Reading your email..

Pop up on my phone says Russia have given Snowden asylum allowed Snowden to leave the airport.

Snowden has left the building: http://news.sky.com/story/1123215/fugitive-edward-snowden-leaves-moscow-airport.

Bertie W

My point was they discard it. I imagine they do the same with Netflix, Youtube data, etc.

Surely this was never a secret though, reports about governments having this access has been known about for years.

A colleague works in the data centre for one of the mobile operators and tells a tale of the fun that was had when GCHQ wanted to install there own servers into that data centre. This wasn't a problem but apparently GCHQ insisted it be installed in it's own secure room and it took some time to explain to them that their servers would overheat and die within a matter of hours if they did this.

I am guessing no one is going to put some serious heaters in a room without enough cooling.

Reading the other day that kids are putting families at risk when the blab about going on hols etc on the web in the usual places. I wonder how much is put on line vs gubbmint having a shufty and the difference in what they find? Not saying it is a good thing, just wondering.

Sorry didn't make myself clear, when I said a room what I should have said a secure safe like box with no access except for an occasional GCHQ visitor.

However the point of the story isn't GCHQ's lack of understanding of server cooling requirements more that it illustrates in an entirely second hand way that GCHQ have their own kit in commercial data centres and have done for quite some time. The one thing my colleague couldn't answer was whether this kit is to monitor what goes through the data centre (his belief based on nothing more than why would it be there then) or perhaps it is just some sort of secure comms kit purely for GCHQ's use.

Apologies for the confusion I just though it was an interesting anecdote.

Now the general public know this what do you think they'll do?

Will they stop using facebook/twitter and go back to sending letters to gain some privacy?

I think not.

I think that gives a false sense of security to joe public who sees a padlock icon in their browser and assumes their traffic is safe.

We scan and filter HTTPS traffic for certain types of traffic such as Social Networking and Webmail sites - SSL is only secure so long as nobody else has the required keys.

No I mean the content.

Our firewall can decrypt and if you have the trusted root cert installed on clients (the important part) it's totally transparent unless you looked at the SSL icon to see the certificate that's actually being used.

My point is just that if I can do that with a £2k firewall it's not a giant leap to assume that the authorities may have access to public facing root certificates and may be able to do it at will.