Category Archives: Five Eyes

INCENSER, or how NSA and GCHQ are tapping internet cables

Peter Koop writes: Documents recently disclosed by Edward Snowden show that the NSA’s fourth-largest cable tapping program, codenamed INCENSER, pulls its data from just one single source: a submarine fiber optic cable linking Asia with Europe.

Until now, it was only known that INCENSER was a sub-program of WINDSTOP and that it collected some 14 billion pieces of internet data a month. The latest revelations now say that these data are collected with the help of the British company Cable & Wireless (codenamed GERONTIC, now part of Vodafone) at a location in Cornwall in the UK, codenamed NIGELLA.

For the first time, this gives us a view on the whole interception chain, from the parent program all the way down to the physical interception facility. Here we will piece together what is known about these different stages and programs from recent and earlier publications. [Continue reading…]

Facebooktwittermail

UK inquiry criticizes U.S. tech companies for failing to engage in counter-terrorism surveilance

Wired reports: GCHQ has direct access to “major internet cables” and has systems to monitor communications as they “traverse the internet” an official government report has revealed. The spy agency, which has been heavily criticised in the wake of the Snowden leaks, also admits that it has more data than it can handle. Despite these capabilities the government is being urged to massively expand its surveillance powers.

The details come from the Intelligence Security Committee’s inquiry (PDF) into the murder of the fusilier Lee Rigby by Michael Adebolajo and Michael Adebowale in Woolwich, London in 2013. While crucial details have been redacted for security reasons, the report still reveals the scale of the surveillance powers at GCHQ’s disposal.

Detailing GCHQ’s capabilities it notes that the spy agency has access to around “*** percent of global internet traffic and approximately *** percent of internet traffic entering or leaving the UK”. Despite the redactions the report does reveal that GCHQ is currently overwhelmed by the amount of data it has to process:

“The resources required to process the vast quantity of data involved mean that, at any one time, GCHQ can only process approximately *** of what they can access.”

The inquiry, which was set up to investigate what could have prevented Rigby’s murder, clears both M15 and M16 of any fault. It reveals that both Adebolajo and Adebowale were known to British security agencies, but that no action was taken. As both men were seen as low priority targets they were not subject to any specialist surveillance by GCHQ or any other agency.

The committee was far more damning in its assessment of an as-yet-unnamed US internet company. In December 2012 an exchange between Adebowale and an individual overseas revealed his intention to murder a soldier. The exchange was not seen by UK security services until after the attack. The report intimates that all overseas internet companies risk becoming a “safe haven for terrorists”.

“This company does not appear to regard itself as under any obligation to ensure that its systems identify such exchanges, or to take action or notify the authorities when its communications services appear to be used by terrorists.”

The Guardian identifies this company as Facebook.

The Wired report continues: “When the intelligence services are gathering data about everyone of us but failing to act on intelligence about individuals, they need to get back to basics, and look at the way they conduct targeted investigations,” said Jim Killock, executive director of online privacy advocates the Open Rights Group.

“The committee is particularly misleading when it implies that US companies do not cooperate, and it is quite extraordinary to demand that companies pro-actively monitor email content for suspicious material. Internet companies cannot and must not become an arm of the surveillance state.”

Facebooktwittermail

Want to avoid government malware? Ask a former NSA hacker

The Guardian reports: Many of the brightest minds from the National Security Agency and GCHQ staff tire themselves out from long years of service, moving out into the comfort of the private sector.

Unsurprisingly, the security industry welcomes them with open arms. After all, who better to hand out advice than alumni of two of the most sophisticated intelligence agencies on the planet?

A young British company called Darktrace, whose technology was spawned in the classrooms and bedrooms of Cambridge University, can now boast a covey of former spies among their executive ranks. Jim Penrose, who spent 17 years at the NSA and was involved in the much-feared Tailored Access Operations group (TAO), is one of Darktrace’s latest hires.

Though he declined to confirm or deny any of the claims made about TAO’s operations, including Edward Snowden leaks that showed it had hacked into between 85,000 and 100,000 machines around the world, Penrose spoke with the Guardian about how people might want to defend themselves from government-sponsored cyber attacks. [Continue reading…]

Facebooktwittermail

Utah considers cutting off water to the NSA’s monster data center

Wired reports: Lawmakers are considering a bill that would shut off the water spigot to the massive data center operated by the National Security Agency in Bluffdale, Utah.

