Will The CIA Treat Amazon's Cloud The Same Way It Treated Drives It Shared With The Senate?

from the we-steal-working-documents dept

The US intelligence community’s $600 million cloud computing deal with Amazon was finalized roughly a year ago, but recent revelations about the CIA’s behavior in shared virtual spaces is raising questions about the government’s move to virtual computing.

Two organizations — RootsAction.org and ExposeFacts.org — have just planted the following billboard at the doorstep of Amazon’s Seattle headquarters.

While there are 17 total intelligence agencies being connected through Amazon’s services, the CIA is the one generating the most concern at the moment. Marcy Wheeler (of emptywheel) asks some perfectly valid questions.

Marcy Wheeler — who writes widely on the legal aspects of the “war on terror” and its effects on civil liberties including her “Right to Know” column for ExposeFacts.org — said Wednesday that Amazon should answer a number of key questions before its customers and the general public can be assured that personal information from the company’s commercial operations is not finding its way into the CIA’s hands.

For instance, she said, Bezos and Amazon should answer the question: “Will there be any overlap between the physical hardware serving Amazon’s commercial cloud service and what is provided to the CIA?”

Referring to the CIA’s machinations over the still-unreleased Senate torture report, she added that Bezos should also be asked: “The CIA has admitted accessing documents made available to the Senate Intelligence Committee on shared space — what provisions have you made to prevent similar spying on Amazon’s commercial customers?”

If you’ll recall, accusations that the CIA “impersonated” Senate personnel in order to access Torture Report-related documents came to light late last month. Unnamed sources close to the action presented the CIA’s moves as the misuse of Senate staffer credentials to obtain in-progress documents related to the still-unreleased Torture Report. Another unnamed source closer to the intelligence side of things spun the agency’s alleged impersonation this way:

“CIA simply attempted to determine if its side of the firewall could have been accessed through the Google search tool. CIA did not use administrator access to examine [Intelligence Committee] work product,” the source said.

Peering back “in” using borrowed credentials is a good way to check for leaks, but it also allows the agency to look “out” at anything else stored on shared drives. It’s a very handy excuse, and one Marcy Wheeler thinks the agency might be tempted to deploy again within Amazon’s cloud service.

How thick is the wall separating the intelligence community and private businesses? Does this wall even exist outside of virtual barriers? Intelligence officials seem to be sold on Amazon’s ability to protect its assets from outsiders, but don’t appear to be nearly as concerned about internal compartmentalization. Will the IC’s servers be physically or virtually shared with the general public?

Amazon’s not saying. And quite obviously, neither are intelligence officials. Adding to the opacity is the fact that Amazon is one of the few tech companies not issuing periodic transparency reports detailing the frequency and number of requests for customer data by law enforcement and intelligence agencies.

Amazon continues to seek more government contracts, which will result in even more potential intermingling of public and private data in shared virtual spaces. The company hasn’t exactly been forthcoming on these government deals, and its ongoing lack of a transparency report isn’t much of a confidence builder.

Filed Under: , , , ,
Companies: amazon

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Will The CIA Treat Amazon's Cloud The Same Way It Treated Drives It Shared With The Senate?”

Subscribe: RSS Leave a comment
art guerrilla (profile) says:

here's my rule of thumb...

think up the weirdest, craziest, nastiest shit you can do to people while in the mindset of a 10 year old bad boy, and you will find the alphabet soup spooks have done twice as bad with half the results…

i’ve been reading about this shit for DECADES, and now that not only does all the koo-koo-kwazy konspiracy krap turn out to be true, AND it is MUCH WORSE THAN WE IMAGINED, NOT ONE status quo puke, NOT ONE apologist for Empire, NOT ONE law-and-order-repeating jerkoff has come out to say “Whoa, I guess I was a stupid fucktard for not thinking this through and figuring out that this kind of shit had to be going on.”

John Fenderson (profile) says:

Re: here's my rule of thumb...

“NOT ONE apologist for Empire, NOT ONE law-and-order-repeating jerkoff has come out to say “Whoa, I guess I was a stupid fucktard for not thinking this through and figuring out that this kind of shit had to be going on.””

I seem to remember one or two over the decades, but your point stands nonetheless.

However, in all fairness, this is pretty much a universal human trait. When someone has invested themselves heavily in a particular worldview, admitting the worldview was faulty (even to themselves) is psychologically as painful and terrifying as death itself.

This is why we see oddities like the fact that such people’s beliefs are reinforced by evidence that they’re wrong, rather than it changing their beliefs.

Every one of us, regardless of our worldviews, biases, and beliefs, need to be on guard for this effect in ourselves. It’s a notoriously tricky thing.

As Robert Anton Wilson said: belief is the death of intelligence.

pixelpusher220 (profile) says:

Apples vs Oranges?

The ‘Senate’ computers the CIA spied on were housed and maintained by the CIA at CIA Headquarters.

Amazon Cloud computers certainly aren’t stored at a CIA site.

It’s certainly not a huge stretch to believe the CIA would hack their way into Amazon Cloud but that’s an entirely different thing than the ‘Senate’ computer issue.

Anonymous Coward says:

Re: Re: Re:

See 14 below for what I believe to be an accurate statement of what is being installed and where. It is the norm for private contractors to design and install IT systems for the USG. What makes this somewhat unusual is that the procurement contemplates the participation of several agencies that operate independently of each other and tend to be quite “turf conscious”.

Anonymous Coward says:

Re: Re:

The level of naivete’ displayed here is charming.

Amazon runs an operation LOADED with data of interest to the CIA. Who’s buying what? Who’s reading what? Who has what credit cards? Who lives where? And so on.

