[QUOTE=axn;458284]If everyone calls 20 other people, you'll get 400000 people in three hops (50*20*20*20). It only takes 375 calls per person to rack up 150 million calls.[/QUOTE]

Indeed, the spooks surely enjoy taking advantage of combinatorial explosions. Another big loophole: NSA is banned from spying on a particular target, say a non-establishment-picked president candidate, to throw out a wild hypothetical purely for illustrative purposes. They can simply ask their data-sharing pals in the 6 Eyes (5-Eyes plus Israel) to forward anything relevant, and then both parties can say, with straight faces, "neither intelligence service engaged in illegal domestic snooping". Ain't global digital Stasi-dom cool?

[QUOTE=axn;458284]If everyone calls 20 other people, you'll get 400000 people in three hops (50*20*20*20). It only takes 375 calls per person to rack up 150 million calls.[/QUOTE]
Everyone calling 20 other people seems like kind of a big if to me, but even so -- sure, the number of records will multiply with each "hop."

It also occurred to me that a call to a business might really rack up the call records. Suppose "A" calls XYZ Exterminators (a large outfit) to get rid of an infestation of bugs. If XYZ Exterminators calls its customers to give them a heads-up that their rep is on the way, then you've got all of XYZ's current customers on the second hop, and everyone [I]they[/I] call on the third hop. Holy-moly!

[QUOTE=ewmayer;458303]Another big loophole: NSA is banned from spying on a particular target, say a non-establishment-picked president candidate, to throw out a wild hypothetical purely for illustrative purposes. They can simply ask their data-sharing pals in the 6 Eyes (5-Eyes plus Israel) to forward anything relevant...[/QUOTE]Allegedly they can't. This very scenario was raised publicly in the UK a few weeks ago. We were assured that the rules of engagement of both NSA and GCHQ explicitly forbid the process.

[QUOTE=xilman;458326]Allegedly they can't. This very scenario was raised publicly in the UK a few weeks ago. We were assured that the rules of engagement of both NSA and GCHQ explicitly forbid the process.[/QUOTE]

In re. mass warrantless surveillance, "We were assured" a lot of things that later turned out to be blatantly false. Anyone who believes such assurances at this point is a naïf.

Unnecessary backdoors in several years of recent Intel chips.
[URL="https://arstechnica.com/security/2017/05/the-hijacking-flaw-that-lurked-in-intel-chips-is-worse-than-anyone-thought/"]The hijacking flaw that lurked in Intel chips is worse than anyone thought[/URL]

[QUOTE]As Ars reported Monday, the authentication bypass vulnerability resides in a feature known as Active Management Technology. AMT, as it's usually called, allows system administrators to perform a variety of powerful tasks over a remote connection. Among the capabilities: changing the code that boots up computers, accessing the computer's mouse, keyboard, and monitor, loading and executing programs, and remotely powering on computers that are turned off. [B]In short, AMT makes it possible to log into a computer and exercise the same control enjoyed by administrators with physical access.
AMT, which is available with many vPro processors, was set up to require a password before it could be remotely accessed over a Web browser interface. But, remarkably, that authentication mechanism can be bypassed by entering any text string—or no text at all. [/B]According to a blog post published Friday by Tenable Network Security, the cryptographic hash that the interface's digest access authentication requires to verify someone is authorized to log in can be anything at all, including no string at all.

"Authentication still worked" even when the wrong hash was entered, Tenable Director of Reverse Engineering Carlos Perez wrote. "We had discovered a complete bypass of the authentication scheme."[/QUOTE]
[QUOTE]Making matters worse, unauthorized accesses typically aren't logged by the PC because AMT has direct access to the computer's network hardware. When AMT is enabled, all network packets are redirected to the Intel Management Engine and from there to the AMT. The packets bypass the OS completely. The vulnerable management features were made available in some but not all Intel chipsets starting in 2010, Embedi has said.[/QUOTE]

It depends on how the records are counted. In one package I use at work, if you have 10000 rows with 100 columns then that is a million records. I doubt they would want to inflate the numbers in such a way but it is a possibility. Each phone call could have many bits of data related to it.