The legislation, proposed by Utah lawmaker Marc Roberts, is due to go to the floor of the Utah House of Representatives early next year, but it was debated in a Public Utilities and Technology Interim Committee meeting on Wednesday. The bill, H.B. 161, directs municipalities like Bluffdale to “refuse support to any federal agency which collects electronic data within this state.”

The NSA brought its Bluffdale data center online about a year ago, taking advantage Utah’s cheap power and a cut-rate deal for millions of gallons of local water, used to cool the 1-million-square-foot building’s servers. Roberts’ bill, however, would prohibit the NSA from negotiating new water deals when its current Bluffdale agreement runs out in 2021.

The law seems like a long-shot to clear legislative hurdles when Utah’s legislature re-convenes next year, but Wednesday’s committee hearing was remarkable, nonetheless, says Nate Carlisle, a reporter with the Salt Lake Tribune who has waged a fight with the NSA and Bluffdale officials to determine how much water the data center is actually using. “What’s noteworthy is no one on the panel said: ‘Hey, wait a minute, we can’t do this,’” he says. “They had some specific concerns about the language of the bill, but there was no outright opposition.” [Continue reading…]

Facebooktwittermail

NSA phone data collection could go on, even if a law expires

The New York Times reports: A little-known provision of the Patriot Act, overlooked by lawmakers and administration officials alike, appears to give President Obama a possible way to keep the National Security Agency’s bulk phone records program going indefinitely — even if Congress allows the law on which it is based to expire next year.

Senate Republicans on Tuesday night used a filibuster to block consideration of a bill to end and replace the N.S.A. phone records program. The debate about what may happen next has played out based on a widely held premise: that the legal basis for the program, Section 215 of the Patriot Act, will expire on June 1, so if Congress remains gridlocked, the program will automatically shut down.

“I believe that if we do not pass this bill, the metadata program is at risk because the 215 program sunsets next year,” Senator Dianne Feinstein, Democrat of California, said in Tuesday night’s debate. But that premise may be incorrect. If the summer arrives and the program is facing a shutdown, Mr. Obama could invoke the provision to ask the Foreign Intelligence Surveillance Court to keep it going.

Several executive branch officials said the administration had not been studying that option and expressed doubt that Mr. Obama would take such a step, or that the Surveillance Court would agree to it if he tried. Still, the mere existence of a potential way for the program to keep going without congressional action could recast the debate. [Continue reading…]

Facebooktwittermail

Bill to restrict NSA data collection blocked in vote by Senate Republicans

The New York Times reports: Senate Republicans on Tuesday blocked a sweeping overhaul of the once-secret National Security Agency program that collects records of Americans’ phone calls in bulk.

Democrats and a handful of Republicans who supported the measure failed to secure the 60 votes they needed to take up the legislation. The vote was 58 to 42 for consideration.

Senator Patrick J. Leahy, the Vermont Democrat who drafted the bill, blamed what he said was fear-mongering by the bill’s opponents for its defeat. “Fomenting fear stifles serious debate and constructive solutions,” he said. “This nation deserves more than that.” [Continue reading…]

Facebooktwittermail

How the NSA began a new form of warfare in Iraq

Shane Harris writes: In a meeting of senior national security officials with President George W. Bush in the spring of 2007, the commander-in-chief authorized the NSA to begin hacking into the phone and computer networks of Iraqi insurgents.

The Iraqi cell phone network was a potential intelligence gold mine. Cell phone contracts were among the first business deals struck in Iraq after Saddam Hussein was driven from power. Wireless was cheaper than wired communications, and cell phones were proliferating. The NSA had access to foreign telecommunications networks through agreements struck with the United States—based carriers that operated them. These companies were paid handsomely — each receiving tens of millions of dollars annually, according to one former company executive — to give the spy agencies privileged access to their networks and the data coursing through them….

After Bush gave his order, daily strikes in Iraq were being carried about by a hybrid military and intelligence unit that brought together soldiers and spies. Their center of operations was a concrete hangar at the Balad Air Base, north of Baghdad, which had once housed Iraqi fighter jets. Most of the planes here now were unmanned drones. Their pilots worked alongside NSA hackers, FBI cyber forensics investigators, and special operations forces — the military’s elite commando squads. They all broke off into clusters, working with a seamless, almost organic precision. The hackers stole information from the enemy’s electronic devices and passed it to the analysts, who drew up target lists for the troops. As they went off on raids, the drone pilots watched overhead, giving eye-in-the-sky warning to the troops on the ground, thanks to sophisticated cameras and other sensors developed by the CIA. Sometimes the drone pilots themselves made the kill with a missile shot.

