How does mass surveillance works?

The Greek authorities buy new systems for mass surveillance (google-translated) :

How do these systems work? And how purism products can avoid this? Just curious.
(EYP is the Greek “CIA” authority)

This answer is necessarily vague because

  • my understanding of the article is a bit limited due to the wonky translation (Google Translate is pretty good but not perfect)
  • this kind of government agency does not readily make detailed information available (for obvious reasons)

Mass surveillance of phone networks is easy. The government uses legislation, bribery, thuggery, … to get their surveillance equipment or software inserted into the network of the relevant phone network operators.

This easily yields both call content (what was said) and call metadata (who called whom, where the two parties were at the time of the call, when the call was made, …).

Mass surveillance of internet-based communication is harder. The government uses (as above) … inserted into the network of the relevant ISP.

This easily yields some communication metadata (what IP address communicated with what IP address, when, how big, how long) and yields some additional metadata where the metadata is unencrypted and yields some additional metadata through traffic analysis and yields some communication content where the content is unencrypted.

Well, that should start the discussion off anyway …

So if one goes through Purism one service, or use tor for browsing he should be good. Yes or no?

Because of their budget and financial crisis in recent years, I’d expect Greeks to typically buy used equipment, but not from Turkey.

So the answer is simple, get your anti-EYA surveillance gear from the Turks.


Yes and no (mostly yes). There are no silver bullet solutions in this minefield. Having tor and/or Purism service stand between you and the adversary certainly helps. But you might still stick your head out and get exposed.

@Tracy: gimme some of that weed you apparently are having now :slight_smile:

1 Like

I spent a couple deployed years in Greece, my second son was born in Athens. I had to tell him as he was growing up to never go there to avoid the draft; thankfully he has always had WestPac deployments.

The animus between the two countries is sadly, real. I’ll save most of my Greek vs. Turk jokes for later however.

Fun fact: Most of the world uses the term Turkish coffee, except in Greece, it is called Greek coffee.

True, but there is history behind that. It was called “Turkish” here too until Turkey sent troops to invade Cyprus in 1974. At that time Greeks stopped referring to this coffee as “Turkish”. On the history front, it is called Turkish because Turks introduced it to Europe. Not because the invented it. And this has nothing to do with the disputes with Greece. Tell a Lebanese that this is “Turkish coffee” and he will laugh.

That makes sense, I was there from 1976-8. And I agree there are allies that will use the Greek name. In a similar story, for a long time (not so much now) Arab countries would sell only Pepsi, because Coca-Cola was sold in Israel (or was it vice-versa?) Many countries have their rivalry pairs.

You won’t get simple answers to complex questions. :wink:

Remember that mass surveillance by government is only one aspect of privacy fail.

Specifically regarding mass surveillance by government, yes, TOR is good, or at least VPN (preferably foreign server endpoint).

Don’t use the phone network at all, particularly the mobile phone network. This is an extreme position for sure - only you can decide what your threat model is, what your tolerance for privacy fail is, what non-monetary cost you are willing to bear. Regardless, the Librem 5 can certainly help with managing the problems with the mobile phone network.

Always use end-to-end encryption. Implies choosing your communication (messaging) services carefully.

Always use software that can be verified from bottom to top. Implies always use open source software. All Purism products can help with that.

1 Like

or the better question … how do they NOT work ? :upside_down_face:

shakes head and exhales heavily … you guys … i just came from here

and now i find this conversation taking place …
1 Like

I thought “Brasil” was funny too, but it didn’t have an illness. It centered only on security and treason, I miss the Cold War.

lord Amazon has the rights’ for the 2020 simplified for Americans version of ‘utopia’ … released some week ago

antonis, you can shield your privacy. But it is never perfect. Sharing less information is good.

However to know what you can do again, you need to understand how it works. How others or advertisers collect information about you. There are many books about this. Just went to your library and search for it.

However the best way to avoid surveillance is to understand it and know what information others may collect. But this will change your self, by default.

the saddest thing is that even if you somehow managed to increase your digital security and privacy to near 100% you can never reach perfect anonymity because in the worst possible situation you are AWARE of yourself. so unless you can permanently wipe out memories you can never have true anonymity. there is still the fact that you have a piece of your memory missing that will give you away :stuck_out_tongue_winking_eye: it’s kinda like trauma …

I recall the view of threat to privacy during the GWOT, if the enemy (Taliban or Al-Qaeda) got your private information they would target an individual soldier with threats to his family (real or imagined). Because they got their names and addresses.

That being said, the recent news item about Iran and Russian getting voter information is kinda similar.

I understand that it is a complex problem. Dear @reC I do not mean anonymity in the Mathematical sense. This can’t be done. As you write there is a self reffering problem. I wanted to understand the basics of how these “special” equipment work. It was written that they patch the equipment of ISPs for example. However, it is well known that even individuals, not belonging to the public sector, usually rich people have such equipment. Obviously those can not patch ISP’s equipment. So there is a kind of surveillance that works independently of the ISPs.

might prove relevant to this topic …

NSA ANT catalog - Wikipedia

@antonis, I’m sure you are still recalling: The Police - Roxanne. So and up to my understanding (not sure if this answers your questions), it is about new age of using AI: “IP telephony, for example via messenger services, is also to be intercepted with the help of „Roxanne“.

IMO, it is about powerful surveillance tool in hands of LEAs, and not about mass surveillance, as you referred to it within this thread title :slightly_smiling_face:. Anyway, this article from the Hellenic side source (December 2019) confirms my reasoning (approach) here. And, in opposite to „Alexa“, just don’t speak language that „Roxanne“ understands (VoIP) and you are good to go (Motörhead - Stay Out of Jail).

do you also speak Elephant ? :sweat_smile:

1 Like