find out?
Whistleblowers like Snowden. That's the only protection I see for us here. If the government promises they've complied, but in fact they haven't, they've just doubled down on the damage another revelation to the contrary would create. And doubled the moral imperative that a principled person would feel to leak it.
I didn't say that it was their fault that the NSA lied. Its their fault that secret courts, the Patriot Act, and a number of other things exist. Its also their fault that the constitution has been systematically undermined for the last four decades.
It was hilarious watching a bunch of congressmen feign disbelief when they know that its their fucking fault. Its depressing watching the public believe them. If they really didn't know this was going on, they would be trying harder now to stop it instead of passing legislation to solidify the NSA's position.
The only thing that we can be certain of, is that our elected representatives' response to these revelations is going to be disappointing, misguided, and inadequate.
"The United States Foreign Intelligence Surveillance Court (FISC, also called the FISA Court) is a U.S. federal court established and authorized under the Foreign Intelligence Surveillance Act of 1978 (FISA)" --http://en.wikipedia.org/wiki/United_States_Foreign_Intellige...
Even if you're talking as about changes to it in the PATRIOT Act, that was passed on October 26, 2001. Each congressional district has had 6 elections since then, so some of these congresscritters never voted for or against the creation of the court. Of the ones that did, how many were on the committee that produced this? How many read it?
http://sunlightfoundation.com/blog/2009/03/02/congress-had-n...
This all sounds very nihilistic and myopic. It's like saying I'm responsible for drones because I voted in an election for one of two candidates who were going to use them anyway. Credit where due, and I'm certainly not letting Congress off the hook, but your argument boils down to "well, Congress allowed them to exist," and I'm even less inclined to let the NSA off the hook. I have higher standards than, "well, that's just the way they are."
I didn't let the NSA off the hook, I was just commenting on the absurdity of congress acting like this wasn't the obvious outcome of decades of bad leadership and bad legislation.
By the 21st century, the Patriots had achieved immense political power, effectively controlling America as a totalitarian regime. The organization would select who would serve as the President of the United States and would stage Presidential elections in order to please the American public, as well as tricking them into believing that as voters they had control over the government, that the nation was still being led according to the Constitution, and also utilized cut-outs when contacting the President with instructions.
Schneier links to a Wikipedia article about Sensitive Compartmented Information Facilities (SCIFs) and explains that he wanted to speak to the members of Congress in such a facility, but could not do so because he is denied access to such facilities as someone without the appropriate security clearances. And that puzzled me, and prompted me to read the Wikipedia article after reading Schneier's blog post submitted here, because I had been told years ago, when I definitely did not have the appropriate level of clearance for a SCIF (as I have never had and probably never will have) that I did have access to a special hearing room for one of the congressional intelligence oversight committees. I was inside the room at the time, with foreign visitors. (I was there as the interpreter for the foreign visitors.) I saw the hearing room back in the 1980s, as I recall, as part of a people-to-people program funded by the United States government that brought over people from other countries to look at how society works in the United States. The look inside the secure room was part of learning about how intelligence agencies in the United States are overseen by Congress. It was represented to us that when the room in the Capitol was closed up, it was impervious to any then-known form of surveillance. So now what Schneier says has me puzzled about whether or not there is any level of secure room between what he calls a "regular room" and a room that a United States citizen can only enter with a very high level of security clearance. It seems to me that there ought to be some kind of in-between room like that, precisely for meetings like the one Schneier just had. That would be better for effective congressional oversight, I think.
> So now what Schneier says has me puzzled about whether or not there is any level of secure room between what he calls a "regular room" and a room that a United States citizen can only enter with a very high level of security clearance.
There are. Schneier has it wrong unfortunately (or at least, was misinformed). You can enter a room approved for classified information without a clearance, you just must be escorted by someone who does have one. I've been in such a room myself without a clearance. I imagine what you were told about a special hearing room for one of the congressional intelligence oversight committees was true then and is still true now.