When an attack was finished, the troops gathered more intelligence from the site or from the fighters they captured — cell phones, laptop computers, thumb drives, address books, scraps of paper called “pocket litter” that might contain nothing more than a name, a phone number, or a physical or e-mail address. The troops brought the information back to the base and gave it to the analysts, who fed it into their databases and used data-mining software to look for connections to other fighters either in custody or at large. They paid close attention to how the fighters were getting money for their operations, including sources outside Iraq — in Syria, Iran, and Saudi Arabia.

Every day the unit netted between ten and twenty fighters. Whole terrorist networks were illuminated in this way, by U.S. forces who were starting to think and act like their enemy. They structured themselves not in vertical hierarchies but in networks, each member responding to conditions on the ground. They were making it up as they went along, and creating a new kind of warfare. [Continue reading…]

Facebooktwittermail

Yes, ISIS exploits technology. But that’s no reason to compromise our privacy

John Naughton writes: A headline caught my eye last Tuesday morning. “Privacy not an absolute right, says GCHQ chief”, it read. Given that GCHQ bosses are normally sensibly taciturn types, it looked puzzling. But it turns out that Sir Iain Lobban has retired from GCHQ to spend more time with his pension, to be followed no doubt, after a discreet interval, with some lucrative non-exec directorships. His successor is a Foreign Office smoothie, name of Robert Hannigan, who obviously decided that the best form of defence against the Snowden revelations is attack, which he mounted via an op-ed piece in the Financial Times, in the course of which he wrote some very puzzling things.

Much of his piece is a rehearsal of how good Isis has become at exploiting social media. Its members “use messaging and social media services such as Twitter, Facebook and WhatsApp, and a language their peers understand. The videos they post of themselves attacking towns, firing weapons or detonating explosives have a self-conscious online gaming quality. Their use of the World Cup and Ebola hashtags to insert the Isis message into a wider news feed, and their ability to send 40,000 tweets a day during the advance on Mosul without triggering spam controls, illustrates their ease with new media. There is no need for today’s would-be jihadis to seek out restricted websites with secret passwords: they can follow other young people posting their adventures in Syria as they would anywhere else.”

All of which is spot-on. From the very beginning, Isis fanatics have been up to speed on this stuff. Which raises an interesting question: how come that GCHQ and the other intelligence agencies failed to notice the rise of the Isis menace until it was upon us? Were they so busy hoovering metadata and tapping submarine cables and “mastering the internet” (as the code name of one of their projects puts it) that they didn’t have time to see what every impressionable Muslim 14-year-old in the world with an internet connection could see? [Continue reading…]

Facebooktwittermail

The internet data miners pose a bigger threat than the NSA data buccaneers

In an interview with LA Weekly, documentary-maker Laura Poitras — who along with Glenn Greenwald introduced Edward Snowden to the world — contrasts the difference between NSA surveillance and data mining by the likes of Facebook and Google by saying:

I do think there’s cause to be concerned about what Google can do with the information it has on you. It’s frightening, but in a different way, because Google has less power than the government. The relationship with Google is consensual.

No one has to use Google, just as no one has to use the internet — at least that’s one argument that some observers want to push when painting Silicon Valley data-collection as a cause of less concern than government surveillance.

But there reaches a point where the use of a new technology becomes so ubiquitous that choosing not to use it is more difficult than using it. By default we all use electricity and have become dependent on its availability. And even among the tiny segment of the population who have chosen to live “off the grid,” most use alternative systems of electricity generation. Electricity, in the modern world, is something that most people believe they need.

After 25 years, the internet has rapidly moved in the direction of becoming a public utility — a service that most Americans not only find useful but increasingly view as a necessity. During the same period, the commercial use of the internet has come to be dominated by a handful of companies and their individual and collective power makes it debatable whether we should see ourselves as consensual technology users.

Technically, Google might not be a monopoly, but it has so much market dominance it has become synonymous with search. That means that for most people, choosing to use Google is no different from choosing to use the internet.

Even while it’s hard to argue that Google has more power than the U.S. government, the giants of the internet should really be viewed as a collective entity in that they are all focused on the same goal: maximizing the commercial value of the time people spend using the internet. In pursuit of that goal their unwavering intention is to maximize their ability to control the behavior of internet users.

