NSA Official Uses LiveJournal-Like Board To Brag About 'Hunting SysAdmins'

from the one-way-to-do-things dept

The latest news from The Intercept involves yet another Snowden leaked document, in which an NSA official uses what certainly looks like LiveJournal (complete with “current mood” lines at the end of posts) to informally and gleefully discuss targeting sys admins in order to get access to the networks they maintain. It’s not a secret that the NSA does this. That became clear last fall, when earlier Snowden docs revealed how GCHQ and NSA had targeted a Belgacom sysadmin to get access to important Belgacom clients, including the EU Parliament. What’s interesting here is the breezy dismissive discussion by this NSA guy — and the fact that it looks like LiveJournal really gives you this parallel universe view. The tone and arrogance on display isn’t particularly different from various private sector hackers. It’s just that this guy has access to more powerful tools and the government behind him. Take, for example, this early post in which he brags about how totally cool it is that the NSA collects way more data than it needs:

That’s fairly incredible. He’s flat out admitting (unlike all the public statements from NSA defenders) that it’s great to have all that excess data way beyond what the NSA needs, because you can find all sorts of extra stuff. That’s exactly the concern plenty of people have raised — and which the NSA and its defenders have dismissed.

As The Intercept report notes, the guy admits that he targets sysadmins merely as a means to an end — to reach the people who use various systems. But, there’s no indication that he avoids targeting American sysadmins (he does limit his focus to those outside the US, but the NSA isn’t supposed to track even Americans outside the US). The NSA guy talks about how he basically goes fishing around to find sysadmins’ non-work emails (preferably Facebook accounts) to then make use of the NSA’s QUANTUM injection techniques. He notes that you can go after official addresses, but it’s much harder to trick sysadmins that way.

Either way, the rather cavalier attitude towards hacking into sysadmins’ accounts should raise some eyebrows.

Separately, I’m sure some folks will note that the slides appear to have a stamp on them that say “Copyright! Do not reuse this image!” Apparently that was in the original image (not added by The Intercept). The Intercept does note that this guy had been a contractor before joining the NSA. If he was a contractor when he wrote this, even thought it was written for the government, then he could claim a copyright over it. However, if he was an employee of the NSA, then as a work of the federal government, he could not. Of course, either way it doesn’t matter. If he actually did have the copyright on it, he’d have to reveal himself as the copyright holder (the Intercept keeps him anonymous) and do something about it (issue a takedown, sue, etc.). It seems unlikely he’d expose himself in that manner. Also, media publications discussing the documents also would have a fairly strong fair use defense to any such claim (and, further, it’s almost 100% certain that he did not register the copyright, meaning he’d be limited to just actual damages, of which there are unlikely to be… well… any). All that is kind of a meaningless ramble over something that won’t happen, but figured we might as well cover it since we often talk about copyright issues here too.

Filed Under: , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “NSA Official Uses LiveJournal-Like Board To Brag About 'Hunting SysAdmins'”

Subscribe: RSS Leave a comment
John Fenderson (profile) says:


With the other documents, there was at least a pretense of professionalism. With this, there is none. This is just a pure expression of joy at being able to spy for the sake of spying. To see something like this written, with not one iota of the gravity of the actions, indicates a culture and mindset that the infamous “smiley face” only hinted at. A culture and mindset that is fundamentally at odds with the notions of freedom and liberty.

This document sends more chills up my spine than any of the others I’ve seen yet.

edpo says:

Lies and Truths

“We don?t have the technical insights in the United States. In other words, you have to have something to intercept, or some way of doing that either by going to a service provider with a warrant or you have to be collecting in that area. We?re not authorized to do that, nor do we have the equipment in the United States to collect that kind of information.”
– Gen. Alexander

“One of the coolest things about it is *how much* data we have at our fingertips. if we *only* collected the data we knew we wanted… yeah, we’d fill some of our requirements, but htis is a whole world of possibilities we’d be missing!”
– Random immature NSA employee

Coyne Tibbets (profile) says:

Perfected cynicism

He’s a perfect example of a mind-set I’ve discussed elsewhere.

People in the NSA aren’t like you or I. If I became suspicious of John Doe, I would look at various information and make a decision as to whether or not my suspicions are founded. For people of this mindset of this NSA author, they look at all the data they have related to John Doe…and if they find nothing to confirm their suspicions then that is proof that they do not have enough data. These people are perfected cynics.

Because they must have “all data” to confirm their cynical suspicions, it is useless to assume that the national security apparati acquire anything less than what it is feasible (technically and financially) to acquire. Figures I did, and similar figures by Brewster Khale establish it is feasible technically and financially for the NSA to record all phone calls in the United States (and even the world, now) and to keep the recordings permanently.

Therefore, they are doing so: Assuming anything less fails to take into account their mindset. Which is always to keep everything, and keep it permanently.

After all, you never know when John Doe’s guilt will be confirmed by something his great granddaddy said in a phone call.

Anonymous Coward says:

I'd like to know who this is

Because this asshole is attacking my family.

How? Like most system admins, I don’t work a normal 40-hour week. I work whatever’s necessary, and I do some of it from home…from my own computers…on my own network…which I share with my family.

So when this asshole gleefully owns one of my systems, he’s got access to pictures of my children. He can reach my wife’s computer. He can see the sites my kids access, which means he can quickly figure out where they go to school. In his arrogance and hubris, he’s vacuuming up a LOT of date not just about me, not just about the systems and networks that I run, but about MY FAMILY.

I don’t even have the words to express my rage at this asshole and the threat he represents. He’s probably a serial rapist and a violent pedophile: he’s certainly a sociopath.

Ole Juul (profile) says:

Re: I'd like to know who this is

Your post just turned on a light for me. After reading the story I had thought to myself, what kind of system admin has a Facebook account? I would have thought it would be fairly unusual, but in a family situation it certainly wouldn’t. And regardless of that, working at home and having your family involved does put an even more disgusting slant on the operation.

Anonymous Coward says:

What’s the fuss? Spy agency targets admins. Seems like no brainer to me. That is their job. The only shocking part is that Petrobras or Belgacom would hire as admin someone who uses Windows and Facebook. Then they deserve to be nuked.

Missing part here is the usage of snatched data. If NSA shares it with, say Exxon or ATT, then we have serious problem of public agency being used for private greed.

When Bush was about to attack Iraq, NSA nuked all prospective hostile websites inside and outside USA. I see this issue missing from GGreenwald story.

John Fenderson (profile) says:

Re: Re:

“What’s the fuss? Spy agency targets admins. Seems like no brainer to me. That is their job.”

If those admins are in the US then it is not part of their job. In fact, it is specifically part of their job to not do it, since it’s against the law.

For sysadmins outside the US, it is imperative that they know they’re being specifically targeted so they can defend against it.

j5 says:

NSA Official Uses LiveJournal-Like Board To Brag About 'Hunting SysAdmins'

Does no-one else think this is just a bit too conveniently, blatantly, cartoonishly arrogant? The language is too open not to be considered as a possible JTRIG plant. It reads like a statement from a Bond villain written by a 10 yr old. This gets out, gets published, then the snoops and their shills get to discredit it quickly, easily & truthfully (just so they can try that on for a few minutes) and by spurious association undermine other information published on the same site. They are targeting sysadmins, there’s no reason to doubt that, a tactic it’s hard to imagine any impartial court finding legal under any circumstances, so efforts to discredit information that they’re doing so is credible as a priority for them.

It just reads kinda phoney to me.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...