Category Archives: NSA

If you want Obama to rein in the NSA, you’re about to be disappointed

James Oliphant writes: President Obama has a rare opportunity this week to reshape the nation’s counterterrorism strategy. He won’t take it.

The White House has been trying to lower expectations for the president’s planned Friday speech for days now. He’ll outline a series of reforms to the National Security Agency’s surveillance programs in an address at the Justice Department, but Obama will do nothing to diminish the government’s capacity to root out terror networks, aides say.

Ever since the flood of disclosures regarding the NSA from former contractor Edward Snowden, Obama and his team have tried to walk a careful public line: appearing to cherish Americans’ privacy while defending the agency’s actions, particularly the bulk collection of telephone records, the so-called “metadata.”

But it’s been evident all along that the White House has more or less been dragged into the reform debate. At a press conference back in August, for example, the president maintained, amid heavy criticism, that the programs are valuable and that a public skeptical about their reach simply needs reassurance that they won’t be abused.

That’s still Obama’s view. And in the days leading to Friday’s speech, Jay Carney and others in the White House have referred to the issue as one of transparency and disclosure, not of reining in government power. “The president has been clear throughout this review process that we will not harm our national security or our ability to face global threats,” Obama’s press secretary said last week. “And our intelligence-gathering activities are directly related to our ability to face those global threats and protect our national security.”

To lay the groundwork for that position, aides to the president told the Los Angeles Times this weekend that the NSA’s metadata collection scheme could have prevented the Sept. 11 attacks. What’s more, Obama has adopted that “9/11 justification” for the NSA program, the paper reported.

That’s a blinking-red signal that the administration is not about to be accused of making the country more vulnerable by tampering with such a preventive weapon. [Continue reading…]

Facebooktwittermail

Edward Snowden isn’t the only truth teller who deserves clemency

Michael Ratner, the U.S. attorney for Julian Assange, writes: Last week, both the New York Times and the Guardian released editorials supporting clemency for NSA leaker Edward Snowden. Considering the important nature of Snowden’s revelations, clemency is definitely in order – and it’s about time that majorww outlets recognize that.

However, the focus on Snowden’s singular case seriously deflects from the fact that the Obama administration has been a nightmare for whistleblowers and truth tellers, and that several others currently in prison or in exile deserve the same clemency or clear assurances they will not be prosecuted.

So why is the media now calling for mercy for Edward Snowden, while other truth tellers including Chelsea Manning and Julian Assange, continue to face persecution (and prosecution)?

If you apply the criteria established by both the New York Times and the Guardian to Manning and Assange – as well as other truth tellers including Jeremy Hammond, currently in prison serving a 10-year sentence after exposing corporate spy networks – a clear double standard emerges. [Continue reading…]

Facebooktwittermail

NSA devises radio pathway into computers

The New York Times reports: The National Security Agency has implanted software in nearly 100,000 computers around the world that allows the United States to conduct surveillance on those machines and can also create a digital highway for launching cyberattacks.

While most of the software is inserted by gaining access to computer networks, the N.S.A. has increasingly made use of a secret technology that enables it to enter and alter data in computers even if they are not connected to the Internet, according to N.S.A. documents, computer experts and American officials.

The technology, which the agency has used since at least 2008, relies on a covert channel of radio waves that can be transmitted from tiny circuit boards and USB cards inserted surreptitiously into the computers. In some cases, they are sent to a briefcase-size relay station that intelligence agencies can set up miles away from the target.

The radio frequency technology has helped solve one of the biggest problems facing American intelligence agencies for years: getting into computers that adversaries, and some American partners, have tried to make impervious to spying or cyberattack. In most cases, the radio frequency hardware must be physically inserted by a spy, a manufacturer or an unwitting user.

The N.S.A. calls its efforts more an act of “active defense” against foreign cyberattacks than a tool to go on the offensive. But when Chinese attackers place similar software on the computer systems of American companies or government agencies, American officials have protested, often at the presidential level. [Continue reading…]

Facebooktwittermail

Mozilla calls on world to protect Firefox browser from the NSA

Wired reports: Brendan Eich is the chief technology officer of the Mozilla Foundation, the non-profit behind the Firefox web browser. Among many other things, he oversees the Firefox security team — the software engineers who work to steel the browser against online attacks from hackers, phishers, and other miscreants — and that team is about to get bigger. Much, much bigger.