The CIA, the NSA, the DHS, everyone wants that data, and no doubt by now they’ve got it.

But Amazon also runs an operation LOADED not only with data of interest, but network traffic of interest — as everyone should know realize, even if that traffic is encrypted, the metadata is extremely revealing. Amazon’s cloud is one of the motherlodes and so OF COURSE the CIA (and the NSA and the DHS) wants to have its fingers wrapped around it.

It’s just too tempting. There is no way in hell that they can look at an operation of that size under US jurisdiction and keep their hands off it.

And why should they? There’s no due process, no checks-and-balances, no sunshine, no hearings, no NOTHING to stop them.

So maybe before you leap to the conclusion that this is exactly what the paperwork claims it is, you should consider the source and the context of recent history.

Anonymous Coward says:

Re: Re: Re:

If they have access whatever gives you the idea that they would be content to access what they can’t read? There’d be no purpose to that. You have to assume if they can access it then they have the keys or have gone the route of government demanding they have access to it.

You sound a whole lot gullible in this. There’d be no purpose to access without being able to know what’s there.

Anonymous Coward says:

How about I don’t do business with Amazon any more than possible as a sign of my displeasure? I wonder how many others might think this way and seek other clouds outside the US to dodge all the NSA spying?

I know that many sites depend on Amazon Cloud to offset DDoS attacks but surely there are other cloud businesses that come without the NSA add-on.

Travis says:

The current federal rules require all gov data systems to be physically separate from non-gov systems, even when housed in the same data center. Separate hardware, separate cabling, separate external data link. My understanding is that the work Amazon is doing is setting up data centers at gov sites using a modified version of Amazon’s cloud management system.

BentFranklin (profile) says:

This article is absurd:

1. The CIA, NSA, etc. has no need to be using Amazon’s cloud in order to hack it if that’s what they intend to do.

2. Being a customer of the cloud in no way gives you any special access to other cloud customers’ data.

3. Sharing hardware does not create an increased danger of sharing data. These clouds have thousands of cores and everything is virtualized and distributed.

So these fact exposers aren’t exposing anything besides their own ignorance. I’d have thought TechDirt would recognize that.

Anonymous Coward says:

Re: Re:

Ehh none of that matters, the point is to raise eyebrows and awareness that the CIA is on Amazon’s cloud. It’s spreading a combination of useful information and FUD for a good cause.

Eg. I’m not saying that just because the CIA is Amazon’s customer – to the tune of a 650 million dollar contract – that Amazon is in bed with the CIA, nor am i saying that Amazon is giving the CIA access to all your data, i’m just asking questions.

Leaving aside any potential moral implications or ends justify the means arguments, playing on people’s fears is a very effective tool for all sorts of purposes. The CIA does this shit day and night, why not use their own tactics against them?

Anonymous Coward says:

Re: Re: Re:

Would this have even been a noteworthy story had IBM been the winning bidder for the contract? I think not. It would have been just another story about yet another run-or-the-mill government contract.

Frankly, the only thing about this contract that is somewhat atypical is that it cuts across several agencies, as opposed to being associated with a single agency. Not that this never happens, but only that it is not commonplace.

Anonymous Coward says:

Re: Re: Re: Re:

Would this have even been a noteworthy story had IBM been the winning bidder for the contract?

I don’t have a crystal ball i’m afraid, so i can’t say whether it would have been a noteworthy story or not.

I would argue however that Amazon is not typically thought of as a company the average Dick and Jane would expect to be involved in 650 million dollar covert CIA contracts. Amazon are their goto guys for retail – as harmless as the day is long and oh have i told you how much i just adore my prime membership!

So in that sense Amazon is a far better target for this type of campaign than boring old IBM would be because no one expects grandpa Amazon – the one who’s just so polite and always there when i need him – to be in bed with a shadowy and impenetrable government agency currently embroiled in a disgraceful torture scandal. So I’d argue that this type of reveal makes a much bigger splash in their consciousness than an IBM story would. Afterall, they know and trust Amazon… or at least they thought they did… Now they’re quite so sure.

Anonymous Coward says:

queer bedfellows and pillowtalk

Although the CIA and Amazon appear to be in bed together, that’s not to say that there’s necessarily anything scandalous taking place under the covers.

But who knows where this ‘special’ relationship will lead. Perhaps Amazon will end up more sympathetic to the government’s privacy-crushing War On Terror. Perhaps, as with with the RSA dupes before, the CIA will offer Amazon help and friendly advice that’s really a Trojan horse.

Whatever the case, it’s never a good sign when companies start cozying up to the government. I certainly won’t be buying anything from Amazon any more, and if enough people do likewise, maybe they’ll get the hint.

Anonymous Coward says:

CIA co-sharing physical space?
All it takes is one ‘rogue’ (yeah right!) agent to ‘accidentally’ run a few ethernet cables from the spare socket of a few corporations into their own server….

Then just redact and try to FUD your way out of any accountability.

If *I* had anything at all, valuable or not on Amazons Cloud I’d be laying down the ultimatum of CIA or me…

Anonymous Coward says:

Re: Re:

How much do you want to be that the likelihood of shared hardware borders somewhere in the neighborhood of “zip” and “zero”?

This is one issue where the government is positively anal, as it should be, in attempting to ensure that only authorized personnel have access to such systems…and in this case this is especially true given the nature of the information being stored.

Anonymous Coward says:

Re: Re: Re:

How much do you want to be that the likelihood of shared hardware borders somewhere in the neighborhood of “annexed by the CIA” once they declare the servers (or the companies hosted on the server) to be enemy combatants?
— all using a double-secret super-spy court that’s only accountable to the voices in the CIA directors head.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...