NSA Official Uses LiveJournal-Like Board To Brag About 'Hunting SysAdmins'

from the one-way-to-do-things dept

The latest news from The Intercept involves yet another Snowden leaked document, in which an NSA official uses what certainly looks like LiveJournal (complete with "current mood" lines at the end of posts) to informally and gleefully discuss targeting sys admins in order to get access to the networks they maintain. It's not a secret that the NSA does this. That became clear last fall, when earlier Snowden docs revealed how GCHQ and NSA had targeted a Belgacom sysadmin to get access to important Belgacom clients, including the EU Parliament. What's interesting here is the breezy dismissive discussion by this NSA guy -- and the fact that it looks like LiveJournal really gives you this parallel universe view. The tone and arrogance on display isn't particularly different from various private sector hackers. It's just that this guy has access to more powerful tools and the government behind him. Take, for example, this early post in which he brags about how totally cool it is that the NSA collects way more data than it needs:
That's fairly incredible. He's flat out admitting (unlike all the public statements from NSA defenders) that it's great to have all that excess data way beyond what the NSA needs, because you can find all sorts of extra stuff. That's exactly the concern plenty of people have raised -- and which the NSA and its defenders have dismissed.

As The Intercept report notes, the guy admits that he targets sysadmins merely as a means to an end -- to reach the people who use various systems. But, there's no indication that he avoids targeting American sysadmins (he does limit his focus to those outside the US, but the NSA isn't supposed to track even Americans outside the US). The NSA guy talks about how he basically goes fishing around to find sysadmins' non-work emails (preferably Facebook accounts) to then make use of the NSA's QUANTUM injection techniques. He notes that you can go after official addresses, but it's much harder to trick sysadmins that way.

Either way, the rather cavalier attitude towards hacking into sysadmins' accounts should raise some eyebrows.

Separately, I'm sure some folks will note that the slides appear to have a stamp on them that say "Copyright! Do not reuse this image!" Apparently that was in the original image (not added by The Intercept). The Intercept does note that this guy had been a contractor before joining the NSA. If he was a contractor when he wrote this, even thought it was written for the government, then he could claim a copyright over it. However, if he was an employee of the NSA, then as a work of the federal government, he could not. Of course, either way it doesn't matter. If he actually did have the copyright on it, he'd have to reveal himself as the copyright holder (the Intercept keeps him anonymous) and do something about it (issue a takedown, sue, etc.). It seems unlikely he'd expose himself in that manner. Also, media publications discussing the documents also would have a fairly strong fair use defense to any such claim (and, further, it's almost 100% certain that he did not register the copyright, meaning he'd be limited to just actual damages, of which there are unlikely to be... well... any). All that is kind of a meaningless ramble over something that won't happen, but figured we might as well cover it since we often talk about copyright issues here too.

Reader Comments (rss)

(Flattened / Threaded)

  •  
    icon
    BentFranklin (profile), Mar 21st, 2014 @ 7:24am

    And of course, inspecting packet headers going to and from these routers is just metadata, so no big deal right?

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Mar 21st, 2014 @ 7:46am

    "just plain awesome", "downright cool"

    How old are these kids?

    They disgust me.

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    John Fenderson (profile), Mar 21st, 2014 @ 8:04am

    Chilling

    With the other documents, there was at least a pretense of professionalism. With this, there is none. This is just a pure expression of joy at being able to spy for the sake of spying. To see something like this written, with not one iota of the gravity of the actions, indicates a culture and mindset that the infamous "smiley face" only hinted at. A culture and mindset that is fundamentally at odds with the notions of freedom and liberty.

    This document sends more chills up my spine than any of the others I've seen yet.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Mar 21st, 2014 @ 8:25am

    If you can't beat them...

    join them.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    me@me.net, Mar 21st, 2014 @ 8:28am

    all they have proven

    is they are traitors

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Baron von Robber, Mar 21st, 2014 @ 8:34am

    But it's so hard!

