NSA Denies Everything About Latest Intercept Leak, Including Denying Something That Was Never Claimed

from the let's-play-word-games-with-the-NSA dept

The recent leaks published at Glenn Greenwald's new home, The Intercept, detailed the NSA's spread of malware around the world, with a stated goal of sabotaging "millions" of computers. As was noted then, the NSA hadn't issued a comment. The GCHQ, named as a co-conspirator, had already commented, delivering the usual spiel about legality, oversight and directives -- a word salad that has pretty much replaced "no comment" in the intelligence world.

The NSA has now issued a formal statement on the leaks, denying everything -- including something that wasn't even alleged. In what has become the new "no comment" on the NSA side, the words "appropriate," "lawful" and "legitimate" are trotted out, along with the now de rigueur accusations that everything printed (including, apparently, its own internal documents) is false.

Recent media reports that allege NSA has infected millions of computers around the world with malware, and that NSA is impersonating U.S. social media or other websites, are inaccurate. NSA uses its technical capabilities only to support lawful and appropriate foreign intelligence operations, all of which must be carried out in strict accordance with its authorities. Technical capability must be understood within the legal, policy, and operational context within which the capability must be employed.

NSA's authorities require that its foreign intelligence operations support valid national security requirements, protect the legitimate privacy interests of all persons, and be as tailored as feasible. NSA does not use its technical capabilities to impersonate U.S. company websites. Nor does NSA target any user of global Internet services without appropriate legal authority. Reports of indiscriminate computer exploitation operations are simply false.
First off, for the NSA to claim that loading up "millions" of computers with malware is somehow targeted (and not "indiscriminate") is laughable. As for its "national security directive," it made a mockery of that when it proudly announced in its documents that "we hunt sys admins." Targeting telco and ISP systems administrators goes well outside the bounds of "national security." These people aren't suspected terrorists. They're just people inconveniently placed between the NSA and its goal of "collecting it all."

Last, but not least, the NSA plays semantic games to deny an accusation that was never made, calling to mind Clapper's denial of a conveniently horrendous translation of a French article on its spying efforts there.
NSA does not use its technical capabilities to impersonate U.S. company websites.
This "denial" refers to this portion of The Intercept's article.
In some cases the NSA has masqueraded as a fake Facebook server, using the social media site as a launching pad to infect a target’s computer and exfiltrate files from a hard drive...

In one man-on-the-side technique, codenamed QUANTUMHAND, the agency disguises itself as a fake Facebook server. When a target attempts to log in to the social media site, the NSA transmits malicious data packets that trick the target’s computer into thinking they are being sent from the real Facebook. By concealing its malware within what looks like an ordinary Facebook page, the NSA is able to hack into the targeted computer and covertly siphon out data from its hard drive.
The NSA's own documents say that QUANTUMHAND "exploits the computer of a target that uses Facebook." The man-on-the-side attack impersonates a server, not the site itself. The NSA denies impersonating sites, but that's not what The Intercept said or what its own documents state. This animated explanation, using the NSA's Powerpoint presentation, shows what the attack does -- it tips the TURBINE servers, which then send the malware payload before the Facebook servers can respond. To the end user, it looks as though Facebook is just running slowly.


When the NSA says it doesn't impersonate sites, it truly doesn't. It injects malware by beating Facebook server response time. It doesn't serve up faux Facebook pages; it simply grabs the files and data from compromised computers. The exploit is almost wholly divorced from Facebook itself. The social media site is an opportunity for malware deployment, and the NSA doesn't need to impersonate a site to achieve its aims. This is the NSA maintaining deniability in the face of damning allegations -- claiming something was said that actually wasn't and resorting to (ultimately futile) attempts to portray journalists as somehow less trustworthy than the agency.


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    icon
    sorrykb (profile), Mar 14th, 2014 @ 9:39am

    Denial = Confirmation?

    NSA does not use its technical capabilities to impersonate U.S. company websites.

    At this point, the mere fact that the NSA denies doing something is almost enough to convince me that they are doing it.

    I'm trying not to be paranoid. They just make it so difficult.

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Anonymous Coward, Mar 14th, 2014 @ 9:46am

    The NSA as twisted and stretched the meaning of words to the point that everything they say is so misleading, that their words no longer carry any weight in credibility.

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Anonymous Coward, Mar 14th, 2014 @ 9:48am

    Re: Denial = Confirmation?

    considering how much access they seemed to have I think it is entirely possible for them to do that. And the criminal energy to do it definitely there as well.

    By now you have to assume the worst when it comes to them, and once the truth comes out it tends to paint and even worse picture then what you could imagine.

    And there is still the question if facebook and similar sites might be at least funded, if not run by intelligence agencies alltogether. If that is the case that would put this denial in an entirely different light. It would read "We don't impersonate companies. We ARE the companies."...

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    Anonymous Coward, Mar 14th, 2014 @ 9:49am

    My idea was much the same as sorrykb's.

    The NSA has already spent its creditability. It wasted it on previous claims of absolutely not doing this or that, followed by days later it being revealed, yeah it did.

    I think we've reached the point that we realized that nothing the NSA says will have have the ring of truth about it, even when they are telling the truth.

