You right,
I apologise for that..

I haven't understood the meaning..
Well, I do believe that some part of NSA tries to protect US citizens..

But then I also know, its proven and its public, that NSA spies on American people, inside US!

So even tough that, Russian SVR, England MI5, German BND, or Chinese ones, etc.. could try to spy, on US soil,
What this Agencies are compared with NSA?NSA is a global colossus..

f I had to choose the motif why NSA try to participate in projects,
I would choose ... because they are trying to target the world 7.5Bln People, and not to protect the small ~0.5Bln Americans..

They have more to gain spying in the world has a hole, than protecting American people, its my guess.

Accepted. So does FSB in Russia and its "near abroad". And relevant agencies in my own country. It's something that is unavoidable as long as there exist countries.
Even ancient Rome had spy agencies doing much the same within it's technical limits.. Probably even cavemen sent out scouts to determine what their pesky neighbors were up to.

First of All,
Thanks for Accepting my Apologies

Yes, I know that Security Agencies are needed,
The first thing that come to my mind is the Recent terrorist attach in the subway in St. Petersburg..very dramatic!!

But FSB is legislated by Law,they need to request Court access to data, I believe that FBI in the US is also obligated to do that...
NSA is another thing.. another entity with a 'black hole' in the Law System..

Does Russia has a Agency like NSA?
Because SVR,FSB are security forces, like CIA,FBI..

I believe Russia Doesn't own such a thing like the global colossus NSA( outside the Law ), even tough that Russian NDMC, is 19 times more powerful than what Pentagon have in the US..
But Russia NDMC is a military operation Center( like Pentagon in the US ), *I believe* its done inside the Law, and for military, terrorist threat's and so one..

NSA is a different thing, it was created with mass surveillance from the beginning, and that is scary..
And now they are pushing code in key opensource projects,
The outcome, if it can be predicted by any person( ... that reads news worldwide ), is to spy on people, this is my guess..

So in my Opinion Mass spy agencies should not be allowed to participate in OpenSource programs,
Like Coreboot,and others, because they derail entirely the project essence

A lot of Open-source projects, had their base in Freedom values, Privacy of its users,
This statements are not compatible with accepting mass spy agencies code inside..

And I don't know of another mass surveillance agency other than NSA itself..

Some ways I would say let them take part but look at what they are doing very carefully. Like we have started disabling ME. Now NSA wants to use SMM interesting right. To audit behaviour of operating system??? including VM. Also they want a virtual TPM in SMM as well.

That right we have a hole to host in a VMs. They have worked out a VM setup can fake a hardware TPM. Having a hypervisor fake the SMM that is another problem.

That is very scary, to say at least..

I would not have been able to work that out if they had not done the presentation asking for stuff to be added to open source project.

I am not saying trust the NSA. But the more they talking and we read between the lines of what they are requesting the more of their attack methods they are not telling anyone we can work out. I see more disadvantage to not letting them take part.

No need to thank me. You wouldn't, if you suspected my opinion about Russian government apparatus. It does not mean I am per se, russophobe. I don't mind the people in the least, genetically we are identical (fenno-ugrics vs Russians from North-Western parts of Russia), culturally differences are not that big either. Biggest divide is religious. Well, besides language.


I am of pretty firm opinion that security agencies of Russia have in fact subverted Russian court system. So "required by Court" is meaningless. Or to word it more precisely, legal system is not independent of political power. For example, some laws are written by security agencie's leaderships themselves! Then, have you noticed that judges not playing to the tune and requests of intelligence apparatus, have shown tendency of not holding their jobs overtly long?

Security agencies form one powerful faction in Kremlin. Along with armed forces and set of certain oligarchs. President itself has, besides actual power, also role of being an arbitrator between these factions, and he in turn, is backed by National Guard loyal to him personally.

So was Csarist ohranka

Military Intelligence is said to be dabbling in it. Hacking, cyber attacks, surveillance. For domestic surveillance, Russian Federation has SORM-3 system. Combine it with lawful requirements of recording every use of public wifi, with Tor networks forbidden, VPN's forbidden (excepting those approved by government), encrypted communication platforms forbidden (excepting ones who handed over cryptographic keys for surveillance on FSB's demand) there is next to no possibility of legally remaining anonymous in Internet when you are inside the borders of Russian Federation.