In a recent blog post, Eich calls for security researchers across the globe to regularly audit the Firefox source code and create automated systems that can ensure the same code is used to update 18 million machines that run the browser. That’s not an option for other browsers, but it is for Firefox. The code behind the browser is completely open source, meaning anyone can look at it, at any time.

The move is one more way that the giants of the web are responding to revelations that the National Security Agency is snooping on web traffic via popular services and software. After NSA whistleblower Edward Snowden revealed that the U.S. government is tapping into data collected by private companies like Google and Facebook and then private email outfit Lavabit revealed a gag order that forbade the company from the telling customers the government was requesting information about them, Eich is worried that the feds could force Mozilla into adding a backdoor into its browser. [Continue reading…]

Facebooktwittermail

Phone firms balk at proposal that would force them to store surveillance data

The Associated Press reports: Telephone companies are quietly balking at the idea of changing how they collect and store Americans’ phone records to help the National Security Agency’s surveillance programs. They’re worried about their exposure to lawsuits and the price tag if the U.S. government asks them to hold information about customers for longer than they already do.

President Barack Obama is expected to announce Friday what changes he is willing to make to satisfy privacy, legal and civil liberties concerns over the NSA’s surveillance practices. One of the most important questions is whether the government will continue to collect millions of Americans’ phone records every day so that the government can identify anyone it believes might be communicating with known terrorists.

The president’s hand-picked review committee has recommended ending the phone records program as it exists. It suggested shifting the storage of the phone records from the NSA to phone companies or an unspecified third party, and it recommended new legal requirements before the government could search anyone’s phone records.

The phone companies don’t want the job. Executives and their lawyers have complained about the plan in confidential meetings with administration officials and key congressional intelligence and other committees, according to interviews by The Associated Press. Two phone executives familiar with the discussions said the cellular industry told the government that it prefers the NSA keep control over the surveillance program and would only accept changes if they were legally required. The executives spoke on condition of anonymity because they were not authorized to disclose the private discussions. But there have been public complaints, too. [Continue reading…]

Facebooktwittermail

NSA phone record collection does little to prevent terrorist attacks, group says

The Washington Post reports: An analysis of 225 terrorism cases inside the United States since the Sept. 11, 2001, attacks has concluded that the bulk collection of phone records by the National Security Agency “has had no discernible impact on preventing acts of terrorism.”

In the majority of cases, traditional law enforcement and investigative methods provided the tip or evidence to initiate the case, according to the study by the New America Foundation, a Washington-based nonprofit group.

The study, to be released Monday, corroborates the findings of a White House-appointed review group, which said last month that the NSA counterterrorism program “was not essential to preventing attacks” and that much of the evidence it did turn up “could readily have been obtained in a timely manner using conventional [court] orders.” [Continue reading…]

Facebooktwittermail

NSA and GCHQ activities appear illegal, says EU parliamentary inquiry

The Guardian reports: Mass surveillance programmes used by the US and Britain to spy on people in Europe have been condemned in the “strongest possible terms” by the first parliamentary inquiry into the disclosures, which has demanded an end to the vast, systematic and indiscriminate collection of personal data by intelligence agencies.

The inquiry by the European parliament’s civil liberties committee says the activities of America’s National Security Agency (NSA) and its British counterpart, GCHQ, appear to be illegal and that their operations have “profoundly shaken” the trust between countries that considered themselves allies.

The 51-page draft report, obtained by the Guardian, was discussed by the committee on Thursday. Claude Moraes, the rapporteur asked to assess the impact of revelations made by the whistleblower Edward Snowden, also condemns the “chilling” way journalists working on the stories have been intimidated by state authorities.

Though Snowden is still in Russia, MEPs are expected to take evidence from him via video-link in the coming weeks, as the European parliament continues to assess the damage from the disclosures. Committee MEPs voted overwhelmingly on Thursday to have Snowden testify, defying warnings from key US congressmen that giving the “felon” a public platform would wreck the European parliament’s reputation and hamper co-operation with Washington. [Continue reading…]

Facebooktwittermail

How the NSA almost killed the Internet

Wired reports: On June 6, 2013, Washington Post reporters called the communications depart­ments of Apple, Facebook, Google, Yahoo, and other Internet companies. The day before, a report in the British newspaper The Guardian had shocked Americans with evidence that the telecommunications giant Verizon had voluntarily handed a database of every call made on its network to the National Security Agency. The piece was by reporter Glenn Greenwald, and the information came from Edward Snowden, a 29-year-old IT consultant who had left the US with hundreds of thousands of documents detailing the NSA’s secret procedures.