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    Anonymous Coward, Mar 14th, 2014 @ 9:57am

    I'm not an expert on party word games. But some entrepreneur should make a party word game based on this stuff. If it doesn't exist already.

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    Mark Wing, Mar 14th, 2014 @ 10:35am

    Max level sophistry. I wonder if anyone at the NSA even remembers what the truth is, it's been coated in so many layers of bullshit.

     

    reply to this | link to this | view in thread ]

  7.  
    icon
    wto605 (profile), Mar 14th, 2014 @ 10:41am

    Maybe if we just ask the NSA what they haven't done, they'll "deny" everything they have done.

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    FreeCultureForFreePeople, Mar 14th, 2014 @ 10:48am

    Nor does NSA target any user of global Internet services without appropriate legal authority.

    Read:
    Nor does NSA target any user of global Internet services without having it rubberstamped by FISA court first.

    FTFY.

     

    reply to this | link to this | view in thread ]

  9.  
    icon
    Inwoods (profile), Mar 14th, 2014 @ 11:05am

    It would be truly amusing if the mysterious youtube slowdowns were related to similar tampering. No one seems to know who to blame.

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    edpo, Mar 14th, 2014 @ 11:10am

    NSA Word-Smithing

    "When I use a word," Humpty Dumpty said, in a rather scornful tone, "it means just what I choose it to mean - neither more nor less."

    "The question is," said Alice, "whether you can make words mean so many different things."

    "The question is," said Humpty Dumpty, "which is to be master - that's all."

     

    reply to this | link to this | view in thread ]

  11.  
    identicon
    Anonymous Coward, Mar 14th, 2014 @ 11:17am

    We know that the NSA, with the cooperation of the companies involved, has equipment co-located at major backbones and POPs to achieve the goals for QUANTUMHAND, QUANTUMINSERT, and etc.

    At what point will we start confronting these companies and pressuring them to discontinue such cooperation? I know it's no easy task, but just as much as the government is reeling from all the public pressure, so too will these companies if we press their hands. Make it affect their bottom line.

     

    reply to this | link to this | view in thread ]

  12.  
    identicon
    Thefarguy, Mar 14th, 2014 @ 11:29am

    NSA = Nazi Socialist Asswipes. They are working for the people who will eventually kill them and against the people who will have to fight to free them. What a bunch of fckng idiots.

     

    reply to this | link to this | view in thread ]

  13.  
    icon
    art guerrilla (profile), Mar 14th, 2014 @ 12:06pm

    Re: NSA Word-Smithing

    i can not stress this poster's sentiment, as well as voiced in the article itself, of the CHILDISH semantic games the alphabet spooks will play...
    they WILL (metaphorically speaking) look you straight in the eye, piss on your leg, and INSIST it is raining; THEN fabricate evidence to 'prove' it was rain...
    in my readings about the evil done in our name, with our money, *supposedly* to 'protect and serve' us, by the boys in black, you can NOT UNDERESTIMATE the most simplistic, and -to repeat myself- CHILDISH ways they will LIE AND DISSEMBLE...
    they are scum, they are slime, they are NOT the best and the brightest, they are the worst and most immoral...

    YOU CAN NOT OVERSTATE THEIR MORAL VACUITY...
    we do NOT deserve these pieces of shit...

     

    reply to this | link to this | view in thread ]

  14.  
    identicon
    Anonymous Coward, Mar 14th, 2014 @ 12:44pm

    more fun with words...

    Full Definition of FOREIGN
    1: situated outside a place or country; especially : situated outside one's own country

    2: born in, belonging to, or characteristic of some place or country other than the one under consideration

    3: of, relating to, or proceeding from some other person or material thing than the one under consideration

    4: alien in character : not connected or pertinent


    5: related to or dealing with other nations

    6a : occurring in an abnormal situation in the living body and often introduced from outside
    b : not recognized by the immune system as part of the self

    7: not being within the jurisdiction of a political unit (as a state)

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    Anonymous Coward, Mar 14th, 2014 @ 1:49pm

    is techdirt an hack target?

    this page of your site tries to run scripts from
    google
    amazonaws
    twitter
    facebook
    ajax.googleapis
    techdirt

    and install cookies from
    techdirt
    imigur

    and request resources from
    rp-api
    vimeo

    and install/use tracking beacons from
    facebook connect
    google +1
    gravitar
    nativo
    quantcast
    redit
    repost.us
    scorecard research beacon
    twitter button.

    ...and who knows what else would run if all that was allowed to proceed. (I'm not going to run them to find out the 2nd level stuff)

    for all the great reporting techdirt does on spying/tracking/privacy- you need to get you shit together already with this site; it seams like you're part of the problem. Please explain the technical facts as to why these same types of hacks couldn't be done to your readers through this clusterfuck of off site scripts/beacons/cookies/resources your forcing on people to ignorant to know how to block them.

    kudos for keeping the site working without that crap- but ffs, having it on by default makes techdirt seam hypocritical at best.

