By By Paul Wallis Jun 9, 2013 in World Sydney - The revelation of intelligence gathering operations being carried out against US citizens has started an inferno. The press is raging against PRISM. The Director of National Intelligence, meanwhile, has misread the public entirely. The Guardian has since released more information to clarify how PRISM works. It does collect data directly from servers of the companies listed above. The companies have denied any knowledge of the operation. This image was released by The Guardian as evidence of the intelligence gathering methods of PRISM. It's part of a slideshow. The Guardian 1. There is a legitimate legal right for intelligence agencies to gather data. (After all, that’s what they do.) PRISM’s legality beyond those powers is part of what’s in dispute. 2. One question is whether the mere existence PRISM’s information is a threat. It may be subject to hacking and leaks, and such a huge load of possible data would be almost impossible to secure. 3. In the environment in which PRISM operates, all information is a potential source of cash. PRISM could be the mother lode for information sellers and buyers. 4. That information could also be used to track down people quite easily. Simply mentioning a subject could get you targeted, if you suddenly get interesting. 5. People could be put in very dangerous situations simply because a security agency has a bit of information about them which is useful, or worse, a threat to others. 6. Intelligence gathers a very large amount of information, of which only a relatively small percentage is actually useful enough to act upon at any time. Building up a picture of a security threat takes time, patience, and expert analysis. PRISM, however, appears to act like a feed lot for information, capable of collecting gigantic amounts of data. It’s capable of creating a lot of accessible information about individuals and companies. Misreading the public view The Director of National Intelligence, made this statement prior to the release of Snowden’s identity: Before the whistleblower's identity was revealed, US Director of National Intelligence James Clapper has vowed to "track down whoever's doing this" and accused the leaker of causing "huge, grave damage" to US intelligence. Wrong, Mr Clapper. Arguably, the most severe damage has been to the trust of the public in the intelligence agencies supposed to protect them. This is an added straw, and it may be one too many. Consider the environment in which this revelation has occurred: A severely polarized political environment. The post-911 society, in which “security” has become a major industry, largely invisible to the public and often the basis of conspiracy theories. A polarized society, in which the “1% factor” is now a major issue in any sort of national debate. A recent history of serious American debacles going all the way back to the McCarthy era, JFK, RFK and Martin Luther King Jr. assassinations, Vietnam, Watergate, Nicaragua, Panama, mortgage securities, conduct of later wars, the GFC, massive unemployment, and rampant crime far beyond any level ever experienced before the 1980s. This society is pretty much entitled on the basis of history alone to question whether or not any government or government agency is or ever has been on its side. To discover that a vaguely recognised collection of security agencies is now collecting an unspecified, almost unquantifiable, and indescribable, amount of information on US citizens isn’t a good look. Snowden apparently shares these worries. He’s Let’s look at the classes of information PRISM is capable of accessing online: Facebook, YouTube and other social media: Mainly propaganda in terms of legitimate security interests. PRISM is reading the equivalent of press releases, and seeing who applauds. Some info? Yes. Valuable? Debatable. Microsoft and Apple: Broad based functional surveillance capabilities using common platforms and operating systems. This class of information relates to the nuts and bolts ability to read software. Under a piece of now-obscure US legislation dating back to the mid-90s, intelligence agencies were able to insist on being able to read this stuff. Nothing new there, but apparently the media forgot that legislation. It made a big fuss at the time. Google, AOL, Yahoo: Broad based communications platforms, carrying huge amounts of information per second. This really is “anything and everything”. Are intelligence agencies able to access this stuff? Of course. They always were. There are multiple ways of doing it, too. Now look at the platforms for handling data: Computers, tablets, etc: Not secure, by any stretch of the imagination. Phones: There is absolutely nothing secure about a phone. You’d need a range of software to even pretend to be secure, and all of that software is accessible to intelligence agencies by the same law as software reading. Wi-Fi and wireless access: Have never been secure, period. Put that into combination. All classes of data, yes. Efficient, not