Greenwald was the first but not the only journalist that Snowden reached out to. The Post’s Barton Gellman had also connected with him. Now, collaborating with documentary filmmaker and Snowden confidante Laura Poitras, he was going to extend the story to Silicon Valley. Gellman wanted to be the first to expose a top-secret NSA program called Prism. Snowden’s files indicated that some of the biggest companies on the web had granted the NSA and FBI direct access to their servers, giving the agencies the ability to grab a person’s audio, video, photos, emails, and documents. The government urged Gellman not to identify the firms involved, but Gellman thought it was important. “Naming those companies is what would make it real to Americans,” he says. Now a team of Post reporters was reaching out to those companies for comment.

It would be the start of a chain reaction that threatened the foundations of the industry. The subject would dominate headlines for months and become the prime topic of conversation in tech circles. For years, the tech companies’ key policy issue had been negotiating the delicate balance between maintaining customers’ privacy and providing them benefits based on their personal data. It was new and contro­versial territory, sometimes eclipsing the substance of current law, but over time the companies had achieved a rough equilibrium that allowed them to push forward. The instant those phone calls from reporters came in, that balance was destabilized, as the tech world found itself ensnared in a fight far bigger than the ones involving oversharing on Facebook or ads on Gmail. Over the coming months, they would find themselves at war with their own government, in a fight for the very future of the Internet. [Continue reading…]

Facebooktwittermail

Greenwald says Israel is ‘absolutely right’ to link NSA spying to Pollard case

On Monday evening Glenn Greenwald was interviewed on Israel’s Channel 10 television. The interview was conducted in English. (It is preceded by a commercial and then interrupted half-way through with another commercial.)

The NSA intercepts communications by Israeli politicians, so why should the U.S. take issue with Israel gaining access to U.S. intelligence provided to them by Jonathan Pollard?

That appears to be Greenwald’s line of reasoning.

The fact that Pollard was a U.S. citizen employed by the government; that in return for the intelligence he was providing the Israelis he expected to get paid half a million dollars; that it is widely believed that Israel used this intelligence as a bargaining chip in negotiations with the Soviet Union — are these just pesky little details that have little bearing on the principles?

What Greenwald calls ‘hypocrisy’ — for the U.S. to spy on its ‘close ally’ Israel — is in the eyes of many others, good judgement.

Officials are loath to talk publicly about it, but spying on allies is a fact of life: the United States invests billions annually to monitor the communications of its friends. Many American embassies around the world contain a clandestine intercept facility that targets diplomatic communications. The goal is not only to know the military and diplomatic plans of our friends but also to learn what intelligence they may be receiving and with whom they share information.

That doesn’t come from a report on the Snowden revelations. It comes from Seymour Hersh’s report on Pollard written for the New Yorker in 1999.

If Israel was about to launch a unilateral attack on Iran without consulting the U.S., would it be desirable for the U.S. to gain advance warning of such a plan? You bet!

And how would such intelligence be gathered? By trying to recruit Israelis willing to spy on their own government? Fat chance.

Even if they are limited, this is in fact one of the useful services of the NSA: spying on America’s most dangerous ally.

What Pollard did was provide Israel with the means to launch an attack without tipping off the NSA in advance.

Hersh reported:

Israel made dramatic use of the Pollard material on October 1, 1985, seven weeks before his arrest, when its Air Force bombed the headquarters of the Palestine Liberation Organization in Tunisia, killing at least sixty-seven people. The United States, which was surprised by the operation, eventually concluded that the Israeli planners had synergistically combined the day-to-day insights of the SIGINT Requirements List with the strategic intelligence of the FOSIF reports and other data that Pollard provided to completely outwit our government’s huge collection apparatus in the Middle East. Even Pollard himself, the senior official told me, “had no idea what he gave away.”

Facebooktwittermail

The NSA quantum computer ‘revelation’

Wired: The internet is abuzz over revelations that the NSA is building its own quantum computer, a machine that could crack the computer encryption codes exponentially faster than any machine available today. But this should come as no surprise.