    It's so hard to get those warrenty things and just spy on bad guys. It's really hard!! It makes us want to go poopy. :(

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    edpo, Mar 21st, 2014 @ 9:18am

    Lies and Truths

    "We don’t have the technical insights in the United States. In other words, you have to have something to intercept, or some way of doing that either by going to a service provider with a warrant or you have to be collecting in that area. We’re not authorized to do that, nor do we have the equipment in the United States to collect that kind of information."
    - Gen. Alexander


    "One of the coolest things about it is *how much* data we have at our fingertips. if we *only* collected the data we knew we wanted... yeah, we'd fill some of our requirements, but htis is a whole world of possibilities we'd be missing!"
    - Random immature NSA employee

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    Coyne Tibbets (profile), Mar 21st, 2014 @ 9:34am

    Perfected cynicism

    He's a perfect example of a mind-set I've discussed elsewhere.

    People in the NSA aren't like you or I. If I became suspicious of John Doe, I would look at various information and make a decision as to whether or not my suspicions are founded. For people of this mindset of this NSA author, they look at all the data they have related to John Doe...and if they find nothing to confirm their suspicions then that is proof that they do not have enough data. These people are perfected cynics.

    Because they must have "all data" to confirm their cynical suspicions, it is useless to assume that the national security apparati acquire anything less than what it is feasible (technically and financially) to acquire. Figures I did, and similar figures by Brewster Khale establish it is feasible technically and financially for the NSA to record all phone calls in the United States (and even the world, now) and to keep the recordings permanently.

    Therefore, they are doing so: Assuming anything less fails to take into account their mindset. Which is always to keep everything, and keep it permanently.

    After all, you never know when John Doe's guilt will be confirmed by something his great granddaddy said in a phone call.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Mar 21st, 2014 @ 10:01am

    Just in case you were wondering

    That copyright tag was actually appended by the NSA source, not the first reporter (The Intercept) or Techdirt.

    It's extremely hilarious because government employees cannot copyright their work.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Mar 21st, 2014 @ 10:12am

    I'd like to know who this is

    Because this asshole is attacking my family.

    How? Like most system admins, I don't work a normal 40-hour week. I work whatever's necessary, and I do some of it from home...from my own computers...on my own network...which I share with my family.

    So when this asshole gleefully owns one of my systems, he's got access to pictures of my children. He can reach my wife's computer. He can see the sites my kids access, which means he can quickly figure out where they go to school. In his arrogance and hubris, he's vacuuming up a LOT of date not just about me, not just about the systems and networks that I run, but about MY FAMILY.

    I don't even have the words to express my rage at this asshole and the threat he represents. He's probably a serial rapist and a violent pedophile: he's certainly a sociopath.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Mar 21st, 2014 @ 10:32am

      Re: I'd like to know who this is

      Never mind him. Think about who employs this useful idiot.

       

      reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Mar 21st, 2014 @ 6:19pm

      Re: I'd like to know who this is

      And this is what average_joe and darryl consider due process. Shameful.

       

      reply to this | link to this | view in chronology ]

    •  
      icon
      Ole Juul (profile), Mar 22nd, 2014 @ 2:13am

      Re: I'd like to know who this is

      @AC10:12
      Your post just turned on a light for me. After reading the story I had thought to myself, what kind of system admin has a Facebook account? I would have thought it would be fairly unusual, but in a family situation it certainly wouldn't. And regardless of that, working at home and having your family involved does put an even more disgusting slant on the operation.

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    Just Another Anonymous Troll, Mar 21st, 2014 @ 10:15am

    Wait a minute, if the government never lies and it says that they are not violating privacy but this guy also works for the government and he brags that they doOOOOOOOERRORLOGICALCONTRADICTION(;56^%^|?.'b?&,,!?€

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Mar 21st, 2014 @ 10:50am

    The slang is generic computer nerd slang from across several generations of computer nerds. While I don't like the targeting of innocent people, I would caution against us from vilifying the language he used. This is nerd speak, and most of us here are nerds.