necessarily. Able to obtain information in new ways? Not really, on face value. Is PRISM itself secure? This is the second part of the public’s worries: Some third party is holding information which might be damaging to people. Whether this risky information is held by the government or McDonalds is almost irrelevant. People have no way of knowing what information, or being sure that risk-sensitive information won’t be accessed by hackers, spies, etc. A phone number or an address can be a death sentence. If PRISM is secure, it’ll be the only system that ever has been. That’s asking too much of public credulity, even if the agencies’ need and right to access information is accepted unconditionally, which it isn’t. Trust is a commodity, too, and when it runs out, getting it back is likely to be very difficult. Politicians in particular tend to be very un-trusting. With 312 million people baying at them, less so. The PRISM problem Experienced intelligence operators know that their own systems are as much targets as they are tools. PRISM is now one huge bullseye for foreign spies, hackers, and organised crime. It’ll be more popular than Christmas. Snowden obviously didn’t intend to increase risk to the public, and the agencies obviously weren’t about to start making targets out of themselves, but this information monster was always going to be identifiable. Maybe it’s time to re-examine this idea and come up with something more palatable, or at least plausible, to the public? And, perhaps, to other security agencies? The idea that US intelligence data is now a risk to them is hardly appealing. It’s necessary to redefine PRISM and if not make it cute and cuddly, make it secure, preferably in a different configuration. The worst case scenario for the agencies is a Wikileaks a day, courtesy of PRISM. The huge risk of PRISM is its apparent size and scope. Perhaps a more scalable, diversified range of operations would be safer for everybody? Looks like way too many eggs in this basket, and some of them are already going rotten. I’ve said this before: This situation is extremely dangerous. It’s likely to get more dangerous, rapidly. The leak about PRISM, the giant program designed to manage internal security, came as a shock to those who didn’t know about it. It apparently came as more of a shock to those who did. PRISM is seen as a monster by the public, but it’s the vehicle of choice for those using it. The original disclosure by the Guardian and the Washington Post was quite bad enough. The NSA is able to obtain information from “Microsoft, Google, Facebook, Yahoo, AOL, PalTalk, Skype, YouTube, Apple” according to the NSA slides used to demonstrate PRISM’s authenticity. This sort of reach really does mean “everybody”. Snowden isn’t exactly blowing his own horn very loud. He’s taken real risks blowing the whistle on this operation, and is worried more about the possible effects on his family and friends than himself.The Guardian has since released more information to clarify how PRISM works. It does collect data directly from servers of the companies listed above. The companies have denied any knowledge of the operation.Let’s clarify this situation before going any further:1. There is a legitimate legal right for intelligence agencies to gather data. (After all, that’s what they do.) PRISM’s legality beyond those powers is part of what’s in dispute.2. One question is whether the mere existence PRISM’s information is a threat. It may be subject to hacking and leaks, and such a huge load of possible data would be almost impossible to secure.3. In the environment in which PRISM operates, all information is a potential source of cash. PRISM could be the mother lode for information sellers and buyers.4. That information could also be used to track down people quite easily. Simply mentioning a subject could get you targeted, if you suddenly get interesting.5. People could be put in very dangerous situations simply because a security agency has a bit of information about them which is useful, or worse, a threat to others.6. Intelligence gathers a very large amount of information, of which only a relatively small percentage is actually useful enough to act upon at any time. Building up a picture of a security threat takes time, patience, and expert analysis. PRISM, however, appears to act like a feed lot for information, capable of collecting gigantic amounts of data. It’s capable of creating a lot of accessible information about individuals and companies.The Director of National Intelligence, made this statement prior to the release of Snowden’s identity:Wrong, Mr Clapper. Arguably, the most severe damage has been to the trust of the public in the intelligence agencies supposed to protect them. This is an added straw, and it may be one too many.Consider the environment in which this revelation has occurred:A severely polarized political environment.The post-911 society, in which “security” has become a major industry, largely invisible to the public and often the basis of conspiracy