While the NSA glances over everyone’s shoulder on the miniscule chance it might glimpse something interesting, Google, Facebook, and Twitter want to get inside your brain, change the way it operates, and impact the way you live.

If that impact in its minutiae — buying songs on iTunes, clicking “like” buttons on Facebook, or crafting tweets that don’t even merit retweeting — seems largely trivial and thus innocuous, we are failing to see the extent to which technology companies have become like textile mills weaving the fabric of our lives.

We choose the threads, but they make the design.

This is a totalitarian project designed to change whole societies, but since it is guided by commercial imperatives rather than state control, most Americans seem to regard this as fundamentally benign.

Adam Bain, Twitter’s President of Global Revenue, sees his company’s goal as being to “monetise emotions.” Twitter wants to be able to train its users to spend money without thinking by triggering purchasing choices “in the moment.”

The fears about what the NSA could do with your data that have been generated by the Snowden revelations, involve legitimate concerns about privacy and surveillance, but they have also had the effect of turning attention away from larger issues.

Among Americans, nothing is easier than capitalizing on fear of government, but the powers that exercise more influence over most people’s daily lives in this country are now based in Silicon Valley, not Washington DC.

Every shred of information they can gather about everyone, they are right now putting to use as they engage in the largest exercise in social engineering ever undertaken in human history.

Facebooktwittermail

Government requests for Facebook user data are up 24% in six months

The Los Angeles Times reports: Government requests for Facebook data increased 24% in just six months, the social media giant said Tuesday, and nearly half of those requests came from the United States.

Between January and June, governments across the globe made 34,946 requests for data, according to the Menlo Park, Calif., company’s latest transparency report. The United States was responsible for 15,433 of those requests, spanning 23,667 accounts.

Facebook turned over data in about 80% of the cases; many of the requests were parts of search warrants or subpoenas, the report shows. The amount of content restricted or removed because of local laws increased about 19% since the end of 2013.

The world’s largest social network began releasing transparency reports in June 2013, after revelations that the company shared user data with the National Security Agency’s secret Internet surveillance program, Prism.

“We scrutinize every government request we receive for legal sufficiency under our terms and the strict letter of the law, and push back hard when we find deficiencies or are served with overly broad requests,” Facebook’s deputy general counsel, Chris Sonderby, said in a statement.

Over the same period, Twitter received 2,058 government requests, 1,257 of which were from the U.S. government, according to its September transparency report. It shared data in 73% of those cases.

Google has seen a 15% increase in requests since the second half of last year, and a 150% jump since the company began publishing such data in 2009. In the United States, requests have hiked 19% and 250%, respectively.

The PR departments inside the social media giants must love reports like this. Facebook, Twitter et al, get to play victims of government power and cast themselves as heroic defenders of public interest, dedicated to transparency and strict compliance with the law.

What gets glossed over is the fact that the data buccaneer, the NSA, that would have no data to plunder if it wasn’t being gathered by the internet companies in the first place.

Facebooktwittermail

New GCHQ chief spouts fiery rhetoric but spying agenda is same as before

James Ball reports: The new chief of GCHQ, Robert Hannigan, had two options when taking his post. As a relative outsider, joining the organisation from the Foreign Office, he could choose to strike a new, conciliatory tack in the post-Snowden surveillance debate – or he could defend the agency’s practices.

Barely six days into the job, Hannigan has signalled he will go with the latter. In a Financial Times opinion piece, he went much further than his predecessor’s valedictory address in pushing the traditional spy agency pro-surveillance agenda.

US technology giants, he said, have become “the command-and-control networks of choice for terrorists and criminals”. Privacy “has never been an absolute right”. Even principles of free speech are terror aids: Isis are “capitalising on western freedom of expression”, he stated.

By the usually moribund rhetorical standards of senior UK intelligence officials, this is fiery stuff. But the agenda behind it is very much business as usual. The UK’s intelligence agencies take the approach that they will get little credit for protecting civil liberties, but would be on the receiving end of huge opprobrium were they to fail prevent an attack. As a result, they lobby successive governments every year for ever-more powers, a small step at a time. [Continue reading…]

Facebooktwittermail

Brazil plans to lay trans-Atlantic cable free from NSA surveillance and U.S.-made technology

Bloomberg reports: Brazil is planning a $185 million project to lay fiber-optic cable across the Atlantic Ocean, which could entail buying gear from multiple vendors. What it won’t need: U.S.-made technology.