There is an unfortunate amount of misinformation flying around and it really detracts from what might otherwise be a productive discussion. I hope Schneier takes a but more time to double check his assertions in his next post.
Schneier, a non-governmental security researcher, was asked by the representatives to hold a meeting with them. He suggested to hold it in a secure meeting room. They tell him that he's not allowed in there.
There are standard processes in pretty much every government organization for escorting uncleared personnel into a SCIF. The fact that they chose not to in this case might indicate that they aren't taking this seriously.
Or that the NSA wanted to listen in, and this was just an excuse given so that a secure room would not be used. In fact, the whole thing could have just been an elaborate way to glean what's in the Snowden documents.
The whole security clearance thing is rather over-rated. Many people are immediately disqualified during the background investigation because they missed a payment on something once, or changed jobs too often, or were arrested, yet never convicted of a crime.
So the fact that someone does not qualify for a security clearance says very little about them as a person.
Thanks for this link. It's really fantastic to read some of the reasons for approval and denial.. Here's a good one that was really interesting to me for personal reasons since some of the facts are similar to mine:
"Applicant was born in Iran. He left Iran in 1985, was educated in the United States, married a native-born U.S. citizen, and became a U.S. citizen. He adopted an American name when he became a U.S. citizen, and he gave American names to his children. He has never returned to Iran. He held a public trust position for three years. His sister is a citizen and resident of Iran, but he has never visited her in Iran. His parents and two brothers are citizens and residents of the United States. His older brother held a security clearance for six years. Although his parents live in the United States, they spend about six months of each year visiting their daughter in Iran. Security concerns are mitigated by Applicant’s deep and longstanding relationships and loyalties in the United States. Clearance is granted. CASE NO: 12-11015.h1 "
Well, good luck to you! If you decide to go this route, I think the trick is making yourself very desirable to a defense contractor so that they'll sponsor your clearance and go to bat for you.
There are people that have filed for bankruptcy that managed to get a TS. It would be highly unusual to be rejected for missing a single payment, provided you are current while the investigation is going on. It would also be extremely unlikely that one gets rejected for changing jobs frequently, unless one of your former employers alleged misconduct of some sort.
The security process in my experience is very much about how much of what they find you were forthcoming with and announced on the forms.
If you missed a payment there is a section of the background paperwork you fill out proving information on it. It is very likely you would be denied if you left that section blank and had a missed payment, or if you changed jobs, or addresses very often and did not list all of them with proper references so they could verify them. But you will be denied basically because you lied not because of the missed payment or address changes.
I only have a passing knowledge of how data security is handled by the government, but I suspect that the fact that they are discussing classified material which Schneier should not have access to may make using an SCIF more bureaucratically challenging.
"My guess is that because I am untrusted, I might plant a bug in the SCIF. So it's less that I'm not allowed in, and more that if I was allowed in they would have to re-SCIF the place."
It makes sense that you need TS/SSBI and the correct SAP read-in to be inside a given SCIF belonging to a SAP; otherwise one might leave a recording device or otherwise damage the integrity of the SCIF. Plus, the SCIF would need to be cleared of all sensitive materials before you entered.
Clearing a SCIF, letting someone inside, then recertifying it would probably be the correct choice; It could be done, of course, but it's not cheap. (You can also potentially keep the person under observation the whole time, but given the purported Chuck Norris powers of Bruce Schneier, that seems insufficient.)
I'm not sure if you understand. Bruce knows the top secret information because he read it in the leaks. The government officials can lose their security clearance for admitting to discussing top secret things with him.
They are clearly in the direct performance of their lawful duties. It is like a counterintelligence professional talking to a suspect and learning what he knows. Plus, Congress is called out in the Constitution as special, due to situations like this.
How many sitting congressmen have ever lost their security clearance? It seems like the decision reached in Gravel v. United States totally contradicts what you say.
You don't need all of that to be escorted on a single occasion. It really wouldn't be difficult at all to sanitize a conference room. People aren't likely leaving piles of classified documents on the table between meetings and if they are they need to have their own clearances suspended.