“It’s an interesting topic,” says Scott Aaronson, a theoretical computer scientist at MIT who has followed quantum computing efforts for a good eight years. “But as far as I can see, there is no big new revelation here.”

The NSA has openly sponsored quantum computing research for close to a decade, helping to create something called the Joint Quantum Institute at the University of Maryland. And nearly five years ago, the head of the NSA, General Keith Alexander, predicted that the era of quantum computing was on the way — and that it would take the spy agency into new territory.

“I think we can see clearly out three to five years. Beyond that, things like a quantum computer start to bump up there,” Alexander told attendees at an Omaha Nebraska Cyberspace Symposium, saying that true quantum computing could be anywhere from three to 25 years away. “And when that hits, that’s a game changer. So things like that are there that we’re going to have to look at.”

The NSA documents leaked to the Washington Post by former NSA contractor Edward Snowden confirm the agency’s interest in quantum computing, though the Post reports that the agency is funding classified work at a University of Maryland laboratory called the Laboratory for Physical Sciences. We don’t know if the agency is any closer to actually completing a quantum computer than anyone else. In fact, the Post speculates that it’s probably not.

Christopher Monroe, a University of Maryland professor and a fellow at the Joint Quantum Institute, agrees there’s “nothing very interesting” in the Posts‘s documents. “I saw this story and was amused that somebody at the Post was trying a little too hard to make a story out of nothing, probably because everybody is intrigued by this fellow Snowden,” he said in an email interview. The NSA’s involvement in quantum information science, he adds, “is well known.” [Continue reading…]

If the current climate of libertarian paranoia had prevailed when the internet was in its early stages of development, no doubt there would have been much louder warnings about the dangers of networked computing and the Pentagon’s nefarious interest in its control.

Given that the interest in quantum computing extends far beyond the NSA, the NSA’s interest should be taken as a given. And as in most fields of basic research, the breakthroughs invariable require government investment. The free market pays for things that make money and the money-making potential of new technology often takes years or decades to materialize.

Facebooktwittermail

The security industry finds a dream enemy — government spy agencies

Lucian Constantin reports: 2013 was the year we learned we must encrypt our data if we don’t want the likes of the U.S. National Security Agency or the U.K. Government Communications Headquarters reading it as it crosses the Internet.

The security industry has the enemy it always dreamed of to help it make the case for encryption adoption, but users looking to secure their data and communications need to be wary of claims made in marketing messages. Securing data in motion is the priority, experts say, and some large Internet firms are already making progress in this area, but encrypting data at rest without losing its usefulness will prove a greater challenge.

“The NSA’s surveillance has opened the eyes of many people around the world,” Lamar Bailey, director of security research and development at security firm Tripwire said via email. “Security professionals have always known that this style of surveillance is possible with the right resources, but this episode has been a big wake-up call for everyone. Many countries and companies outside the U.S. are now taking a harder, more in-depth look at software and hardware that comes from the U.S., although the silver lining is that mainstream users are now more concerned with encrypting data and reviewing how their information is being shared.”

The public debate sparked by the surveillance revelations in recent months has prompted some encouraging responses already: Google has encrypted the links between its data centers; Yahoo is working to do the same and has promised to enable SSL encryption by default for webmail and other services, and Twitter has enabled an SSL feature called forward secrecy, already implemented by Google and Facebook, which makes mass decryption of SSL traffic hard even if the website operator’s master private key is compromised. [Continue reading…]

Facebooktwittermail

New York Times calls on Obama to grant Snowden clemency

An Editorial in the New York Times says: Seven months ago, the world began to learn the vast scope of the National Security Agency’s reach into the lives of hundreds of millions of people in the United States and around the globe, as it collects information about their phone calls, their email messages, their friends and contacts, how they spend their days and where they spend their nights. The public learned in great detail how the agency has exceeded its mandate and abused its authority, prompting outrage at kitchen tables and at the desks of Congress, which may finally begin to limit these practices.

The revelations have already prompted two federal judges to accuse the N.S.A. of violating the Constitution (although a third, unfortunately, found the dragnet surveillance to be legal). A panel appointed by President Obama issued a powerful indictment of the agency’s invasions of privacy and called for a major overhaul of its operations.

All of this is entirely because of information provided to journalists by Edward Snowden, the former N.S.A. contractor who stole a trove of highly classified documents after he became disillusioned with the agency’s voraciousness. Mr. Snowden is now living in Russia, on the run from American charges of espionage and theft, and he faces the prospect of spending the rest of his life looking over his shoulder.