The cable is being overseen by state-owned telecommunications company Telecomunicacoes Brasileiras SA, known as Telebras. Even though Telebras’s suppliers include U.S. companies such as Cisco Systems Inc., Telebras President Francisco Ziober Filho said in an interview that the cable project can be built without any U.S. companies.

The potential to exclude U.S. vendors illustrates the fallout that is starting to unfold from revelations last year that the U.S. National Security Agency spied on international leaders like Brazil’s Dilma Rousseff and Germany’s Angela Merkel to gather intelligence on terror suspects worldwide.

“The issue of data integrity and vulnerability is always a concern for any telecom company,” Ziober said. The NSA leaks last year from contractor Edward Snowden prompted Telebras to step up audits of all foreign-made equipment to check for security vulnerabilities and accelerated the country’s move toward technological self-reliance, he said. [Continue reading…]

Facebooktwittermail

Conflict of interest: Senior NSA official moonlights for former NSA chief in private firm

The Guardian reports: The former director of the National Security Agency has enlisted the US surveillance giant’s current chief technology officer for his lucrative cybersecurity business venture, an unusual arrangement undercutting Keith Alexander’s assurances he will not profit from his connections to the secretive, technologically sophisticated agency.

Patrick Dowd continues to work as a senior NSA official while also working part time for Alexander’s IronNet Cybersecurity, a firm reported to charge up to $1m a month for advising banks on protecting their data from hackers. It is exceedingly rare for a US official to be allowed to work for a private, for-profit company in a field intimately related to his or her public function.

Reuters, which broke the story of Dowd’s relationship with IronNet, reported that the NSA is reviewing the business deal.

Since retiring from the NSA in March and entering the burgeoning field of cybersecurity consulting, Alexander has vociferously defended his ethics against charges of profiting off of his NSA credentials. Alexander was the founding general in charge of US Cyber Command, the first military command charged with defending Defense Department data and attacking those belonging to adversaries. Both positions provide Alexander with unique and marketable insights into cybersecurity. [Continue reading…]

Facebooktwittermail

Tom Engelhardt: Entering the intelligence labyrinth

Failure is success: How American intelligence works in the twenty-first century
By Tom Engelhardt

What are the odds? You put about $68 billion annually into a maze of 17 major intelligence outfits. You build them glorious headquarters.  You create a global surveillance state for the ages. You listen in on your citizenry and gather their communications in staggering quantities.  Your employees even morph into avatars and enter video-game landscapes, lest any Americans betray a penchant for evil deeds while in entertainment mode. You collect information on visits to porn sites just in case, one day, blackmail might be useful. You pass around naked photos of them just for… well, the salacious hell of it.  Your employees even use aspects of the system you’ve created to stalk former lovers and, within your arcane world, that act of “spycraft” gains its own name: LOVEINT.

You listen in on foreign leaders and politicians across the planet.  You bring on board hundreds of thousands of crony corporate employees, creating the sinews of an intelligence-corporate complex of the first order.  You break into the “backdoors” of the data centers of major Internet outfits to collect user accounts.  You create new outfits within outfits, including an ever-expanding secret military and intelligence crew embedded inside the military itself (and not counted among those 17 agencies).  Your leaders lie to Congress and the American people without, as far as we can tell, a flicker of self-doubt.  Your acts are subject to secret courts, which only hear your versions of events and regularly rubberstamp them — and whose judgments and substantial body of lawmaking are far too secret for Americans to know about.

You have put extraordinary effort into ensuring that information about your world and the millions of documents you produce doesn’t make it into our world.  You even have the legal ability to gag American organizations and citizens who might speak out on subjects that would displease you (and they can’t say that their mouths have been shut).  You undoubtedly spy on Congress.  You hack into congressional computer systems.  And if whistleblowers inside your world try to tell the American public anything unauthorized about what you’re doing, you prosecute them under the Espionage Act, as if they were spies for a foreign power (which, in a sense, they are, since you treat the American people as if they were a foreign population).  You do everything to wreck their lives and — should one escape your grasp — you hunt him implacably to the ends of the Earth.

As for your top officials, when their moment is past, the revolving door is theirs to spin through into a lucrative mirror life in the intelligence-corporate complex.