I'm explicitly allowing for Schneier being a "special" person, and not escortable into a secured space, as he is a technical expert and in close and continuing contact with some people with lots of very hated stuff, specifically in loving leaking classified info. A normal person would be a lot more escortable. It is mostly up to your facility security officer and organizational policies; I don't know how the legislative branch handles any of this.
>It makes sense that you need TS/SSBI and the correct SAP read-in to be inside a given SCIF belonging to a SAP; otherwise one might leave a recording device or otherwise damage the integrity of the SCIF. Plus, the SCIF would need to be cleared of all sensitive materials before you entered.
Infruriating Hog-wash! This security theatre is baloney, and it is the Great Wall, itself .. erected precisely to allow the Security Classes to control their mignons.
SCIF's? Why are they even necessary in the first place, in a society that prides itself on Freedom Dogma?
This is not democracy - this is tyranny!
If a private citizen cannot have a safe conversation with people who represent them, then you do not have representation but total interference. The American Super-Security State has definitely usurped the basic principles of democracy from its true owners.
I think you missed the part where he had the conversation anyway, in a regular room.
The procedures for handling classified information, especially SCI and ECI, are there to protect from foreign intelligence services. i.e. people doing exactly the shit NSA is accused/documented of doing to foreign governments.
I think you missed the point that I asked: why is there no secure facilities specifically for the purpose of citizen/representative conversation? Is it only the privileged elite military class that get the fun toys? I think it is ..
There are different levels of "secure". Citizens rarely have possession of TS/SCI or TS/ECI information without possessing a valid TS/SSBI and SAP access for that material, and when they do possess that material without the authorization, their intent is rarely to testify before Congress about that material.
A normal secured room (which is also swept for bugs, is kept physically secured by the Capitol Police, etc.) is perfectly adequate for normal secure communications between citizens and elected officials.
I care not a single bit for the Security Theatre in your TLA soup - the point yet remains: why are citizens not allowed to communicate secretly with their representatives with the same degree of certainty as their military? Hmm ..
If the NSA are about to take a big hit in Congress because some Congress members were educated on the actual reality, having advance notions of the nature of the enlightenment of those Congress members would help the NSA prepare a position policy for handling the issue.
Do you not understand that there is nothing honorable about this agency, and this infrastructure? At all? The system is entirely corrupt, corruptible, and absolutely functional as a tool for political power. This is not the time to be milquetoast on the devices we are discovering are being used, indiscriminately, with World-changing powers, by people who were not authorized to do so by the democracy that allowed them the luxury of doing such things, for a living.
These people have constructed their own private search engine - consisting of EVERYONE ELSES DATA. Anyone who cares about the society our children will inherit, must act to promote the destruction of this heinous info-apparat! Before, indeed: it is too late.
There are but 3 small tigers in between the free democratic society and totalitarian fascist state, and those tigers are made of paper, electrons, and gasoline ..
This could be almost hilarious if it wasn't so sad. The Congress has to be briefed by someone with access to leaked documents to get an idea what a government agency is doing, because the later "is not forthcoming".....
Imagine that the NSA was only doing legitimate, useful, necessary, highly secret things (humor me here).
Can they brief Congress on what they're doing? All 535 publicity-seeking chatterboxes? No way. That's the same as issuing a press release.
So not telling Congress everything is (in principle) necessary. But who are these representatives Schneier briefed? Are they on the Intelligence Committee? If so, and they still can't get straight answers out of the NSA, that's a big deal. (And maybe the rest of Congress is saying that they don't think that the Intelligence Committee has done an adequate job of oversight.)
If Congress demands it? Yes, they can brief Congress on what they're doing. They were created by Congress and the career positions continue to exist at the pleasure of the Congress.
Further, there are procedures that exist to do so. Sealed sessions have been and are used for sensitive subjects to avoid inadvertent disclosures.