Considering the enormous value of the information he has revealed, and the abuses he has exposed, Mr. Snowden deserves better than a life of permanent exile, fear and flight. He may have committed a crime to do so, but he has done his country a great service. It is time for the United States to offer Mr. Snowden a plea bargain or some form of clemency that would allow him to return home, face at least substantially reduced punishment in light of his role as a whistle-blower, and have the hope of a life advocating for greater privacy and far stronger oversight of the runaway intelligence community.

Mr. Snowden is currently charged in a criminal complaint with two violations of the Espionage Act involving unauthorized communication of classified information, and a charge of theft of government property. Those three charges carry prison sentences of 10 years each, and when the case is presented to a grand jury for indictment, the government is virtually certain to add more charges, probably adding up to a life sentence that Mr. Snowden is understandably trying to avoid.

The president said in August that Mr. Snowden should come home to face those charges in court and suggested that if Mr. Snowden had wanted to avoid criminal charges he could have simply told his superiors about the abuses, acting, in other words, as a whistle-blower.

“If the concern was that somehow this was the only way to get this information out to the public, I signed an executive order well before Mr. Snowden leaked this information that provided whistle-blower protection to the intelligence community for the first time,” Mr. Obama said at a news conference. “So there were other avenues available for somebody whose conscience was stirred and thought that they needed to question government actions.”

In fact, that executive order did not apply to contractors, only to intelligence employees, rendering its protections useless to Mr. Snowden. More important, Mr. Snowden told The Washington Post earlier this month that he did report his misgivings to two superiors at the agency, showing them the volume of data collected by the N.S.A., and that they took no action. (The N.S.A. says there is no evidence of this.) That’s almost certainly because the agency and its leaders don’t consider these collection programs to be an abuse and would never have acted on Mr. Snowden’s concerns.

In retrospect, Mr. Snowden was clearly justified in believing that the only way to blow the whistle on this kind of intelligence-gathering was to expose it to the public and let the resulting furor do the work his superiors would not. Beyond the mass collection of phone and Internet data, consider just a few of the violations he revealed or the legal actions he provoked:

■ The N.S.A. broke federal privacy laws, or exceeded its authority, thousands of times per year, according to the agency’s own internal auditor.

■ The agency broke into the communications links of major data centers around the world, allowing it to spy on hundreds of millions of user accounts and infuriating the Internet companies that own the centers. Many of those companies are now scrambling to install systems that the N.S.A. cannot yet penetrate.

■ The N.S.A. systematically undermined the basic encryption systems of the Internet, making it impossible to know if sensitive banking or medical data is truly private, damaging businesses that depended on this trust.

■ His leaks revealed that James Clapper Jr., the director of national intelligence, lied to Congress when testifying in March that the N.S.A. was not collecting data on millions of Americans. (There has been no discussion of punishment for that lie.)

■ The Foreign Intelligence Surveillance Court rebuked the N.S.A. for repeatedly providing misleading information about its surveillance practices, according to a ruling made public because of the Snowden documents. One of the practices violated the Constitution, according to the chief judge of the court.

■ A federal district judge ruled earlier this month that the phone-records-collection program probably violates the Fourth Amendment of the Constitution. He called the program “almost Orwellian” and said there was no evidence that it stopped any imminent act of terror.

The shrill brigade of his critics say Mr. Snowden has done profound damage to intelligence operations of the United States, but none has presented the slightest proof that his disclosures really hurt the nation’s security. Many of the mass-collection programs Mr. Snowden exposed would work just as well if they were reduced in scope and brought under strict outside oversight, as the presidential panel recommended.

When someone reveals that government officials have routinely and deliberately broken the law, that person should not face life in prison at the hands of the same government. That’s why Rick Ledgett, who leads the N.S.A.’s task force on the Snowden leaks, recently told CBS News that he would consider amnesty if Mr. Snowden would stop any additional leaks. And it’s why President Obama should tell his aides to begin finding a way to end Mr. Snowden’s vilification and give him an incentive to return home.

Facebooktwittermail

Chomsky: Mainstream media remains an ‘invaluable resource’

Salon: This year’s revelations about the scope of surveillance-state activity are certainly not the first major leaks you’ve seen draw scrutiny on government spying. Is there something particular or unique, in your view, about the NSA revelations?