     

    reply to this | link to this | view in thread ]

  16.  
    icon
    Matthew Cline (profile), Mar 14th, 2014 @ 1:50pm

    As for its "national security directive," it made a mockery of that when it proudly announced in its documents that "we hunt sys admins."

    Well, heck, that's easy. Since the computers of the sys admins are just means to an ends, simply define "target" in a way that excludes anyone whose computers are compromised as a means to an end.

     

    reply to this | link to this | view in thread ]

  17.  
    identicon
    Anonymous mouse, Mar 14th, 2014 @ 1:56pm

     

    reply to this | link to this | view in thread ]

  18.  
    identicon
    Anonymous Coward, Mar 14th, 2014 @ 2:09pm

    hack target?- amend.

    -I posted above on the sites scripts/etc.
    perhaps I was a bit harsh/ short sited.

    Is there a way you can continue to do your excellent work, and have a reasonably profitable business model, without all those third parties spying on your readers, and the risks your current setup may incur?

     

    reply to this | link to this | view in thread ]

  19.  
    icon
    John Fenderson (profile), Mar 14th, 2014 @ 3:09pm

    Re:

    That Daily Mail article is Daily Mail doing it's usual "unintentional parody of the news" schtick, and is by definition bullshit. Also, the only source it cites is the Forbes article you linked to in your comment.

    I don' think the DM article was planted, I think it was just the Daily Mail being the Daily Mail.

     

    reply to this | link to this | view in thread ]

  20.  
    icon
    John Fenderson (profile), Mar 14th, 2014 @ 3:19pm

    Re: hack target?- amend.

    That whole thing is off topic and unnecessarily verbose. And while you are being hyperbolic, you do have a point.

    However, it's also not underhanded -- everyone who doesn't block that stuff plainly sees the ads, social media buttons, and other visible manifestations of the various connections outside the site. It's also the same stuff you see on most major websites these days. Very few people are utterly ignorant about what's going on for very long. These issues are well and widely discussed. Blocking it all is very easy, and people who care pretty quickly learn how to do it.

    My own elderly tech-ignorant mother, shortly after she discovered the web when playing with she shiny new computer, called me up to tell me about this awesome thing she found called AdBlock.

     

    reply to this | link to this | view in thread ]

  21.  
    identicon
    Anonymous Coward, Mar 14th, 2014 @ 3:49pm

    The fun has yet to really begin

    On April 8th, this year, Microsoft will withdraw security patches from Windows XP, leaving computers running it totally vulnerable to such hacks. Anybody want to place bets on the fact that the alphabet soup agencies of our wonderful gummint are going to be first in line to exploit them? Just think what NSA could do with 300,000,000+ computers to play with!

     

    reply to this | link to this | view in thread ]

  22.  
    identicon
    Anonymous Coward, Mar 14th, 2014 @ 4:39pm

    rere hack target-amend

    Yes your right, it was off topic, and unnecessarily verbose, I apologize; you guys don't deserve that sort of post. I ready several articles before posting that and some emotion had just built up; Things have just been getting to me lately I guess. The idea of those scripts/etc being a targeting/attack vector doesn't feel hyperbolic at all to me, and I wish I knew more/understood it better.

     

    reply to this | link to this | view in thread ]

  23.  
    identicon
    Anonymous Coward, Mar 14th, 2014 @ 9:36pm

    NSA does not use its technical capabilities to impersonate U.S. company websites.

    I'm willing to bet the NSA doesn't consider Facebook a company. Companies sell products and services. Facebook is just a free website where users can create a profile.

     

    reply to this | link to this | view in thread ]

  24.  
    identicon
    David Walters, Mar 15th, 2014 @ 3:41am

    Denials

    At this point the American people and the rest of the world would probably believe the NSA was staffed with aliens from Mars if it were published. And, it's not the fault of credulity of the citizens. It's the fault of the NSA's repeated denials being shown to be lies that's at fault.

    Truth is a fragile thing.

     

    reply to this | link to this | view in thread ]

  25.  
    identicon
    Anonymous Coward, Mar 16th, 2014 @ 1:15am

    Re:

    Just because a cost isn't (directly) measured monetarily, does not mean for a second that it's free, or without a price.

     

    reply to this | link to this | view in thread ]

  26.  
    identicon
    Anonymous Coward, Mar 16th, 2014 @ 6:03am

    Re:

    Like onions

    Onions of bullshit

     

    reply to this | link to this | view in thread ]

  27.  
    identicon
    Anonymous Coward, Mar 16th, 2014 @ 6:04am

    Re: Re:

    layers.........onion LAYERS of bullshit

     

    reply to this | link to this | view in thread ]

  28.  
    icon
    John Fenderson (profile), Mar 17th, 2014 @ 8:33am

    Re: The fun has yet to really begin

    "Microsoft will withdraw security patches from Windows XP"

    Uhh, no.

    Security patches already released are not being "withdrawn". If you've patched your OS, those patches will remain. There just won't be any new patches.

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
Advertisement
Essential Reading
Techdirt Deals
Techdirt Insider Chat
Techdirt Reading List
Advertisement
Recent Stories
Advertisement
Support Techdirt - Get Great Stuff!

Close

Email This

This feature is only available to registered users. Register or sign in to use it.