"All 535 publicity-seeking chatterboxes" are what we have. Their existence, their ability to speak freely without fear of prosecution, their diversity of opinions & constituencies, and their power to change things, function as a crucial check on the power of the executive branch. As representatives of the people it IS THEIR JOB to ensure that large secret programs that the public would never approve of, or which violate their oath to abide by the Constitution, are either reformed adequately or leaked, neutralized in some way, cancelled, or never funded in the first place. If they fail to do that for long enough because they've decided they're not able to, or because they don't want to know, then this all falls apart and becomes tyrannical the first time we get a President that wants power.
Notably, it ceases to be an option for Congress if the objectionable business is objectionable because it's a spy program that been turning Congressmen into blackmailed sycophants. That is hardly out of the scope of the technical power we have granted the NSA.
If they have created these programs and they've started to take on a life of their own, to the point that Congressional oversight and regulation is not adequate to control their activities (and yes, it appears that is what happened), then we have one option: Kill the tumor with radiation and a clean scalpel before it metastasizes further. Defund, publicize, interrogate, leak the objectionable programs, and end them. Maybe catch some loyal civil servants who were just following orders in the crossfire; But that's how it goes - they became an enemy, foreign or domestic, of the people and their Constitution. Too bad.
Sure, we might lose some tissue, but it's a damn sight better than letting a malignant cancer of our democratic system run wild.
> Can they brief Congress on what they're doing? All 535 publicity-seeking chatterboxes? No way. That's the same as issuing a press release.
Absolutely not. Keeping your (nominal) overseers appraised of your activities is not the same thing at all as informing the whole world in front of cameras. Your implicit argument is that Congress couldn't be trusted with the secrets the NSA would reveal. But this is countered by opinting out that the NSA can't be trusted with the secrets it has.
Congress (all of it) should be briefed on the overview. The details (some of which are, rightly, classified)? No way. That's pretty much the established way of dealing with classified information - all of Congress does not get to know the details.
> ...the NSA can't be trusted with the secrets it has.
> Do you disagree that secrets during war are necessary?
I don't think Executive Branch secrets from Congress -- that is, things that will not be disclosed honestly on request by the Congress as such (which is not the same as individual members of Congress acting on their own) -- are ever justified or necessary, in war or peace.
To the extent that secrets (e.g., from the enemy in time of war) are necessary for which not routinely disclosing information to Congress is justifiable as a security measure, the Executive acting appropriately to maintain the confidence of Congress in its use of its discretion so as to avoid Congress needing to demand information which should be kept secret is equally necessary. Any President who honestly feels that they cannot protect the security of the nation while responding to Congress's demands for information should recognize that they have failed to maintain the confidence necessary to function effectively as President and resign.
Foreign enemies are always a convenient excuse for lack of domestic accountability, but they are never a sufficient excuse.
Robert Gates put it eloquently: the US is in its own wars of choice, and not in any war that is forced upon it. So, what do you think about the secrets that would conceal the real reasons of the war that requests to be secret?
bosma was asking: "Are there any things that should be kept secret during the course of war?". The obvious answer that he's fishing for is "Yes. Stuff that's critical to OPSEC.". [0]
This is a silly question to ask. AFAICT, Congress hasn't ever been briefed on the day-to-day of wartime activities. They are often lied to about our motivations for declaring war. That's obviously a very bad thing to do.
[0] The funny thing about stuff that's classified for OPSEC reasons is that it has a really short shelf life. That is to say, stuff that's sensitive OPSEC stuff can often be declassified in a matter of hours or weeks... because the actions described by the classified information have taken place and everyone knows that they took place. (e.g. information about troop movements in preparation for tomorrow's assault would be sensitive until the assault happens.)
> AFAICT, Congress hasn't ever been briefed on the day-to-day of wartime activities.
But they're also not normally briefed on the high-level view of intelligence sources and methods, to ensure that those sources and methods remain available. During WWII it's not like the Navy briefed Congress that they could read much of the Japanese Navy's messages.