In principle it’s not an innovation; things like this have been going on for a long time. The scale and the incredibly ambitious character of the surveillance and control is something new. But it’s the kind of thing one should expect. The history goes back a long way. So, for example, if you go back a century ago, right after the U.S. invasion of the Philippines — a brutal invasion that killed a couple hundred thousand people — there was a problem for the U.S. of pacification afterwards. What do you do to control the population to prevent another nationalist uprising? There’s a very good study of this by Alfred McCoy, a Philippines scholar at University of Wisconsin, and what he shows is that the U.S. used the most sophisticated technology of the day to develop a massive system of survelliance, control, disruption to undermine any potential opposition and to impose very tight controls on the population which lasted for a long time and in many ways the Philippines is still suffering from this. But he also points out the technology was immediately transferred home. Woodrow Wilson’s administration used it in their “Red Scare” a couple years later. The British used it, too.

Q: Do you think revelations about sprawling surveillance have prompted much significant self-reflection from the American public about the workings of our state apparatus and our use of technology?

Governments are power systems. They are trying to sustain their power and domination over their populations and they will use what means are available to do this. By now the means are very sophisticated and extensive and we can expect them to increase. So for instance, if you read technology journals you learn that in robotics labs for some years there have been efforts to develop small drones, what they call “fly-sized drones,” which can intrude into a person’s home and be almost invisible and carry out constant surveillance. You can be sure that the military is very much interested in this, and the intelligence systems as well, and will soon be using it.

We’re developing technologies that will be used by our own governments and by commercial corporations and are already being used to maximize information for themselves for control and domination. That’s the way power systems work. Of course, they’ve always played the security card. But I think one should be very cautious about such claims. Every government pleads security for almost anything it’s doing, so since the plea is predictable it essentially carries no information. If after the event the power system claims security, that doesn’t mean it’s actually a functioning principle. And if you look at the record, you discover that security is generally a pretext and security is not a high priority of governments. If by that I mean the security of the population — security of the power system itself and the domestic interests it represents, yes, that’s a concern. But security of the population is not.

Q: You’ve often highlighted flaws in mainstream media’s insidious institutional fealty during your career — notably in your book “Manufacturing Consent” [1988]. What do you think of the current state of the U.S. media? Do you have much hope for new ventures like Glenn Greenwald’s, which has already promised to aggressively take on government and corporate wrongdoing?

The availability of the Internet has offered a much easier access than before to a wide variety of information and opinion and so on. But I don’t think that is a qualitative shift. It is easier to go to the Internet than to go to the library, undoubtedly. But the shift from no libraries to the existence of libraries was a much greater shift than what we’ve seen with the Internet’s development. [The Internet] gives more access — that part is good — but on the other hand, it is combined with a process of undermining independent inquiry and reporting within the media themselves. There’s plenty to criticize about the mass media but they are the source of regular information about a wide range of topics. You can’t duplicate that on blogs. And that’s declining. Local newspapers, I need not inform you, are becoming very much narrower in their global outreach, even their national outreach. And that’s the real meat of inquiry, of information gathering. We can criticize its character and the biases that enter into it, and the institutional constraints on it, but nevertheless it’s of inestimable importance. I’ve never questioned that. And that’s diminishing at the same time as accesses to a wider range of materials is increasing. The Greenwald initiative is a very promising one. He himself has had an impressive career of independent thinking, inquiry, analysis and reporting. I think there is good reason to have a good deal of trust in his judgement. Where it will go, we don’t know; it hasn’t started yet so it is just speculation.

I think that, for example, the New York Times will remain what’s called the “newspaper of record” for the foreseeable future. I don’t see any competitor arising which has the range of resources, of overseas bureaus and so on. Again, I think there is plenty to criticize about it, but it is nevertheless an invaluable resource. There are many other independent developments which are quite significant of themselves, so it’s valuable to have, say, Amy Goodman’s Democracy Now or Salon or any other independent voice. But I don’t see any indication that there is going to be some radically new form of gathering, reporting and analyzing information. [Continue reading…]

Facebooktwittermail

Would NSA surveillance have stopped 9/11 plot?

Peter Bergen writes: The Obama administration has framed its defense of the controversial bulk collection of all American phone records as necessary to prevent a future 9/11.

During a House Intelligence Committee hearing on June 18, NSA director Gen. Keith Alexander said, “Let me start by saying that I would much rather be here today debating this point than trying to explain how we failed to prevent another 9/11.”