theories.A polarized society, in which the “1% factor” is now a major issue in any sort of national debate.A recent history of serious American debacles going all the way back to the McCarthy era, JFK, RFK and Martin Luther King Jr. assassinations, Vietnam, Watergate, Nicaragua, Panama, mortgage securities, conduct of later wars, the GFC, massive unemployment, and rampant crime far beyond any level ever experienced before the 1980s.This society is pretty much entitled on the basis of history alone to question whether or not any government or government agency is or ever has been on its side. To discover that a vaguely recognised collection of security agencies is now collecting an unspecified, almost unquantifiable, and indescribable, amount of information on US citizens isn’t a good look.Snowden apparently shares these worries. He’s acted in conscience , not out of any apparent malice. He felt the public needed to know. If Mr Clapper is worrying that information from those sources will dry up as a result of Snowden’s whistle blow, he’s probably right- To a point. Realistically, how much important information goes online? How much is kept away from any risk of easy access?Let’s look at the classes of information PRISM is capable of accessing online:Mainly propaganda in terms of legitimate security interests. PRISM is reading the equivalent of press releases, and seeing who applauds. Some info? Yes. Valuable? Debatable.Broad based functional surveillance capabilities using common platforms and operating systems. This class of information relates to the nuts and bolts ability to read software. Under a piece of now-obscure US legislation dating back to the mid-90s, intelligence agencies were able to insist on being able to read this stuff. Nothing new there, but apparently the media forgot that legislation. It made a big fuss at the time.Broad based communications platforms, carrying huge amounts of information per second. This really is “anything and everything”. Are intelligence agencies able to access this stuff? Of course. They always were. There are multiple ways of doing it, too.Now look at the platforms for handling data:Not secure, by any stretch of the imagination.There is absolutely nothing secure about a phone. You’d need a range of software to even pretend to be secure, and all of that software is accessible to intelligence agencies by the same law as software reading.Have never been secure, period.Put that into combination. All classes of data, yes. Efficient, not necessarily. Able to obtain information in new ways? Not really, on face value.This is the second part of the public’s worries: Some third party is holding information which might be damaging to people. Whether this risky information is held by the government or McDonalds is almost irrelevant. People have no way of knowing what information, or being sure that risk-sensitive information won’t be accessed by hackers, spies, etc. A phone number or an address can be a death sentence.If PRISM is secure, it’ll be the only system that ever has been. That’s asking too much of public credulity, even if the agencies’ need and right to access information is accepted unconditionally, which it isn’t. Trust is a commodity, too, and when it runs out, getting it back is likely to be very difficult. Politicians in particular tend to be very un-trusting. With 312 million people baying at them, less so.Experienced intelligence operators know that their own systems are as much targets as they are tools. PRISM is now one huge bullseye for foreign spies, hackers, and organised crime. It’ll be more popular than Christmas. Snowden obviously didn’t intend to increase risk to the public, and the agencies obviously weren’t about to start making targets out of themselves, but this information monster was always going to be identifiable.Maybe it’s time to re-examine this idea and come up with something more palatable, or at least plausible, to the public? And, perhaps, to other security agencies? The idea that US intelligence data is now a risk to them is hardly appealing.It’s necessary to redefine PRISM and if not make it cute and cuddly, make it secure, preferably in a different configuration. The worst case scenario for the agencies is a Wikileaks a day, courtesy of PRISM. The huge risk of PRISM is its apparent size and scope. Perhaps a more scalable, diversified range of operations would be safer for everybody? Looks like way too many eggs in this basket, and some of them are already going rotten.I’ve said this before: This situation is extremely dangerous. It’s likely to get more dangerous, rapidly. This opinion article was written by an independent writer. The opinions and views expressed herein are those of the author and are not necessarily intended to reflect those of DigitalJournal.com More about PRISM, Clapper, snowden, US intelligence, public trust in government security agencies More news from PRISM Clapper snowden US intelligence public trust in gove... Microsoft Apple Facebook Google Yahoo AOL operating systems re...