FSB/SVR are unlike CIA/FBI. FBI is federal police force, pretty much period. As opposed to local police, which have strictly defined jurisdiction. FSB is at once domestic and external intelligence service AND has actual armed forces belonging into it's structure (for example: Russian Border Guards belong under FSB umbrella). FSB actually takes conscripts, army-style. When you visit Russian border check points, you may see conscripts filling mundane patrolling or guard duties. Kontraktnik'i can so focus on jobs requiring larger skill sets.
FSB also does spy abroad, usually in former Soviet republics tho. SVR works hand-in-hand with GRU.

My Opinion and will, to correct my mistake,
Have nothing to do, with your religion, color, or culture, but instead with a correction of a mistake that I made..
For me what is wrong, is wrong, what is right is right.., nothing else matter..

In general this are the Regulation to obtain Data:

I Live in Europe, in a EU Country( Even tough that I travel a few times even to Arab Nations.. ).
We have pretty much the same thing here,
Any Provider needs to save data/metadata for at least 6 months, for which any Legal institution could request access via a court warrant..

This system is a platform,
To help in a investigation, but to access Data you need a warrant, you can only consult metadata, depending on the issue, and if the Agency is Entitled to access it or not..
By Law, you can collect metadata, but to access its Content you need Court approval, its not only used by FSB, but at least 7 Agencies( I believe that SVR is also there.. )

FBI also has its SWAT teams, like FSB has.
For me makes sense that National Border Guards should be under FSB jurisdiction, because they are internal forces to the Country..

KGB was broken into 2 parts, one internal FSB, and one external SVR..
FSB has no Jurisdiction outside Russia, that Job( to spy abroad is left to SVR ), of course they articulate with GRU


But here I still don't find a program like NSA in the US.
I don't look at SORM-3, has the same thing has NSA, it has different purpose,
And it by itself, don't analyse the world entire communications has NSA does, because NSA has its own Infrastructure to do that..

SORM-3 uses the data gathered by Service Providers, as in the rest of Europe..
I think its a different thing..

Copy.

I assumed so, in fact. Or you would not declare your trust in rule of law quite so definitely. Just example: With Russian tourists, when law enforcement tells them they have broken a law and are going to get fined, their first assumption tends to be that police actually is asking for a bribe, while threatening a fine - with law being just a pre-text for a bribe.

You can extrapolate from there: when corruption is so wide-spread as to be assumed "standard behavior" on common law-enforcement level, it can be only WORSE as you look higher.

I can point out some differences Russia vs "EU country".

• In EU, generally, State does not forbid use of Tor explicitly by law. I know mine does not.
• In EU, generally, VPNs are okay.
• In EU, generally, open WiFI access point owners, do not have to verify users real identity. I can go to random shopping center/gas station and use free WiFi to my heart's content. Not so in Russia (https://www.kommersant.ru/doc/3095552)
• In EU generally, State is not attempting MITM scanning of ALL domestic net traffic using custom CA for the purpose.(https://tjournal.ru/flood/34592-komm...alnogo-vremeni

https://www.kommersant.ru/doc/3106585)

So, as you see, there are quite drastic differences. Scanning ALL traffic is not collecting meta-data. Meta-data is something else.

Even standard police usually has some forms of SWAT. It does not mean they have quasi-military of their own tho. Border Guards in EU (IF they exist) are generally either part of police or separate civilian agency. Not part of intelligence agency.

https://warsawinstitute.org/estonian-spy-hunters/




Why should they want to duplicate already existing capability?

IF Russia had the technological capability, they would. It'd be stupid not to.

And SORM-3 most likely also goes through "foreign service's" servers located in Russia - because Roskomnadzor threatens to block services (twitter, facebook etc) for domestic Russian access that do not keep their data inside Russian Federation. Why else demand something like this in the first place? My assumption is, it does significant data collection on global scale as well, just not using same sources as NSA.

I'd rather this than the NSA having people submit code not flagged as being from the NSA. Which is the real alternative; they're not going to stop just because people distrust them, they're just going to obscure the source.