Silkenweb Example: Hackernews Clone

All calls in the Netherlands are stored, indexed and searched for keywords

164 points by Father 12 years ago | 53 comments

rorykoehein 12 years ago
Here's a year-old story by a more reliable Dutch newspaper, claiming 1 in 1000 phones is being tapped in the Netherlands.
http://translate.google.com/translate?hl=en&sl=nl&tl=en&u=ht...
lucb1e 12 years ago
I call bullshit. Phone metadata is saved since forever yes, but stored at ISPs, not at government organisations. There are strict regulations regarding the privacy of voice data over the phone (VoIP does not count as such though), and I don't think the secret service and military secret service (AIVD and MIVD) can do anything they like. They have more permissions, such as demanding passwords for encrypted files as long as it's not for your own conviction (while normally you have the right to remain silent), but it probably doesn't go that far. Keyword searches are probably not true.
It is however worth mentioning that we have this CIOT system which is a publicly known and automated system that actually provides automated access to name and address details of any given Dutch IP address. The system is updated with ISPs' data every morning and can be queried at will. ISPs, even the most privacy-aware one (XS4ALL) do not give statistics of how often their part of the database was queried (I asked them), but it has been made public that the database had a total of 2.6 million queries over 2010 and 2.9 in 2009. That's one in six citizens' data queried for no apparent reason.
Tech details: The CIOT system is a centralized search dispatcher, that queries systems provided by individual ISPs. A government official can enter an IP there and within seconds all ISPs have been queried and one probably returns a match.
- coldtea 12 years ago
  >I call bullshit. Phone metadata is saved since forever yes, but stored at ISPs, not at government organisations. There are strict regulations regarding the privacy of voice data over the phone (VoIP does not count as such though), and I don't think the secret service and military secret service (AIVD and MIVD) can do anything they like. They have more permissions, such as demanding passwords for encrypted files as long as it's not for your own conviction (while normally you have the right to remain silent), but it probably doesn't go that far. Keyword searches are probably not true.
  Yes, because secret services have been known to strictly follow the law, and not do anything without telling you first.
- Father 12 years ago
  I think it's dangerous to go on record beforehand claiming something is "bullshit". If I've learned anything over the last view days it's that reports like these should be taken seriously and no stone should be left unturned to find out the truth. We can't just assume intelligence operations can't; we need to know they can't. Let the House of Representatives proof it's nonsense. Also, thanks for adding the bit about CIOT.
- yread 12 years ago
  more information on the CIOT
  http://ripe58.ripe.net/content/presentations/ciot.pdf
  it says 250k queries per month... kinda hard to get warrants for all of them i guess
  - lucb1e 12 years ago
    Like I care how hard it is for them to get warrants. My question to them is why do you even need all this data in the first place?
    - jacquesm 12 years ago
      I think that is the question we all would like an answer to, but we don't all draw your conclusion from it (that if they don't need it they won't collect it).
      We have a public transport system here that functioned just fine using anonymous cards, and it got replaced by one that allows near perfect tracking of every individual using public transport. Why anybody would want to is a good question, but it is the system we've got and the data is being kept.
- ohwp 12 years ago
  I agree this is a bullshit story. They only store conversations when they have an eavesdrop approval.
  A lot of people underestimate the amount of storage it would take to store all voice data.
  - derf_ 12 years ago
    So let's estimate:
    http://www.telegeography.com/press/press-releases/2012/01/09... says there were 438 billion international (because that's all the NSA collects, right?) calling minutes in 2011 (in the world... not just the Netherlands).
    Aberdeen will sell you 1 PB of storage for $495k: http://www.aberdeeninc.com/abcatg/petarack.htm
    A narrowband speech codec will encode calls in excellent quality (for the PSTN) at 12 kbps.
    So that's 438 * 10^9 minutes * 60 seconds/minute * 12000 bits/second / (8 bits/byte * 10^15 bytes/petabyte) (using lying harddrive manufacturer's definitions of a petabyte) = 39.42 PB.
