1: There’s 2 differences I see; I’d categorize it more as ‘collecting’ than ‘monitoring,’ and despite the many arms of the NSA, I’d bet the CCP is far worse. A way to measure this is network latency: traffic leaving China is noticeably slower, due to the Great Firewall and the amount of filtering CCP agencies do to all data. Traffic leaving the US encounters 0 or minimal latency; so if it’s being monitored, it’s not real-time. I actually have worked with a person who had access to the NSA database during it’s pre-Snowden days. According to him, there was far more data being collected then was being used, for legal reasons and practical ones. Legally, it was not considered monitoring US persons until the traffic was unencrypted; so while they might have a phone call recorded, it’s not Illegal until they decrypt it. (yes, I know, this makes enforcement entirely an internal measure)
2: The most convenient, quiet, and effective way of getting access is legitimate credentials. If you can steal them, that’s great, but if you can send a police officer to tell the company to make you creds, that’s way easier. I agree with you as far as high-value targets go; you do lose some secrecy if you have to bring the server owners on board. But for the average user, I’d guess it’s more efficient to save your ‘hackers’ for more useful stuff, and use bureaucrats as much as possible in their place.
3: VPN usage is growing, but as you pointed out, data-collection is growing too, at what I see as a far faster rate. I know a few optimistic people, but I’m pessimistic, I think these measures will just delay the complete loss of privacy (and therefore the ‘Hari Seldon-ing’ of big businesses).
>I’d categorize it more as ‘collecting’ than ‘monitoring,’
>China filters outside traffic, and the U.S. doesn’t, so the U.S. must not be collecting that data for later analysis.
>I had a friend who worked for the NSA who told me it was alright. I suppose that means it was alright.
You’re trying to cast ambiguity on things that are already wide public knowledge. The NSA collects and *analyzes* this data. That the U.S. doesn’t block Chinese websites on an ISP level is entirely irrelevant. It makes no technical sense to halt a user’s internet connection in real time while you analyze it for terrorist activity, when you can concurrently send it off to an NSA server and get the same analysis seconds later. The Great Firewall is analyzing ISP traffic so that it can find its destination and drop it if it’s on a blacklist. These are two completely different technical and political goals.
There is always going to be far more data than is being used when you collect data on the scale the NSA does. While I generally don’t think you shouldn’t take this guys word at face value, this fact does not preclude any level of surveillance or misconduct on the NSA’s part. NSA employees could be sitting in their office chairs nine hours of the day looking at nudes or emails of journalists and “most data would remain unused”, or so your coworker might report.
2. With regards to the ones I’m familiar, you are, in practice, incorrect, or at least most police/spy agencies currently disagree with your cost benefit analysis. This is like saying that it’s better to try to collude with the bartender at a place where the Mafia hangs out than it is to just plant wiretaps when everyone has for the night. The NSA and the MSS don’t *want* people who work at a technology company to know how and where they are collecting data. It unnecessarily compromises the entire point of collecting such data in the first place. The average user is nabbed in the process of clandestinely hacking “high value targets” like Google.
1: There’s 2 differences I see; I’d categorize it more as ‘collecting’ than ‘monitoring,’ and despite the many arms of the NSA, I’d bet the CCP is far worse. A way to measure this is network latency: traffic leaving China is noticeably slower, due to the Great Firewall and the amount of filtering CCP agencies do to all data. Traffic leaving the US encounters 0 or minimal latency; so if it’s being monitored, it’s not real-time. I actually have worked with a person who had access to the NSA database during it’s pre-Snowden days. According to him, there was far more data being collected then was being used, for legal reasons and practical ones. Legally, it was not considered monitoring US persons until the traffic was unencrypted; so while they might have a phone call recorded, it’s not Illegal until they decrypt it. (yes, I know, this makes enforcement entirely an internal measure)
2: The most convenient, quiet, and effective way of getting access is legitimate credentials. If you can steal them, that’s great, but if you can send a police officer to tell the company to make you creds, that’s way easier. I agree with you as far as high-value targets go; you do lose some secrecy if you have to bring the server owners on board. But for the average user, I’d guess it’s more efficient to save your ‘hackers’ for more useful stuff, and use bureaucrats as much as possible in their place.
3: VPN usage is growing, but as you pointed out, data-collection is growing too, at what I see as a far faster rate. I know a few optimistic people, but I’m pessimistic, I think these measures will just delay the complete loss of privacy (and therefore the ‘Hari Seldon-ing’ of big businesses).
1.
>I’d categorize it more as ‘collecting’ than ‘monitoring,’
>China filters outside traffic, and the U.S. doesn’t, so the U.S. must not be collecting that data for later analysis.
>I had a friend who worked for the NSA who told me it was alright. I suppose that means it was alright.
You’re trying to cast ambiguity on things that are already wide public knowledge. The NSA collects and *analyzes* this data. That the U.S. doesn’t block Chinese websites on an ISP level is entirely irrelevant. It makes no technical sense to halt a user’s internet connection in real time while you analyze it for terrorist activity, when you can concurrently send it off to an NSA server and get the same analysis seconds later. The Great Firewall is analyzing ISP traffic so that it can find its destination and drop it if it’s on a blacklist. These are two completely different technical and political goals.
There is always going to be far more data than is being used when you collect data on the scale the NSA does. While I generally don’t think you shouldn’t take this guys word at face value, this fact does not preclude any level of surveillance or misconduct on the NSA’s part. NSA employees could be sitting in their office chairs nine hours of the day looking at nudes or emails of journalists and “most data would remain unused”, or so your coworker might report.
2. With regards to the ones I’m familiar, you are, in practice, incorrect, or at least most police/spy agencies currently disagree with your cost benefit analysis. This is like saying that it’s better to try to collude with the bartender at a place where the Mafia hangs out than it is to just plant wiretaps when everyone has for the night. The NSA and the MSS don’t *want* people who work at a technology company to know how and where they are collecting data. It unnecessarily compromises the entire point of collecting such data in the first place. The average user is nabbed in the process of clandestinely hacking “high value targets” like Google.