At the same time, according to the 2009 report, virtually all Internet communications in the world pass through the US. For example, the report notes that during 2002, less than one percent of worldwide Internet bandwidth—i.e., the international link between the Internet and computers—“was between two regions that did not include the United States.”

UPSTREAMis the NSA codename for ‘fibre-tapping’ pretty much all internet traffic.

the NSA can gain direct access to the fiber-optic cables that now carry most kinds of communications data. According to a slide released by Snowden, the cable-tapping operation is codenamed “UPSTREAM” and it is described as the “collection of communications on fiber cables and infrastructure as data flows past.” It also appears to be both far more secret and far more invasive than […] PRISM

PRISMis the codename for agreements between the US government and over a hundred US private internet enterprises which give the NSA direct visibility into personal information that ‘unfortunately’ evades them via UPSTREAM, such as at-rest Facebook, Dropbox, Gmail data.

Between the two, any NSA analyst (some of which are privately contracted – not even government employees) can plug in your mobile number or email address and quickly become privy to all that is your electronic persona.They’re legally meant to have an ‘order’ approved by a secret court (FISC), but

the court seldom turned down a request for a warrant

and

following the September 11 attacks, the Bush administration decided to illegally bypass the court and began its program of warrantless wiretapping

yet

rather than calling for prosecution of the telecom officials for their role in illegally cooperating in the eavesdropping program, or at least a clear public accounting, Congress simply granted them immunity not only from prosecution but also from civil suits

so pretty much as long as you cooperate with [western] government in your illegality, you’re all good.Surely this is [somewhat, somehow defensible] post 9/11 hysteria-history, right? Orwell’s 1984 can’t be real under Obama, in 2013?!

SHELLTRUMPET, a metadata program targeting international communications, had just “processed its one trillionth metadata record.”Started five years ago, it noted that half of that trillion was added in 2012.

**SHELLTRUMPET **is probably an international version of UPSTREAM and PRISM combined, underpinned by agreements with US friendly governments and corporations, such as incumbent telco Telstra in Australia, who we know had an amicable NSA relationship in 2011 (and have no reason to believe this doesn’t continue today).



In light of the above, the “SAS70″ style datacentre/cloud security certifications – difficult and expensive to obtain, designed to let you sleep easy at night – seem kind of moot. Who cares if offshore script kiddies and brazen social engineers can’t breach the (virtual and physical) walls of your IaaS provider or CoLo if your data, be it in motion or at rest, is accessible to anyone with the right government ID badge?