This closely mirrors talking points by the National Security Agency about how to defend the program.

In the talking points, NSA officials are encouraged to use “sound bites that resonate,” specifically, “I much prefer to be here today explain these programs, than explaining another 9/11 event that we were not able to prevent.”

On Friday in New York, Judge William H. Pauley III ruled that NSA’s bulk collection of American telephone records is lawful. He cited Alexander’s testimony and quoted him saying, “We couldn’t connect the dots because we didn’t have the dots.”

But is it really the case that the U.S. intelligence community didn’t have the dots in the lead up to 9/11? Hardly.

In fact, the intelligence community provided repeated strategic warning in the summer of 9/11 that al Qaeda was planning a large-scale attacks on American interests.

Here is a representative sampling of the CIA threat reporting that was distributed to Bush administration officials during the spring and summer of 2001:

— CIA, “Bin Ladin Planning Multiple Operations,” April 20
— CIA, “Bin Ladin Attacks May Be Imminent,” June 23
— CIA, “Planning for Bin Ladin Attacks Continues, Despite Delays,” July 2
— CIA, “Threat of Impending al Qaeda Attack to Continue Indefinitely,” August 3

The failure to respond adequately to these warnings was a policy failure by the Bush administration, not an intelligence failure by the U.S. intelligence community. [Continue reading…]

Facebooktwittermail

Inside the NSA’s catalog of surveillance magic

Sean Gallagher writes: The National Security Agency’s sophisticated hacking operations go way beyond using software vulnerabilities to gain access to targeted systems. The agency has a catalog of tools available that would make James Bond’s Q jealous, providing NSA analysts access to just about every potential source of data about a target.

In some cases, the NSA has modified the firmware of computers and network hardware—including systems shipped by Cisco, Dell, Hewlett-Packard, Huawei, and Juniper Networks—to give its operators both eyes and ears inside the offices the agency has targeted. In others, the NSA has crafted custom BIOS exploits that can survive even the reinstallation of operating systems. And in still others, the NSA has built and deployed its own USB cables at target locations—complete with spy hardware and radio transceiver packed inside.

Documents provided by former NSA contractor Edward Snowden to Der Spiegel reveal a fantastical collection of surveillance tools dating back to 2007 and 2008 that gave the NSA the power to collect all sorts of data over long periods of time without detection. The tools, ranging from back doors installed in computer network firmware and software to passively powered bugs installed within equipment, give the NSA a persistent ability to monitor some targets with little risk of detection. While the systems targeted by some of the “products” listed in the documents are over five years old and are likely to have been replaced in some cases, the methods and technologies used by all the exploit products could easily still be in use in some form in ongoing NSA surveillance operations. [Continue reading…]

Jacob Applebaum, co-author of the Der Spiegel report, spoke yesterday at the 30th annual Chaos Communication Congress where he presented new details including the NSA’s ability to hack a Wi-Fi network from up to eight miles away.

Facebooktwittermail

ACLU sues administration over overseas U.S. surveillance

UPI reports: A rights group sued to make five U.S. agencies prove Americans whose overseas communications are picked up by surveillance are fully protected under the law.

The American Civil Liberties Union said in its lawsuit, filed in U.S. District Court in New York, the CIA, National Security Agency, Justice Department, Defense Department and State Department have all but ignored a Freedom of Information Act request the non-partisan, non-profit group made in May and followed up on over successive months.

The FBI, Defense Department’s Defense Intelligence Agency, the Justice Department’s National Security Division and the State Department “have acknowledged receipt of the FOIA request and indicated its placement in their FOIA processing queues, but have provided no substantive response to date,” the lawsuit states.

The NSA provided four documents that were already publicly available and didn’t directly address the FOIA request, and the CIA said it wouldn’t comply with the request, citing an “unreasonably burdensome search,” says the lawsuit, which the ACLU filed with Yale Law School’s Media Freedom and Information Access Clinic.