And even with that precaution the U.S. Navy came perilously close to tipping off Japan. A journalist embedded with Naval forces somehow gained information that the U.S. Navy had known Japan's fleet composition at Midway before the battle, and that was published in the Chicago Tribune. If Japan had been paying attention she would have realized that her ciphers were very possibly being read and taken countermeasures that would have destroyed the usefulness of that intelligence source.
To be clear, I think Congress has the right to have access to whatever information is needed to effectively oversee the NSA. But I don't see how that would imply all 535, every 2 years, being read-in to full TS and SAPs and given all details. That would make more sense for the specific subcommittee charged with overseeing intelligence, but unfortunately (for privacy advocates), that's the very same panel of people most supportive of NSA.
> That is to say, stuff that's sensitive OPSEC stuff can often be declassified in a matter of hours or weeks... because the actions described by the classified information have taken place and everyone knows that they took place.
Minor quibble - this isn't always true.
If a hacker knows two vulnerabilities to exploit, but only exploits one of them, he keeps an advantage by keeping the extent of his intelligence a secret. If he only knows of the one that was exploited, he's not benefitted by admitting a lack of intelligence.
Apply to enemy troop positions and competitor pricing strategies as appropriate.
I was a defense contractor during the Cold War, a scary time in many ways.
It profoundly troubles me that the military intelligence complex is acting like we are still in the Cold War. The world changes and things done in the past are often not the rigt things to do in the present and future. This is a brittle mindset, looking at the past and not the current situation.
I'll play along with the hypotheticals and assume that the NSA don't lie when questioned by Congress. In that scenario, the NSA can give reasonably straight answers that don't compromise national security.
"Are you spying on suspected terrorists?" - "Of course we are. That's our job."
"Who are you spying on, and how?" - "We can't reveal that. It's National Security."
"Are you spying on people that you have no reasonable suspicion of being terrorists?" - "No."
"Fine".
The problem comes when you have lie about that last one when asked by Congress.
The corruption of government starts with its secrets. A truly free people don't keep secrets. Somewhere in this grey mass is a line, and that line gets crossed and crossed, over and over again.
What secret is worth keeping if its keeping results in oppression, tyranny, inhumanity? Why should those who are given the right to murder, get away with murder - just because it is 'unsafe' to prosecute the murders?
The reason, always given, is "[some secret reason]". Well, the saying goes, keep the secret .. or else! Or else .. 'bad things happen'. Yet .. Those who work tirelessly to keep secrets, are themselves the bad things .. happening.
What the NSA 'should be' is a National Communications Agency, wherein all harmful human activity they observe are communicated - to all and sundry! Openly! Publicly! Without any barrier to delivering full awareness - for all!
It is only when a secret is kept that lines are drawn between two life-forms who would otherwise, ordinarily, be cooperating/communicating to increase their combined potential. Profiting from this - always - is another, third life-form, whose control over the others' secrets will give him two slaves.
The answer to your question: Congress, if it were doing its job, would have already read Snowdens' statements into the public record, and there wouldn't be any debate about the criminal proceedings that would then follow: all the tyrants would be frog-marched directly to jail.
It may yet .. still .. happen. Let us wait and see.
> What the NSA 'should be' is a National Communications Agency, wherein all harmful human activity they observe are communicated - to all and sundry! Openly! Publicly! Without any barrier to delivering full awareness - for all!
This is ridiculous hyperbole. There are all kinds of legitimate secrets: trade secrets, private sexual kinks, personal financial or medical records, embarrassing taste in pop songs.
I don't understand how you can be angry about privacy violations on the one hand, and arguing for our society being some kind of secretless panopticon on the other.
The thing you must understand is that I do not actually consider a society with any investment in state secrecy to be actually functioning. Actually, a society ruled by secrets is little more than a mafia, playing charades.
But I see you are limiting your viewpoint to 'what is real' and not to 'what could be done differently about the situation'. That's okay with me, to 'keep it real'.