[QUOTE=only_human;458449]Unnecessary backdoors in several years of recent Intel chips.
[URL="https://arstechnica.com/security/2017/05/the-hijacking-flaw-that-lurked-in-intel-chips-is-worse-than-anyone-thought/"]The hijacking flaw that lurked in Intel chips is worse than anyone thought[/URL][/QUOTE]
Thanks for the alert. I will troll through the BIOS and see if I have missed disabling any sort of remote access.
EDIT: OK. I see that this does not apply to consumer computers.

[QUOTE=kladner;458474]Thanks for the alert. I will troll through the BIOS and see if I have missed disabling any sort of remote access.[/QUOTE]Look through the Intel processor database to see if you have "vPro" in the "Advanced Technologies" section.

For example, here is the processor in our NUC:

[url]https://ark.intel.com/products/75028/Intel-Core-i5-4250U-Processor-3M-Cache-up-to-2_60-GHz[/url]

[url=]http://circa.com/politics/barack-obamas-team-secretly-disclosed-years-of-illegal-nsa-searches-spying-on-americans]Barack Obama's team secretly disclosed years of illegal NSA searches spying on Americans[/url] | Circa News
[quote]The NSA under former President Barack Obama routinely violated American privacy protections while scouring through overseas intercepts, according to once top-secret documents that chronicle some of the most serious constitutional abuses to date by the U.S. intelligence community.

More than 5 percent, or one out of every 20 searches seeking upstream Internet data on Americans inside the NSA’s so-called Section 702 database violated the safeguards Obama and his intelligence chiefs vowed to follow in 2011, according to one classified internal report.

The normally supportive [FISA] court censured administration officials, saying the failure to disclose the extent of the violations earlier amounted to an “institutional lack of candor” and that the improper searches constituted a “very serious Fourth Amendment issue,” according to a recently unsealed court document dated April 26, 2017.

The American Civil Liberties Union said the newly disclosed violations are some of the most serious to ever be documented.[/quote]

LOL@ this:
[i]
The normally supportive [FISA] court censured administration officials, saying the failure to disclose the extent of the violations earlier amounted to an “institutional lack of candor” and that the improper searches constituted a “very serious Fourth Amendment issue...”
[/i]
As opposed to the secret FISA court system itself, making and interpreting secret law in secret and where the government is the only witness for "both" sides - all that is perfectly within a reasonable interpretation of the Fourth Amendment. [i]Der Prozess ist völlig legal, Herr Kafka.[/i]

But I'm sure these sorts of abuses have ended with the law-and-order-focused Trump administration. /sarc

[url=https://www.bleepingcomputer.com/news/security/vault-7-cia-has-malware-for-hacking-air-gapped-networks-via-usb-thumb-drives/]Vault 7: CIA Has Malware for Hacking Air-Gapped Networks via USB Thumb Drives[/url] | BleepingComputer

UK parliament hit by cyberattack
 

[URL]http://thehill.com/homenews/news/339307-uk-parliament-hit-by-cyber-attack[/URL]

Of course, this [U][I]might not[/I][/U] be a government sponsored attack. It could be that proverbial 300 lb person in underwear in their mom's basement.

[QUOTE]The British parliament was hit by a cyberattack Friday night that left members and staffers unable to access emails as hackers attempted to exploit weak passwords and gain access to accounts.

[URL="https://www.theguardian.com/politics/2017/jun/24/cyber-attack-parliament-email-access"]Multiple news agencies[/URL] [URL="http://www.bbc.com/news/uk-40394074"]reported[/URL] Saturday that the U.K. parliament was hit by a “sustained and determined” effort by hackers, a report that was confirmed on Twitter by multiple members of parliament.

“Sorry no parliamentary email access today - we’re under cyber attack from Kim Jong Un, Putin or a kid in his mom’s basement or something...” Henry Smith, a Conservative member, tweeted.
[/QUOTE]