NSA operation ORCHESTRA: Annual Status Report (FOSDEM Keynote)
February 12, 2014 10:03 AM   Subscribe

Oh lovely (I just saw the pdf, couldn't get the first link to work)

Thanks for sharing this, eponysterical poster

posted by infini at 10:38 AM on February 12

That first link is a 300+ mb download in the never-seen-by-me-previously webm format. I had to look it up online but apparently it opens with VLC. Maybe the mods could post a warning or something for our less web-savvy readers?
posted by BigLankyBastard at 10:52 AM on February 12

it's a movie, newer browsers just play it
posted by idiopath at 11:03 AM on February 12 [2 favorites]

I am watching the video -- perhaps I've got the VLC browser plugin for chrome -- but I note that webm has been around quite a while. (I also have an extension that allows me downloads from youtube, and webm format is one of the options.)

I'm only 5 minutes into this video, but I already want to make popcorn. He's walking through the thought experiment of being in charge of a billion dollar NSA program and how to spend the money. He does use the phrase "as a responsible government agency we are trying to reduce the cost as much as possible", but I don't think it's going to turn out to be a comedy.
posted by Catblack at 11:05 AM on February 12

Yeah, webm is a 'open standard' (some question this) from Google to compete against other containers/codecs and possibly using VP8 or something.

it's a movie, newer browsers just play it

Yeah, they autoplay it! Just a warning for people in libraries and workplaces would be nice :)
posted by BlackLeotardFront at 11:06 AM on February 12

This feels like an ancient thread about a french rapper who abducted a monkey and all we could do was whine about french rap. Great post though.
posted by ouke at 11:21 AM on February 12 [3 favorites]

I love how the nature of the comments so far totally validates the talk so far.
posted by Agent_X_ at 11:27 AM on February 12 [1 favorite]

Nightmare as farce as ennui.
posted by blue_beetle at 11:39 AM on February 12 [1 favorite]

Here is the youtube version.
posted by Obscure Reference at 12:03 PM on February 12 [3 favorites]

Occasionally the pauses and "ummms" as he searches for the next word to prevent it from sounding too... um... nefarious can be at times both amusing and unsettling.

It's fascinating to see the practical problem solving nuts-and-bolts approach from this perspective.
posted by chambers at 12:07 PM on February 12

It's pretty good. I hope that it gives some 'security types' a hard time falling asleep, because there really is no difference between incompetence on the part of the pro-crypto community and nefarious activity on the part of the NSA. The end result is the same: less security, less privacy for the end user. The more inept developers are at designing and implementing cryptosystems, and getting them into wide use, the easier time the NSA and other, nastier agencies have monitoring communications.

There's no good excuse for stuff like OpenSSL's shitty defaults or Apache's hatred for self-signed certs, to spotlight two of his examples. The first one is just bad practice and the second one is ideological perfect-as-enemy-of-good. But they probably save the NSA and other attackers lots of time and effort.
posted by Kadin2048 at 1:34 PM on February 12 [1 favorite]

it's a movie, newer browsers just play it

It's the World Wide Web, it's not supposed to matter
posted by sidereal at 1:41 PM on February 12

it's a movie, newer browsers just play it

It's Google's private video format. Chrome can play it, but not on iOS.
posted by w0mbat at 2:16 PM on February 12

w0mbat: "it's a movie, newer browsers just play it

It's Google's private video format. Chrome can play it, but not on iOS

Not that private, apparently, my Firefox (on MacOS) plays it just fine.
posted by Joakim Ziegler at 2:35 PM on February 12

Safari can't play it.
It's "private" in the sense that Google bought On2 so they could own the VP series codecs it's based on. Maybe "pet video format" would have been closer to the truth.
It's been open-sourced, but the adoption of it by other companies has been patchy, for political reasons. I know some people that work on WebM and it's actually pretty good technology.
posted by w0mbat at 3:13 PM on February 12 [1 favorite]

I love how the nature of the comments so far totally validates the talk so far.

The point of WebM is that Google owns the known patents and has irrevocably released it royalty-free. The h264 lot imply that they have patents on webm but refuse to elaborate, trying to get people to stick with h264 (which they definitely have patents for).

In the talk phk mentions (speculates?) that patents are one of the ways the NSA sabotages tech startups providing good security.

It would be really horrible if it turned out that the whole patent law mess was the result of NSA manipulation. Though considering they are putting backdoors in the USG's own encryption standards (see Dual_EC_DRBG), sabotaging the tech industry via patent law would barely qualify as a misdemeanor.

The webm/h264 thing is probably just "collateral damage".
posted by swr at 5:12 PM on February 12

We should also mention Ed Felten's talk at TrustyCon, the conference opposing the RSA Conference Conference.
posted by jeffburdges at 4:29 PM on March 3

I'm quite impressed by Poul-Henning Kamp insight here. In particular, these suggestions fit well with the history of cultural manipulation by government agencies like the CIA : Gloria Steinem joined the feminist movement during her employment at the CIA. Jackson Pollock was CIA backed. We're talking serious skilled people.
posted by jeffburdges at 11:43 PM on March 3

posted by infini at 4:13 AM on March 5

« Older La Voz del Pueblo/Voice of the People   |   Wendy Davis and the hard road to the Texas Capitol Newer »

This thread has been archived and is closed to new comments