But I have no desire to live in a society ruled by its secrets, as the USA (and other sham states) are. If we are to have true freedom, it must include freedom from the liability of having to keep a secret. The USA is almost imploding against the weight of its own secrets; which serve to hide crimes, and little else.
Beneath every revelation of a state secret is a crime that was committed - or will be committed - against another human being. A catalog of tools whose sole purpose is the mass-violation of human rights, in hands other than 'the elected officials deemed worthy enough to hold the keys', is a criminal instrument. I do not personally agree that we need to construct such things; it is because of profit from suffering that such things are allowed, in the secret chambers of the American Security Elite.
Ok, here's an experiment for you. Why don't you broadcast every single detail of your life, every minute of it, even the parts you don't want others to see? If you don't, you must be hiding something and be committing crimes against humanity. This is how your argument reads.
So how about a mother then, raising her child and pregnant with a second. Should she have to reveal every single detail about her life while she has parental custody?
What about government commercial negotiation information, surely the government can (should!) keep that secret at least until the negotiations are over, otherwise every single purchase made will have them ripped off due to information asymmetry.
Troop locations are another one. If you know exactly where everything is it gives you a huge advantage, and to a lesser extent where they've been.
Surely there are some secrets we can acknowledge the government can keep, for a time. The problem only arises when the executive branch abuse the classification system and label embarassing, non-sensitive (to the country, maybe not to their reelection) information as sensitive information.
In all honesty, I am an Open Government proponent, which means that I think the justice and pressure of having the entire society able to monitor the situation will self-heal any attempts at exploitation. It is only because you don't know how much the Government pays for things, that it is able to put you into debt so it can pay for the things it 'thinks it wants'.
Turn the light on the whole thing; make all procurement open to the public, simply put a 24/7 webcam on anyone who is functioning in a government role, and let it work. Open communication is the only thing that has truly propelled the species forward .. and yes I acknowledge it is 'a radical position' with fatal flaws, but alas ones viewpoint doesn't always have to be .. Right .. now, when discussing the nature of our abundant universe..
While i harbour no affection for the American Govt, but you seem to be targeting it a lot for having secrets. From what everyone understands from your comments is that there shouldn't be secrets. A secret = hidden crime. Well the irony here is that, this is EXACTLY how the NSA seems to be functioning. It doesn't want anyone to have any secrets from it. Because it assumes, like you, secret = (possibility of) hidden crime. In fact the NSA can argue, just like you, we uncovered secrets of people, it turned out they were criminals. Hence no one should be allowed to have any secrets. See what's wrong with the picture?
Now, I assume everyone here is mature enough to understand the distinction of things that should be kept secret and which not, and i shouldn't be wasting anyone's time (including mine) into giving an explanation of what matters require secrecy, and in what cases certain secret things should be made public
You have blinded yourself in your understanding of a "secret" to those that have gotten coverage. And of course those secrets have been damaging and damning. Otherwise, the personal risk of exposing them is not worth the reward. And even if it was, the media would find little interest in covering them.
I don't necessarily agree with the thesis of the post you're responding to, but your example is personal privacy on the part of someone who happens to hold office, not a state secret.
Yeah, that was sort of intentional, I'm suggesting that distinction doesn't actually get us very far as it might seem at first glance.
For instance, there's probably a billing account or two assigned to just the office. That wouldn't be personal, but wouldn't be something the state just passes around either.
You could retort that's still not "state secrety" enough. We could then exhaustively try to separate the sheep from the goats, but it's probably just a definitional minefield.
We can probably skip all that and agree on the broader point, though: absolutisms aren't very useful here. They're seductive because of their intellectual purity. But despite our best intentions, we're inevitably going to end up haggling over what's a good secret or bad.
Probably many people will have different opinions on that question that are all prima facie reasonable, but that's ok, just so long as we avoid adopting an all or nothing approach because it seems easier.
The office billing account is a much better example. It is a secret that is legitimately preserved by the state, without there being room for corruption (if we publish the transaction history) that wouldn't be present anyway if the secret were disclosed.
