Tuesday, July 18, 2023

Privacy and Mythology


I recently listened to an interview with Ed Snowden, who hadn’t fallen under my radar before.  I think the interview was an old one because it appeared to take place when Trump was running in the 2016 election.  Makes sense, because Snowden entered the limelight in 2013.  The picture Snowden paints is grim, indeed.  According to him, everything we do, all of the meta data generated by any and all of our electronic devices is captured and saved forever.  So, we have no privacy.  We have no security.  We have no control over how information regarding our activities is used or who can see it.  It’s all out there, according to Snowden, and agencies like the NSA don’t need a reason to pull any one of us onto their screen and review where we’ve been going, to whom we’ve been speaking, what we’ve been buying, what web sites we visit, where our social media sweet spots reside.


Naturally, I find this very disturbing, as anyone would.  But, in my case, these contentions raise lots of questions.  You see, I just retired from a career as a Systems Administrator.  My title was Systems Engineer, but I wasn’t an Engineer.  I didn’t create the software and had a very small role in designing the systems I maintained.  I administered a virtual environment that supported about a dozen applications at a major wireless carrier. 


One such application was LIMD.  The LI stands for Lawful Intercept.  The software is used by the carrier to work with law enforcement agencies, when they need to surveil a subject.  Such activity requires a refined subject matter expert, and the carrier had one.  A single guy was in charge of the systems set up to grant access to an individual’s cell phone activities.  This was not used to obtain phone records, but to perform live, real-time surveillance of an individual’s activities.  The law enforcement agency had to jump through numerous hoops before it could obtain this access.  Mostly, it needed a warrant, granted by  a duly authorized federal judge. 


The subject matter expert of this system as a quintessential computer geek.  He knew his systems, inside and out.  His system consisted of a single two-server cluster.  My end of it was outside of his realm.  I administered LIMD, which interfaced with the SME’s environment.  I was in charge of installing the LIMD software into my virtual environment, performing upgrades, tweaking things at the vendor’s advice.  The software was a logistical nightmare because it was provided by a 3rd party vendor of the carrier’s 3rd party vendor.  So, for me to get support, I had to go to the carrier’s vendor, and they didn’t know nuttin.  I wasn’t allowed to go to their vendor, the company that manufactures the software.  So, supporting it was like traveling through a mousetrap.  When something didn’t work in the carrier’s environment the same way it did in the vendor’s lab, I was met with incredulity and skepticism.  This is nothing new.  This is how things work all over.  But between the vendor spaghetti tangle and the carrier’s own network and system problems, we had to find ways around this mess. 


One example…the software didn’t work in the carrier’s side because one of the servers in that two-node cluster I mentioned earlier was an ancient Sun Solaris box that was so old, it couldn’t support IPv6.  So, the application couldn’t be configured to work within his cluster.  The SME had to disable his cluster and route all of the traffic to a single node in order to get the thing to talk to the LIMD software.  It took the guy 9 months to get the carrier to provide him with a second server that could support IPv6 so that he could restore the cluster and ensure redundancy.  Dozens of things like this went on, each, in its own way, taking this highly sensitive system further and further away from being secure. 


The time that I spent, personally, trying to get this thing to work was astounding, starting with the documentation.  The carrier’s 3rd party vendor’s 3rd party vendor provided a document with every step and requirement for installation.  The carrier’s 3rd party vendor would, then, translate the document into Korean.  Then, in order to deliver the documentation to me, would translate it from Korean back into English.  It was more questionable than the accuracy of the King James Bible.  Nothing about this thing was easy. 


I am writing all of this to refresh my own memory, even as I struggle to banish it from my mind.  I retired a few months ago, and everything is fading fast, now that Linux, VMWare, Docker, Ansible and hundreds of other things are not part of my daily focus.  I was the queen of finding a way through with things that had layers of blockage.  But LIMD was my nemesis.  Technical issues, network configuration nuances, arrogant men, language barriers, clueless project managers and an administration profile that incorporated a dozen diverse teams, each with its own interest or lack thereof, all contributed to the administration of the LIMD application.  We were able to get it working in the lab for short periods of time.  Each time we got it to chug along, the vender’s vendor would submit an upgrade.  The upgrade in the works when I retired didn’t even resemble it’s prior incarnation, and the carrier finally surrendered to the reality that LIMD was never going to be delivered to Production.  By the time I left, no one in the carrier’s organization expected me to get it working.  I went on to other things.  And, whenever the vendor announced some activity related to LIMD, the response from the carrier was: Yeah.  Right.  Sure.  Whatever. 


So, all of this brings me back to Snowden.  Is LIMD a farce?  Why would it be needed if anyone in the government or even within a given company can access all of our activities?  We all know that there is no deleting anything from the internet.  Once it’s out there, it stays out there.  There’s always another hundred copies.  Things get cached and routed and recycled.  But Snowden implies that there is some mother of a database out there with all of our activities preserved…forever.  He mentioned Google Chrome as an example of something that saves every search, every click forever.  He talked about outsiders having the ability to access our cameras and microphones on our computers and phones without us being aware.  I just don’t see how these things are possible.  The carrier I worked for saved all SMS messages for 7 years, specifically to fulfill some government mandate.  That’s all of the texts.  It’s impossible to begin to image how much data that is.


Undoubtedly, some could read this and think me extremely naïve.  But mine is a slightly informed naivety.  I have questions, and I am capable of understanding the answers.  Snowden presents as an intensely brilliant mind.  His responses in the interview always answered the questions directly, without clouding or sugar-coating.  The interview was fascinating and engaging.  His technical explanations were clear and digestible.  But I couldn’t listen to them without LIMD smirking in the back of my mind over everything he said. What Snowden was saying means that I turned myself into a contortionist during the last years of my employment over a carefully crafted arrangement of smoke and mirrors, designed to make us all think that there is a system in place to protect privacy.


According to Wikipedia’s article about Lawful Intercept:

To ensure the quality of evidence, the Commission on Accreditation for Law Enforcement Agencies (CALEA) has outlined standards for electronic surveillance once a Title III surveillance application is approved:

  1. Ensure clear access to all data without any loss of information or impact on the network being monitored
  2. Create a filter to adhere to warrant parameters – time span, types of communications that can be monitored, evidence to be collected, etc.
  3. Set the lawful intercept device to capture and/or store data according to the warrant parameters.
  4. Deliver data directly from the source to the mediation device without any human intervention or packet loss

Generic global standards have also been developed by Cisco via the Internet Engineering Task Force (IETF) that provide a front-end means of supporting most LI real-time handover standards. All of these standards have been challenged as "deficient" by the U.S. Department of Justice pursuant to CALEA.

Is all of this just a huge steaming pile of bullshit?  I don’t know how much more energy I want to give this topic.  I see it as a potential rabbit hole.  And I’m not convinced, but now I am wary.

No comments: