a*****y 发帖数: 33185 | 1 根据斯诺登披露的文件称,这个名为“棱镜”的项目还可以使情报人员通过“后门”进
入9家主要科技公司的服务器,包括微软、雅虎、谷歌、Facebook、PalTalk、美国在线
、Skype、YouTube、苹果。
华盛顿邮报报道,目前Facebook、谷歌、微软、苹果、雅虎已通过媒体断然否认为政府
提供秘密服务。
Twitter令人瞩目地没有出现在被监控的公司列表中。 | a*****y 发帖数: 33185 | 2 PRISM: Apple, Facebook, Microsoft ... Who released which data?
If you're feeling dizzy in the wake of the PRISM affair, you're not alone.
Here's a summary of the companies involved and what they did with your data.
Facebook
7
0
26
The number of technology companies who complied with the United States
government's secret requests for user data — as revealed by The Washington
Post — is growing longer by the day.
More from GlobalPost: #AskSnowden: NSA hacker Edward Snowden takes your
questions
The government's requests were made under the Foreign Intelligence
Surveillance Act (FISA), but civil rights advocates have since accused the
agencies involved in the PRISM program of spying.
Here's where things stand as of Tuesday.
Company: Apple
Number of data requests supplied to PRISM: 4,000 to 5,000 between Dec. 1,
2012 and May 31, 2013.
Privacy policy:
"It may be necessary − by law, legal process, litigation, and/or
requests from public and governmental authorities within or outside your
country of residence − for Apple to disclose your personal information
. We may also disclose information about you if we determine that for
purposes of national security, law enforcement, or other issues of public
importance, disclosure is necessary or appropriate."
Company: Facebook
Number of data requests supplied to PRISM: 10,000 over the last six months
of 2012.
Privacy policy:
"We may access, preserve and share your information in response to a legal
request (like a search warrant, court order or subpoena) if we have a good
faith belief that the law requires us to do so. This may include responding
to legal requests from jurisdictions outside of the United States where we
have a good faith belief that the response is required by law in that
jurisdiction, affects users in that jurisdiction, and is consistent with
internationally recognized standards."
Company: Yahoo
Number of data requests supplied to PRISM: 12,000 -13,000 over six months
ending May 31, 2013.
Yahoo took the US government to court over PRISM several years ago but lost
the case. Twitter, meanwhile, refused to cooperate.
Here Yahoo's statement about PRISM, which includes their privacy policy for
user data:
"We want to set the record straight about stories that Yahoo! has joined a
program called PRISM through which we purportedly volunteer information
about our users to the US government and give federal agencies access to our
user databases. These claims are false. Yahoo! has not joined any program
in which we volunteer to share user data with the US government. We do not
voluntarily disclose user information. The only disclosures that occur are
in response to specific demands. And, when the government does request user
data from Yahoo!, we protect our users. ... We carefully scrutinize each
request, respond only when required to do so, and provide the least amount
of data possible consistent with the law."
Company: Microsoft (includes Skype)
Number of data requests supplied to PRISM: 6,000 to 7,000 over six months
ending Dec. 31, 2012.
Privacy policy:
"You consent and agree that Microsoft may access, disclose, or preserve
information associated with your use of the services, including (without
limitation) your personal information and content, or information that
Microsoft acquires about you through your use of the services (such as IP
address or other third-party information) when Microsoft forms a good faith
belief that doing so is necessary (a) to comply with applicable law or to
respond to legal process from competent authorities; (b) to enforce this
agreement or protect the rights or property of Microsoft or our customers;
or (c) to help prevent a loss of life or serious physical injury to anyone."
Company: Google (includes YouTube)
Number of data requests supplied to PRISM: Unknown. Google has plead
ignorance of the program, but that doesn't necessarily mean PRISM did not
obtain its data.
Privacy policy:
"We will share personal information with companies, organizations or
individuals outside of Google if we have a good-faith belief that access,
use, preservation or disclosure of the information is reasonably necessary
to: meet any applicable law, regulation, legal process or enforceable
governmental request; enforce applicable Terms of Service, including
investigation of potential violations; detect, prevent, or otherwise address
fraud, security or technical issues; protect against harm to the rights,
property or safety of Google, our users or the public as required or
permitted by law."
Company: AOL
Number of data requests supplied to PRISM: Unclear. Like Google, AOL denies
knowledge of the program, saying in a company statement: "We do not have any
knowledge of the Prism program. We do not disclose user information to
government agencies without a court order, subpoena or formal legal process,
nor do we provide any government agency with access to our servers."
Privacy policy:
"The contents of your online communications, as well as other information
about you as an AOL user, may be accessed and disclosed under the following
circumstances: in response to lawful governmental requests or legal process
(for example, a court order, search warrant or subpoena), in other
circumstances in which AOL has a good faith belief that a crime has been or
is being committed by an AOL user, that an emergency exists that poses a
threat to the safety of you or another person, when necessary either to
protect the rights or property of AOL, or for us to render the service you
have requested."
Company: Paltalk
What, you don't know about Paltalk? OK, actually, not that many people do.
The Washington Post identified it as a small company providing voice, video
and text services. Its voice-over-internet protocol is believed to have been
used to circumvent Middle East authorities during the 2011 Arab Spring
unrest, which may explain its importance to the US.
Number of data requests supplied to PRISM: Unknown. The company told The
Washington Post they too were unaware of the program:
"We have not heard of PRISM. Paltalk exercises extreme care to protect and
secure users’ data, only responding to court orders as required to by law.
Paltalk does not provide any government agency with direct access to its
servers.”
Privacy policy:
"Paltalk will fully cooperate with law enforcement in investigating or
requesting information with respect to suspected criminal or other activity
and, notwithstanding any provision herein to the contrary, may release your
name and other information to the appropriate authorities for that purpose,
with or without a subpoena."
http://www.globalpost.com/dispatch/news/regions/americas/united | a*****y 发帖数: 33185 | 3 美“棱镜”计划曝光:媒体称“直接接入谷歌苹果服务器”
2013年06月08日theverge.com我要评论(59)浏览: 13662 次英文
根据《华盛顿邮报》(The Washington Post)和《卫报》(The Guardian)获得的一
份泄漏出来的41页安全演示文稿,美国国家安全局(NSA)和联邦调查局(FBI)一直在
从九家大型科技公司的内部服务器中收集数据,其中包括音频、视频、照片、电子邮件
以及文档。据《华盛顿邮报》报道,这项计划的演示文稿是由一位“职业情报官”提供
的,他(或她)“亲身体验过这些系统,并对其能力感到害怕”,希望曝光该计划“对
隐私权的严重侵犯”。
这项计划代号为“棱镜”(PRISM),它被定为高度机密,之前从未被公开披露过。参
与该计划的都是硅谷有头有脸的公司,其中包括微软(Microsoft)、雅虎(Yahoo)、
谷歌(Google)、Facebook、PalTalk、美国在线(AOL)、Skype、YouTube以及苹果(
Apple)。Dropbox虽说还没有正式成为这项计划的一份子,但据说很快也会加入其中。
《华盛顿邮报》称,这些公司都是自愿参与这项计划的。
根据泄漏的演示文稿,这项计划从2007年开始运作,它被认为是《总统每日简报》(
President's Daily Briefing)的最大消息来源,单在去年就有1,477篇文章引用了该
计划的数据。据称,NSA有近七分之一的情报包含了来自“棱镜”计划的数据。NSA有能
力从这些公司获取它想要的任何数据,但该机构声称没有试图收集所有数据。“棱镜”
计划凌驾于规定公司必须配合政府数据请求的现行法律,因为该计划让NSA可以直接接
入每家公司的服务器——这基本上让NSA可以为所欲为。这项计划发起的初衷是为了突
破NSA眼中外国情报监视法案(FISA)所存在的限制,该法案并不允许NSA利用美国本土
拥有大多数互联网巨头所提供的“主场优势”。
参与“棱镜”计划的硅谷知名企业
微软是屈从于政府意愿、在2007年加入“棱镜”计划的首家公司,而苹果过了五年时间
才同意参与。虽然谷歌和Facebook是这项计划的一份子,但Twitter尚未加入。显然,
知晓“棱镜”计划存在的少数国会议员,他们因为受制于誓言而无法公开谈论此事。在
一份提供给《华盛顿邮报》和《卫报》的声明中,谷歌否认政府拥有访问其系统的任何
形式的后门:
“谷歌十分重视用户数据的安全性。我们只会按照法律规定向政府披露用户数据,而且
我们会认真审查所有此类请求。不时会有人指控我们为政府提供‘后门’,但谷歌并没
有为政府提供这种获取用户私人数据的‘后门’。”
泄露出的棱镜计划的培训资料显示,NSA通过“棱镜”计划收集了美国公众的大量数据
。举例来说,如果调查人员利用“棱镜”计划调查一个特定目标,参加计划的科技公司
在收到情报机关和美国总检察长的要求后,会交出服务器的接入权,目标人物整个的收
件箱和发件箱都会被“扫荡”,其邮箱联系人也无法幸免。这种高级别的权限最初是由
布什总统授予NSA的,之后又由奥巴马总统在2012年进行了延期。
在“棱镜”计划曝光之前,本周早些时候传出消息称,NSA跟威瑞森(Verizon)之间也
有大规模的监控合作关系,NSA有份从威瑞森收集用户的通话数据和记录。
更新:国家情报总监办公室(DNI)今天发表了一份声明,旨在澄清对“棱镜”计划报
道的“不实之处”。DNI坚称,只有美国以外的人才会成为调查目标,而“棱镜”计划
“不被允许”针对公民或美国境内的其他人。“在经过广泛的听证和辩论之后,这项计
划最近获得国会重新授权。”DNI说,并补充道,“‘棱镜’计划所收集的信息属于我
们所收集信息中最重要和最有价值的一部分,这些信息被用于保护我们的国家免受各种
各样的威胁。”
考虑到NSA前密码破译员威廉·宾尼(William Binney)和其他人的证词,“目标”这
个词具有特殊的意义。“恒星风”计划(The Stellar Wind)——宾尼声称自己为该计
划贡献了大部分的基础代码——据称汇集了大规模的网络流量,以用于在之后进行审查
。根据NSA绝密手册《美国通信情报方针18》(USSID 18),“窃听”只有在数据库被
人查询时——即某个人在屏幕上看到文本时——才会进行。
目前,谷歌、facebook等公司均强烈否认参与棱镜计划,拉里·佩奇在一份声明中称,
谷歌从没有参与过棱镜计划,昨天才听说,也没有给予任何政府谷歌服务器的直接入口
。facebook的扎克伯格也发出了类似声明。 | m*d 发帖数: 7658 | 4 刚从火星回来?
【在 a*****y 的大作中提到】 : 根据斯诺登披露的文件称,这个名为“棱镜”的项目还可以使情报人员通过“后门”进 : 入9家主要科技公司的服务器,包括微软、雅虎、谷歌、Facebook、PalTalk、美国在线 : 、Skype、YouTube、苹果。 : 华盛顿邮报报道,目前Facebook、谷歌、微软、苹果、雅虎已通过媒体断然否认为政府 : 提供秘密服务。 : Twitter令人瞩目地没有出现在被监控的公司列表中。
| a*****y 发帖数: 33185 | 5 还好,地球人情绪似乎都很稳定
【在 m*d 的大作中提到】 : 刚从火星回来?
|
|