The Intelligence committees and the FISA Court need to be overhauled, to start with. Clearly there's not enough/proper oversight of the agency.
I don't know how they do it now, but the Intelligence committees should also brief the rest of Congress at least twice a year, and I think they should be allowed by explicit laws to declassify anything they want in that briefing. No approval from the White House or anyone else needed. They are, after all, the ones that are supposedly in charge with oversight of the intelligence community.
So next time someone like Ron Wyden knows the agency is lying to the public, he should be able to tell the rest of the Congress in the briefing, all by himself (he shouldn't need approval from the rest of the committee), and it should be defined in laws that he's allowed to do that, just so there's no confusion, and no fear of repercussion.
The thing is that they already have the framework to do this. A senator is immune from prosecution for anything state on the floor of the senate. If Wyden is on the senate floor, he could read off the nuclear launch codes and there's not a damn thing that the executive can do about it. Furthermore, the senate has closed sessions. They had one just a couple of years ago for the START treaty. A senator could take the floor, tell the rest of the senate about any classified material they like, and the information isn't released to the public unless the Senate votes to remove the injunction of secrecy, so the information remains secure. Even if the injunction is removed, the senator is still protected by some fairly strict constitutional privilege.
I know about that, but I'm not sure that they are sure they could do something like that and get away with it. Couldn't they be accused of treason or something, and have their immunity revoked?
That's why I'm saying that it should be explicitly mentioned in the law that a Senator can do this in Congress, during that Senate briefing. It shouldn't be some vague power that states Senators can do a lot of stuff without fear of repercussion.
Actually I'd bet good money if a senator basically starting reading the details of NSA drag net plan on the senate floor they'd be prosecuted by some court for aiding terrorism, or not being American enough.
I believe they can have a senate session in a more secure location if it becomes necessary. More worrying is what happens when you now have 535 publicity-seeking people knowing about it. See AnimalMuppet's comment upthread, which I think sums the situation up pretty well.
One aspect of the Dilbert-universe the pointy-haired boss who has no expertise, yet he imposes immediate consequences upon the overseen. In contrast, if we are calling for management that does (understand) code, we are calling for management that have expertise.
This begs the question: who would be able to oversee the agencies with expertise, ever?
With 535 of them not including staff, they really shouldn't. And clearance isn't enough, you also have to have a need to know. We just need a system of oversight that works well.
"Clearance" isn't supposed to be some magic card that lets someone go find every document marked with their level of "clearance." It's just a permission to receive knowledge marked with that level of "clearance" as necessary to do one's job.
NSA staffers have defined roles and are given information on a need-to-know basis. Obviously the Snowden leaks proved that at least for a sysad, the technical component of the need-to-know restriction was broken, but that's how it's supposed to work.
For Congressional oversight to be useful, Congress (or a subset) need a higher level of access than that given to the NSA themselves - the ability to ask for any information and have it given to them.
That's a pretty powerful tool, so I don't think the "well NSA has lot of people" counter is valid.
So instead the people who make our laws should be blind to the results of those laws or anything that is happening outside of the laws they have written.
i think both of you are on the same side of the argument. If i got you correctly, you mean to say that Congressmen DESERVE a higher level of clearance than the NSA itself. The congress SHOULD be able to ask for any information and thus gain access to it. Did i get that right?
If i did, then your parent seems to want the same thing. He means that "there are 535 people in congress" is a bad defense.
Though i might have gotten you incorrectly and you might have meant that you cant say "but NSA employees have access! The congress should have it too!" Because giving access to congress is different to giving access to NSA employees as Congrees needs a VERY high level clearance to all 535 members, and that in the NSA itself, the actual number of people who have that kind of access would be very small.
Actually, they absolutely should have access. Their staffs? Probably some of their staffers too.
We're talking about people we trust to spend trillions of our dollars, decide if we fight a war, and make decisions that affect the entire country and world. It's some kind of Tom Clancy dream to think that their should legitimately be a higher level of clearance than elected congress and senate.