     

    reply to this | link to this | view in chronology ]

    •  
      icon
      John Fenderson (profile), Mar 21st, 2014 @ 11:02am

      Re:

      It's not generic nerd-speak. It's language used primarily by two nerd subcultures: certain gamers and script kiddies. Further, this is adolescent language that is generally shed when maturity sets in.

      I'm guessing, given the context, that the subculture in play here isn't gamers.

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Mar 21st, 2014 @ 11:42am

    General Benedict Arnold offered but failed to surrender West Point to the British. - Traitor.

    General Keith Alexander offered and succeeded in selling one of our constitutional rights (the 4th amendment) to the British. - _______.

    Fill in the blank.

    Got to wonder what old General Washington would have thought of Keith.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    observer, Mar 21st, 2014 @ 1:04pm

    This isn't just something that looks like LJ: unless I'm very much mistaken, it's the actual LJ platform or a very close variant. Which is open source, so that's the one thing they haven't done wrong.

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    Putin (profile), Mar 21st, 2014 @ 4:22pm

    NSA Official Uses LiveJournal-Like Board To Brag About 'Hunting SysAdmins'

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Mar 21st, 2014 @ 7:33pm

    What's the fuss? Spy agency targets admins. Seems like no brainer to me. That is their job. The only shocking part is that Petrobras or Belgacom would hire as admin someone who uses Windows and Facebook. Then they deserve to be nuked.

    Missing part here is the usage of snatched data. If NSA shares it with, say Exxon or ATT, then we have serious problem of public agency being used for private greed.

    When Bush was about to attack Iraq, NSA nuked all prospective hostile websites inside and outside USA. I see this issue missing from GGreenwald story.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Mar 22nd, 2014 @ 12:49am

      Re:

      Missing part here is the usage of snatched data.
      It will be used for whatever their political masters want, and they are owned by the corporations.

       

      reply to this | link to this | view in chronology ]

    •  
      icon
      John Fenderson (profile), Mar 22nd, 2014 @ 1:04pm

      Re:

      "What's the fuss? Spy agency targets admins. Seems like no brainer to me. That is their job."

      If those admins are in the US then it is not part of their job. In fact, it is specifically part of their job to not do it, since it's against the law.

      For sysadmins outside the US, it is imperative that they know they're being specifically targeted so they can defend against it.

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    MS, Mar 22nd, 2014 @ 6:01pm

    American Sysadmins

    Where does it say that he targeted American sysadmins? Maybe I missed it, but I didn't see that specified. Given that it's contrary to law, why assume that he did.

    Consider an analogy. If I said that I eat meat (actually, I do), would you then assume that I illegally eat human flesh?

     

    reply to this | link to this | view in chronology ]

    •  
      icon
      John Fenderson (profile), Mar 23rd, 2014 @ 9:13am

      Re: American Sysadmins

      I assume they target US sysadmins because why wouldn't they? They don't have a problem targeting us citizens in other programs. In your analogy, they've already been caught eating human flesh in other recipes. Why would they avoid it in this one?

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    j5, Mar 23rd, 2014 @ 2:26pm

    NSA Official Uses LiveJournal-Like Board To Brag About 'Hunting SysAdmins'

    Does no-one else think this is just a bit too conveniently, blatantly, cartoonishly arrogant? The language is too open not to be considered as a possible JTRIG plant. It reads like a statement from a Bond villain written by a 10 yr old. This gets out, gets published, then the snoops and their shills get to discredit it quickly, easily & truthfully (just so they can try that on for a few minutes) and by spurious association undermine other information published on the same site. They are targeting sysadmins, there's no reason to doubt that, a tactic it's hard to imagine any impartial court finding legal under any circumstances, so efforts to discredit information that they're doing so is credible as a priority for them.

    It just reads kinda phoney to me.

     

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
Advertisement
Essential Reading
Techdirt Deals
Techdirt Insider Chat
Techdirt Reading List
Advertisement
Recent Stories
Advertisement
Support Techdirt - Get Great Stuff!

Close

Email This

This feature is only available to registered users. Register or sign in to use it.