The FOIA request and lawsuit seek to know what constitutional protections Americans’ international communications have under a several-times-modified December 1981 executive order signed by President Ronald Reagan that is frequently used by the Obama administration to justify NSA actions. [Continue reading…]

Facebooktwittermail

The NSA’s hackers

Der Spiegel reports: When it comes to modern firewalls for corporate computer networks, the world’s second largest network equipment manufacturer doesn’t skimp on praising its own work. According to Juniper Networks’ online PR copy, the company’s products are “ideal” for protecting large companies and computing centers from unwanted access from outside. They claim the performance of the company’s special computers is “unmatched” and their firewalls are the “best-in-class.” Despite these assurances, though, there is one attacker none of these products can fend off — the United States’ National Security Agency.

Specialists at the intelligence organization succeeded years ago in penetrating the company’s digital firewalls. A document viewed by SPIEGEL resembling a product catalog reveals that an NSA division called ANT has burrowed its way into nearly all the security architecture made by the major players in the industry — including American global market leader Cisco and its Chinese competitor Huawei, but also producers of mass-market goods, such as US computer-maker Dell.

These NSA agents, who specialize in secret back doors, are able to keep an eye on all levels of our digital lives — from computing centers to individual computers, from laptops to mobile phones. For nearly every lock, ANT seems to have a key in its toolbox. And no matter what walls companies erect, the NSA’s specialists seem already to have gotten past them.

This, at least, is the impression gained from flipping through the 50-page document. The list reads like a mail-order catalog, one from which other NSA employees can order technologies from the ANT division for tapping their targets’ data. The catalog even lists the prices for these electronic break-in tools, with costs ranging from free to $250,000.

In the case of Juniper, the name of this particular digital lock pick is “FEEDTROUGH.” This malware burrows into Juniper firewalls and makes it possible to smuggle other NSA programs into mainframe computers. Thanks to FEEDTROUGH, these implants can, by design, even survive “across reboots and software upgrades.” In this way, US government spies can secure themselves a permanent presence in computer networks. The catalog states that FEEDTROUGH “has been deployed on many target platforms.”

The specialists at ANT, which presumably stands for Advanced or Access Network Technology, could be described as master carpenters for the NSA’s department for Tailored Access Operations (TAO). [Continue reading…]

In another report, describing TAO, Der Spiegel says: This is the NSA’s top operative unit — something like a squad of plumbers that can be called in when normal access to a target is blocked.

According to internal NSA documents viewed by SPIEGEL, these on-call digital plumbers are involved in many sensitive operations conducted by American intelligence agencies. TAO’s area of operations ranges from counterterrorism to cyber attacks to traditional espionage. The documents reveal just how diversified the tools at TAO’s disposal have become — and also how it exploits the technical weaknesses of the IT industry, from Microsoft to Cisco and Huawei, to carry out its discreet and efficient attacks.

The unit is “akin to the wunderkind of the US intelligence community,” says Matthew Aid, a historian who specializes in the history of the NSA. “Getting the ungettable” is the NSA’s own description of its duties. “It is not about the quantity produced but the quality of intelligence that is important,” one former TAO chief wrote, describing her work in a document. The paper seen by SPIEGEL quotes the former unit head stating that TAO has contributed “some of the most significant intelligence our country has ever seen.” The unit, it goes on, has “access to our very hardest targets.”

Defining the future of her unit at the time, she wrote that TAO “needs to continue to grow and must lay the foundation for integrated Computer Network Operations,” and that it must “support Computer Network Attacks as an integrated part of military operations.” To succeed in this, she wrote, TAO would have to acquire “pervasive, persistent access on the global network.” An internal description of TAO’s responsibilities makes clear that aggressive attacks are an explicit part of the unit’s tasks. In other words, the NSA’s hackers have been given a government mandate for their work. During the middle part of the last decade, the special unit succeeded in gaining access to 258 targets in 89 countries — nearly everywhere in the world. In 2010, it conducted 279 operations worldwide.

Indeed, TAO specialists have directly accessed the protected networks of democratically elected leaders of countries. They infiltrated networks of European telecommunications companies and gained access to and read mails sent over Blackberry’s BES email servers, which until then were believed to be securely encrypted. Achieving this last goal required a “sustained TAO operation,” one document states.

This TAO unit is born of the Internet — created in 1997, a time when not even 2 percent of the world’s population had Internet access and no one had yet thought of Facebook, YouTube or Twitter. From the time the first TAO employees moved into offices at NSA headquarters in Fort Meade, Maryland, the unit was housed in a separate wing, set apart from the rest of the agency. Their task was clear from the beginning — to work around the clock to find ways to hack into global communications traffic. [Continue reading…]

Facebooktwittermail