    Or less than $20mln/year. Which of course is the quoted budget of PRISM.
    - SigmundA 12 years ago
      Your not counting bandwidth, cpu, facility and personnel charges required to pull this off, raw storage is a minor part of the cost.
  - ajb 12 years ago
    Commercial speech compression algorithms are hamstrung by the need to only add milliseconds of delay: they can only compress over a 'window' of tens of milliseconds. You can almost certainly do a much better job of compressing speech in batches of an minutes or tens of minutes: there is much more redundancy to remove. So if the spooks wanted to store massive amounts of speech data, they may have invested in such algorithms.
  - haarts 12 years ago
    Storing voice (audio) data is not what the article says. I'd imagine you transcribe the audio to text and search in that. Storing text is incredibly easy. Besides you can throw away 99.9% of the data almost immediately.
    I'm actually curious how much text data this would be per day; number of call minutes * average number of words per minute. I'd be surprised if that wouldn't fit in a reasonable cluster.
    - SigmundA 12 years ago
      You underestimate the CPU power needed to do this. The Netherlands has a population of 16 million, by comparison Google voice has about 1.4 million users. This is an order of magnitude difference. On top of this they only transcribe voicemail not all calls. What is the ratio of calls to voicemail?
      Transcribing all voice calls to text in the Netherlands computationally could easily be two orders of magnitude more difficult than Google voice.
    - MichaelSalib 12 years ago
      I'm sorry, but do we really think that machine transcription of millions of cell phone conversations is worth anything? How can anyone believe that after using google voice?
  - lucb1e 12 years ago
    True actually. Ironically, a call itself is much more expensive than storing it for 20 years would be.
    They do have a lot of eavesdrop approvals though, or so I heard from a colleague. (But that still doesn't mean they capture all the calls.)
- damo7 12 years ago
  Also all telecom companies must provide to CIOT all new and updated registered customer buying MSISDN's. If it is postpaid, all details including address, full name and D.O.B is given, prepaid also, but that can depend on how the customer has purchased the SIM.
  Anyhow, why does it matter that much. If you have something to hide, then I'd be sweating. If not, who really gives a sh*te if people are tapping into our digital lives.
  Facebook, Google and rest are just as bad as the governments. They are invading us with advertisements in all parts of our digital life.
  If people are worried about it, turn your crap off.
  - mindcrime 12 years ago
    If you have something to hide, then I'd be sweating. If not, who really gives a shte if people are tapping into our digital lives.*
    Because your "something to hide" may be something that is currently legal / acceptable / non-embarrassing / etc., but becomes illegal / unacceptable / embarrassing / threatening to those in power / etc. in the future. And because governments have been known to collect data, nominally for legal reasons, and use it for political purposes, to threaten, harass and intimidate people based on their political affiliation.
    All of that said, it really comes down to the principle of the thing. I've said - and will continue to say - plenty of things that could endanger me in some hypothetical future. I actually tend to be very public with most of my thoughts, rants, ramblings, and what-not, as I have an attitude of "If you don't like what I say, fuck you" directed at the government and pretty much everybody else. I have almost nothing to hide. BUT... not everybody has that attitude, and some people care more about keeping their "stuff" private. And even I want the option of keeping certain things private when the need arises. Just because I'm, say, 99% transparent (whatever that means) doesn't lessen the importance of that "1% secret". And that's the rub... everybody probably has at least "1%" of things that they do want to keep private/secret, now or in the future. And they should have the option to do that if they want.
- jvdh 12 years ago
  The CIOT system can not legally be queried "at will", they have to have permission. Although the bar for this permission is incredibly low, I believe there have been some cases where it was denied.