Continue reading

Facebooktwittermail

Visiting the ODNI: A day of speaking truth to power

Quinn Norton: “It’s called ‘the crackpot realism of the present’” someone said to me, and handed me a note. I folded up the note, and stuffed it in my purse. This was a phrase used to explain, much more clearly than I was doing at the time, the bias of thinking that now is right, forgetting that the future will look back on our ideas with the same curious and horrified amusement we watch the human past with. It’s believing, without any good reason, that right now makes sense.

The present I was in right then didn’t make a lot of sense.

I was sitting in a cleared facility near Tyson’s Corner in Virginia, the beating heart of the industrial-military-intelligence-policing complex, the Office of the Director of National Intelligence. I was there to help the government. Of the places I did not expect to ever go, at least not of my free will, the ODNI would be up there.

A few weeks ago, a friend from the Institute for the Future [IFTF] asked me if I would fly to DC for a one day workshop on the future of identity with the Office of the Director of National Intelligence. “What?” I sputtered, “Did they google me?” and then, mentally: Duh. The ODNI can do a lot more than google me.

I knew IFTF had intel clients, with whom I have occasionally chatted at events in the past. My policy when confronted with spooks asking questions about how the world works is to give them as much information as I can — one of my biggest problems with how security services work is their lack of wisdom. If I can reach people in positions of power and persuade them to critically examine that power, I consider that a win. I also consider it a long shot.

An invite from the ODNI is a strange thing. I’ve been publicly critical of them, sometimes viciously so. A few days earlier I tweeted that their director should be publicly tried for lying to Congress. I’ve written about the toxicity of the NSA spying (under ODNI direction), the corrupt fictions of Anonymous staged by the FBI (FBI/NSB is within ODNI’s area) and spoken out countless times in the last eight years against warrantless spying. I have even less love for the FBI and DOJ.

I turned the offer over in my head. I was influenced by a few things –yes it was paid, but not well paid. It was what I normally get from IFTF for a day of my time, and given the travel commitment, a bit low. I weighed the official imprimatur of involvement, and that was a factor. I am afraid of being pursued and harassed by my government. This has never happened to me in relation to my work, though I have been turned down for housing by people who feared I might bring police attention. It has to my friends, sources and associates. I know what it feels like, what they do when you’re a target, because I have been subject to terrorizing tactics and harassment because of whom I chose to love. I have publicly acknowledged that I self-censor because of this fear. I have a child to raise, and you can’t do that while you fight for your life and freedom in court. Raising my profile with the government as an expert probably makes me harder to harass.

I told my IFTF contact I don’t sign NDAs (which he already knew) and that I’d have to be public about my attendance and write about it. He told me they were publicly publishing their work for the ODNI too. “Huh,” I said to my screen. The organizers were on board with all of it. They wanted me in particular.

Finally, I thought about the hell I would get from the internet — like government harassment, internet harassment is part of the difficult and hated process of self-censorship for me.

In the end, I said yes, because you only get so far talking to your friends. [Continue reading…]

Facebooktwittermail

MonsterMind: Automated cyberwarfare

In “The most wanted man in the world,” his feature article for Wired on Edward Snowden, James Bamford writes: The massive surveillance effort was bad enough, but Snowden was even more disturbed to discover a new, Strangelovian cyberwarfare program in the works, codenamed MonsterMind. The program, disclosed here for the first time, would automate the process of hunting for the beginnings of a foreign cyberattack. Software would constantly be on the lookout for traffic patterns indicating known or suspected attacks. When it detected an attack, MonsterMind would automatically block it from entering the country — a “kill” in cyber terminology.

Programs like this had existed for decades, but MonsterMind software would add a unique new capability: Instead of simply detecting and killing the malware at the point of entry, MonsterMind would automatically fire back, with no human involvement. That’s a problem, Snowden says, because the initial attacks are often routed through computers in innocent third countries. “These attacks can be spoofed,” he says. “You could have someone sitting in China, for example, making it appear that one of these attacks is originating in Russia. And then we end up shooting back at a Russian hospital. What happens next?”

In addition to the possibility of accidentally starting a war, Snowden views MonsterMind as the ultimate threat to privacy because, in order for the system to work, the NSA first would have to secretly get access to virtually all private communications coming in from overseas to people in the US. “The argument is that the only way we can identify these malicious traffic flows and respond to them is if we’re analyzing all traffic flows,” he says. “And if we’re analyzing all traffic flows, that means we have to be intercepting all traffic flows. That means violating the Fourth Amendment, seizing private communications without a warrant, without probable cause or even a suspicion of wrongdoing. For everyone, all the time.”

Facebooktwittermail