Oversight without congress? What do you mean, just some executive appointees? Maybe a private contractor bound to secrecy? Can they just be fired if the oversight is not liked?
They do have access. Staff must have security clearance, of course. Elected representatives are entitled, by virtue of their office, to classified information. Although there are obvious concerns with keeping information secret here, the alternative would subvert the democratic process.
Having said that, I'm not sure what bureaucratic obstacles the executive branch has put in place to obtaining classified information.
Sensitive Comparmented Information Facility: In United States security and intelligence parlance, a Sensitive Compartmented Information Facility (SCIF; pronounced "skiff") is an enclosed area within a building that is used to process Sensitive Compartmented Information (SCI) types of classified information.
Depending on the level, they often have TEMPEST shielding aka faraday cages to prevent leakage of electromagnetic signals from computers and whatnot. (google Van Eck Phreaking for some ideas on why heh)
I think it's Enoch Root that really pushes it into sci-fi territory. He's also a major character in The Baroque Cycle, implying that he's several hundred (or more) years old.
Well, there is Enoch Root, who I have never been entirely clear on. I haven't read the other books set in that universe however.
I believe the name "Enoch" is a hint though. Enoch in the Book of Genesis is the father of Methuselah and importantly did not die (but was instead "taken up", which admittedly is not much more clear than Cryptonomicon...)
A group of congresspeople agree to have a candid conversation with you behind closed doors, and you publicize the details of what was said. Good luck getting another conversation with anyone.
This is incredibly important. It means that there is hope, that the government is not some evil conspiracy, that there are people in power, people like ourselves.
The film Enemy of the State, and conspiracy theories mean that normal people think it is the status quo that our lives are under 100% surveillance and that they are powerless. In a way its been argued that this is quite comforting. Imagine a world where no-one knows what they are doing versus imagining a world where there is a conspiracy, an evil plan. What this type of public culture makes and what the worst conspiracy theories do is make politics seem hopeless, encourages apathy and reduces trust in politicians. At the same time it makes it easier for the real abusers of power to get away with it.
The recent phone tapping cases in the US being a point in case. Everyone thought it was going on all the time anyhow, so when it was revealed no one was suprised, and so the consequences were slight.
To know that those in power do actually think, and do listen, and do believe in the political process is very very vital.
It would be wrong to suggest that they're 'on our side', whatever that means, just because they met with Schneier. This could be a publicity stunt, a fact-hunting exercise (What exactly do you know, Mr. Schneier?), or just a genuine personal interest in checking other sources of information against the NSA line.
Regardless of their motivation, these people are still part of the same machine that put the NSA in motion, and thus far have been ineffective in curbing even it's more obvious breaches. Action speak louder than words...
I was just listening to Slate's political gabfest podcast...they talked about the NSA. It occurred to me that the media is still only talking about phone call metadata while the rest of us have been in the weeds of the rest of their activities, which are far more intrusive than metadata...
Rep. Logfren (Democratic) http://lofgren.house.gov/biography/ Wikipedia - http://en.wikipedia.org/wiki/Zoe_Lofgren
Rep. Sensenbrenner (Republican) http://sensenbrenner.house.gov/biography/ Wikipedia - http://en.wikipedia.org/wiki/Jim_Sensenbrenner
Rep. Scott (Democratic) http://www.bobbyscott.house.gov/biography/ Wikipedia - http://en.wikipedia.org/wiki/Bobby_Scott_%28U.S._politician%...
Rep. Goodlate (Republican) http://goodlatte.house.gov/pages/about-bob Wikipedia - http://en.wikipedia.org/wiki/Bob_Goodlatte
Rep Thompson (Democratic) http://mikethompson.house.gov/biography/ Wikipedia - http://en.wikipedia.org/wiki/Mike_Thompson_(California_polit...
Rep. Amash (Republican) http://amash.house.gov/about-me/full-biography Wikipedia - http://en.wikipedia.org/wiki/Justin_Amash
Edit: Cleaned up one of the links and got rid of a repetitive sentence.