  - waps 12 years ago
    Of course some government services have blanket permission. Example 1: the (dutch) IRS.
berryg 12 years ago
"De Telegraaf" may not be a reliable source, but even members of parliament are asking questions. Apparently the Dutch government is preparing a massive internet interception program. See: https://www.bof.nl/2013/06/10/nederlandse-overheid-broedt-op.... Sorry, but Google Translate does not translate HTTPS urls.
merijn481 12 years ago
The newspaper that published this, 'Telegraaf', is notorious for publishing bullshit. The article is very short, the journalist wouldn't be able to check if it's true, and the newspaper hungry to publish anything that attracts readers. Offline version of link-bait.
- lucb1e 12 years ago
  Yes, I got the same notion
Arjuna 12 years ago
If you are interested in this story and comments, then you will most likely be interested in the following comment and associated dialogue as well:
https://news.ycombinator.com/item?id=5830994
guard-of-terra 12 years ago
I fail to understand why tiny tranquil european countries without serious dangers of terrorism or organized crime even do this. They have nothing to reveal by intrecepting communications, why spend money and public credit on this?
- yread 12 years ago
  Are you serious? Dutch jihadists are fighting in Syria, the Detroit underwear bomber boarded his plane at Amsterdam Schiphol and organized crime is a serious problem in the Netherlands (see http://www.nokturnis.net/nokwiki/tiki-index.php?page=Organiz... )
  - johansch 12 years ago
    And a homegrown Islamist network assassinated a well-known dutch film director after he made a movie criticizing the treatment of women in Islam:
    http://en.wikipedia.org/wiki/Theo_van_Gogh_(film_director)
    - lostlogin 12 years ago
      What? So you can have attacks on your country without requiring the world to go into lockdown, without having to invade several countries and without having to molest every traveler?
  - haarts 12 years ago
    I think it goes a bit far to call a couple of nutjobs 'jihadists'. And the fact that someone traveled through one of our airports doesn't mean we have a structural problem.
    - yread 12 years ago
      Of course they are nutjobs and you could probably call them other names as well, but my point is that they went to Syria to do 'jihad', so they are jihadists.
- Father 12 years ago
  http://en.wikipedia.org/wiki/Hofstad_Network
- lucb1e 12 years ago
  Not even America is so high-risk if you ask me.
- Cthulhu_ 12 years ago
  Going off on a tangent, perhaps the Netherlands doesn't have serious terrorism or organized crime /because/ of these measures, quelling them before they even go public?
  - jvdongen 12 years ago
    Well, that's the million dollar/euro question isn't it? It's a bit hard to verify with all the secrecy going on. And arguably without some level of secrecy you cannot have effective intelligence. It's a bit of a catch-22.
- raverbashing 12 years ago
  Exactly because it's tiny
kiep 12 years ago
ECHELON is a global communications interception system, created by the United States, the United Kingdom, Canada, Australia and New Zealand to routinely and indiscriminately monitor and record all forms of electronic communications worldwide both military and civilian and overseen by the National Security Agency. Designed during the cold-war, ECHELON primarily intercepts worldwide non-military communications, including those from governments, organizations, businesses and individuals. It could intercept practically any communication between countries anywhere in the world. The project ECHELON receiving system thieves this streams of millions of communications every hours to massive rez of computers. These computers decrypt messages when necessary, than when required utilize optical character recognition or advanced voice recognition techniques to extract words from each message. Every message captured is analysed for keywords or phrases found in the ECHELON dictionary. Keywords include all the names, places, code words or subjects that might be of interest. There are second search lists for each member country. Messages acquired at any of the receiving posts, containing requested keywords are automatically past on to intelligence organizations requesting those keywords. Those messages are flagged for further analysis. ...and ray of receiving stations collect all international communications carried by approximately 20 INTELSAT satellites. The INTELSATs are used by telephone companies of most countries. Thou they carry primarily civilian traffic, they also carry diplomatic and governmental communications. These INTELSATs are positioned in the stationary orbit around the equator and carry tens of thousands of simultaneous phone-calls, faxes and e-mails.
Marthyn 12 years ago
The Telegraaf is not the most reliable source.. just saying.
eternalban 12 years ago
http://youtu.be/vyUQ0Z5hyU0