Ethical Compromises in the Name of National Security

colemiccolemic Member Posts: 1,568 ■■■■■■■□□□
in Off-Topic
Infosecurity - Comment: Ethical Compromises in the Name of National Security

Just curious if you agree/disagree? Personally it seems a bit of a stretch to me.
Working on: CCSP, definitely, maybe. On the twitters: @mcole1008
· Share on FacebookShare on Twitter

Comments

  • kriscamaro68kriscamaro68 A+, Net+, Server+, Security+, Win7 MCP, Server 2012 Virtualization Specialist, MCSA 2012 Member Posts: 1,186 ■■■■■■■□□□
    I agree with a lot of it. I think the NSA has shown that it is useless at capturing data that has prevented attacks. Boston bombings, lots of mass shootings and plenty of other things. Even people in congress, and people who worked at the NSA have said that, the NSA hasn't stopped much of anything from happening ever since NDAA was implemented. Just another data mining op for who knows what down the road in my opinion. For awhile there, when I heard that they would be building the NSA facility just 10 miles from where I lived at the time, I wanted to work there. I have however decided that, I would never work for the NSA as I do not agree with what they do that violates peoples privacy. I just couldn't do that for a living knowing that it is really not in the best interest of the people.
    · Share on FacebookShare on Twitter
  • the_Grinchthe_Grinch Member Posts: 4,164 ■■■■■■■■■■
    The problem is security professionals are not lawyers plain and simple. You question the legality of what you are doing and then a lawyer comes to you with a letter saying "you are legally allowed to proceed." I don't believe anyone at that point would say no. From an ethical standpoint, it is an entirely grey area that I don't believe anyone could truly answer. If the measurement is what caused more harm there really is no way to determine that. It's like that age old question, kill one child and save 1 million people. What do you do?

    You make the best decision you can at the time with the information that you have.
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
    · Share on FacebookShare on Twitter
  • tpatt100tpatt100 Member Posts: 2,991 ■■■■■■■■■□
    The FBI has prevented what could have been mass shootings plenty of times if you keep up with the news on a regular basis.

    FBI prevented 148 mass shootings in 2013: Eric Holder | New York Post "Behavioral Threat Assessment Center"

    What events the NSA is or is not involved with who knows exactly, from what I have read the biggest benefit from relaxed requirements in surveillance was against the illegal drug trade. I think some of these counter terrorist homeland security groups that the government setup after 9/11 got heavily involved with that in order to make themselves look busy.

    I remember also reading that the data collection program was so big that it would take years to work through and it is most likely for future projects dealing with behavioral science.

    I really don't know how security professionals are supposed to deal with this:
    Whereas targeted surveillance based on just cause remains necessary and has a clear basis in law, support for indiscriminate surveillance is difficult to reconcile with the industry’s notions of professional ethics.

    When it comes to law enforcement orders for the handing over of customer data since you are kinda screwed with gag orders and you can just hope your company has the legal power to put up a decent fight. This Facebook story caught my eye today:

    BBC News - Facebook fights 'largest ever' US court data request

    Facebook fights 'largest ever' US court data request
    The social media site said the request was "by far the largest" it had ever received from a government body.

    Photographs, private messages and other information were supplied to a New York court last year, but the process was only made public by a judge this week.

    The ruling defined Facebook as a "digital landlord".

    A judge said this definition meant the company must comply with search warrants.

    The original case investigated fraudulent claimants of US federal disability benefits, whose Facebook accounts apparently showed that they were in fact healthy.

    The web giant was ordered to hand over information from the 381 accounts, which the court said contained "evidence of criminality".

    'Unconstitutional'
    After an appeal was denied, Facebook complied with the request but protested that it violated the Fourth Amendment of the US constitution, which protects against "unreasonable searches and seizures".

    Facebook also voiced concerns about the lack of date restrictions on the warrant, which it argued allowed the US government to keep the data indefinitely, and the range of data requested, which it said would contain private material which bore no relation to the trial.

    The proceedings have been kept private by the court, but after a fresh appeal by Facebook a New York judge has now made the court filing public.

    Facebook said the government had obtained "gag orders", preventing it from telling the account holders that it had been forced to hand over their data.

    "This unprecedented request is by far the largest we've ever received - by a magnitude of more than ten - and we have argued that it was unconstitutional from the start," wrote Chris Sonderby, a legal adviser to Facebook.

    "Of the 381 people whose accounts were the subject of these warrants, 62 were later charged in a disability fraud case.

    That many people and only 62 charges sounds like fishing to me.
    · Share on FacebookShare on Twitter
  • colemiccolemic Member Posts: 1,568 ■■■■■■■□□□
    Devil's advocate here, but doesn't Facebook's T&C grant them rights to your photos, PMs, etc? So if they technically are the owners (since you released rights to them by posting) they shouldn't have to notify the end user (except out of common decency.) It just seems odd that as long as they benefit from the data mining, it's not a problem to them, but it's suddenly a legal/ethical question when someone wants to derive value from the data.

    re: NSA, I am still of the opinion that it would be next to impossible for anyone except security analysts, etc. to know exactly what programs they NSA is running - that's the whole point of compartmentalization.
    Working on: CCSP, definitely, maybe. On the twitters: @mcole1008
    · Share on FacebookShare on Twitter
  • tpatt100tpatt100 Member Posts: 2,991 ■■■■■■■■■□
    Except you explicitly grant them permission to do so when you register for the service. The issue is with the broad reach of the search warrant that was granted:

    http://www.nytimes.com/interactive/2014/06/26/technology/facebook-search-warrants-case-documents.html

    The government requested data that went way beyond what was needed, they wanted ALL data records for these people which was for dates that didn't even have anything to do with the disability time periods. When lawyers request data as part of a discovery process they have to explain the time periods requested, the government just said "give us anything and everything they have".

    Then the district attorney says that these people's Facebook activity proves fraud was being committed which I then ask "why such a small number of charges filed?" Which to me sounds like they went looking for the most active Facebook users in the 1000 suspects and figured there must be evidence if they are very active online.
    · Share on FacebookShare on Twitter
  • DevilWAHDevilWAH Member Posts: 2,997 ■■■■■■■■□□
    kriscamaro68 wrote: »
    I agree with a lot of it. I think the NSA has shown that it is useless at capturing data that has prevented attacks. Boston bombings, lots of mass shootings and plenty of other things. Even people in congress, and people who worked at the NSA have said that, the NSA hasn't stopped much of anything from happening ever since NDAA was implemented. Just another data mining op for who knows what down the road in my opinion. For awhile there, when I heard that they would be building the NSA facility just 10 miles from where I lived at the time, I wanted to work there. I have however decided that, I would never work for the NSA as I do not agree with what they do that violates peoples privacy. I just couldn't do that for a living knowing that it is really not in the best interest of the people.

    I think people forget that its only when they don't prevent some thing that it gets in the news. The very fact it is there means that people planning things have to go off the grid and in doing so means more resources, times and skills are needed by would be terrorists to not get caught. This in its self prevents a large number of opportunistic attacks.

    I would rather work for the NSA than some big oil company who care for nothing more than money. People are happy to put fuel in there car or buy goods from companies that treat there staff as slaves.

    It seems we turn a blind eye to Ethics if some one is giving us want we want. But are happy to use it to argue against things we don't like. Do I agree with the NSA and GCHQ ethics? not always, but I do rather they are there than not.
    • If you can't explain it simply, you don't understand it well enough. Albert Einstein
    • An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.
    Linkin Profile - Blog: http://Devilwah.com
    · Share on FacebookShare on Twitter
Sign In or Register to comment.