The latest report from the NY Times based on Snowden's revelations seems to jump all over the place, talking about a variety of efforts by the NSA to spy on people. Much of it seems to repeat earlier claims about the NSA's malware program, codenamed QUANTUM. It updates the earlier claims that there are 50,000 QUANTUM-infected computers to claim that the number is now 100,000. However, it also notes that most of the targets are exactly the kinds of things you'd expect the NSA to be spying on: the Chinese and Russian militaries, mainly.
Perhaps more interesting is that it builds on the reporting in Der Spiegel concerning the NSA's catalog of tech tools to infiltrate computers, to tie those back to the QUANTUM program, and note that many of the tools rely not on an internet connection, but on a secretly inserted radio transmitter, which can be picked up by a device in an "oversized suitcase" that can be placed miles away. By itself, none of this is all that surprising, but the documents certainly suggest the NSA is doing this on a larger scale than suspected in the past:
“What’s new here is the scale and the sophistication of the intelligence agency’s ability to get into computers and networks to which no one has ever had access before,” said James Andrew Lewis, the cybersecurity expert at the Center for Strategic and International Studies in Washington. “Some of these capabilities have been around for a while, but the combination of learning how to penetrate systems to insert software and learning how to do that using radio frequencies has given the U.S. a window it’s never had before.”
Again, these activities certainly seem more in line with what you'd expect the NSA to be doing, and raise (yet again) the question of why the NSA needs to "collect it all" when it appears that programs like these can be quite effective in doing targeted surveillance against those actually seeking to attack the US in some manner?
Separately, as the article notes, this has made the US's moral high ground concerning claims that China is doing similar surveillance on the US seem quite questionable. As the article notes, the US's attempted distinction between "national security" and "economic espionage" doesn't make much sense to many.
When the Chinese place surveillance software on American computer systems — and they have, on systems like those at the Pentagon and at The Times — the United States usually regards it as a potentially hostile act, a possible prelude to an attack. Mr. Obama laid out America’s complaints about those practices to President Xi Jinping of China in a long session at a summit meeting in California last June.
At that session, Mr. Obama tried to differentiate between conducting surveillance for national security — which the United States argues is legitimate — and conducting it to steal intellectual property.
“The argument is not working,” said Peter W. Singer of the Brookings Institution, a co-author of a new book called “Cybersecurity and Cyberwar.” “To the Chinese, gaining economic advantage is part of national security. And the Snowden revelations have taken a lot of the pressure off” the Chinese.
Of course, if the US were focused on actually increasing security on US computing systems and networks, rather than undermining them with backdoors and vulnerabilities, perhaps we'd be more protected from the Chinese. It's too bad that the NSA hasn't actually been helping on that front at all.
Every day, Rep. Peter King seems more and more like a TV villain politician. He's so... over the top in his crazy surveillance state opinions that it's almost difficult to believe he's real. Just take a stroll through his previous statements, in which he's attacked the NY Times for supporting Ed Snowden, whom he calls both a "traitor" and a "terrorist appeaser." He's said that it's a "disgrace" that anyone might call out the fact that Director of National Intelligence James Clapper lied to Congress. He's argued that it's "slander" to call the NSA's activities "spying." And he's argued that Glenn Greenwald should be arrested and prosecuted for reporting on Snowden's leaks.
His latest, it seems, is in response to Senator Bernie Sanders' simple question to the NSA, about whether or not it was spying on Congress (I'll note that Sanders appears to use "spying" in the manner in which King has previously insisted was "slander"). King was asked about Sanders' question, and argued that the NSA should be spying on Congress because they might be "talking to an al-Qaeda leader."
Specifically, after a very leading question from the Fox News reporter, King says:
I think members of Congress should be treated the same as everyone else. If a member of Congress is talking to an Al Qaeda leader in Iraq or Afghanistan, why should that member of Congress be any different from any person on the street?
While that might sound ridiculous at first, I guess if any member of Congress knows about talking to terrorist leaders, it would be Rep. Peter King. As we've pointed out multiple times, King was a very big supporter of a known terrorist group, the IRA, back in the 80s, supporting the group that was known for bombing a shopping center, killing six and injuring 90.
King goes on with this whopper:
What they're trying to suggest is that somehow the NSA is spying on members of Congress. They're not spying on anyone.
Anyone? Really? They're clearly spying on lots and lots of people, because that's the NSA's job. King goes on to pretend, again, that metadata is no big deal since it just shows phone numbers. So, I'm curious, will Rep. Peter King release his own phone records for the last year? After all, it's no big deal. Just the phone numbers he called, the times he called and how long he was on call. Just like the info the NSA collects, and which King insists is not secret.
While the ACLU may have lost (for now, though it will appeal) its case concerning the legality of the NSA's use of Section 215 of the PATRIOT Act to scoop up all metadata on every phone call, that's clearly not stopping the organization from challenging the government's surveillance efforts. The ACLU has filed a new lawsuit, which is technically in response to a rejected Freedom of Information Act request for info on Executive Order 12333.
As we've mentioned in the past, while so much focus on the NSA's activities have been directed at things like FISA and the PATRIOT Act, those only cover surveillance of "US persons." So much of what the NSA is doing is targeted at people abroad, and for that, those US laws don't apply. Instead, nearly all of it comes from Executive Order 12333. And, while US courts have no jurisdiction over people abroad, what more and more people are recognizing, is that the NSA is using its (even broader) powers under EO 12333 to collect tons of information on people both abroad and in the US.
Although EO 12,333 permits the government to target foreigners abroad for surveillance, recent revelations have confirmed that the government interprets that authority to permit sweeping monitoring of Americans' international communications. How the government conducts this surveillance, and whether it appropriately accommodates the constitutional rights of American citizens and residents whose communications are intercepted in the course of that surveillance, are matters of great public significance and concern. While the government has released several documents describing the rules that govern its collection and use of Americans' international communications under statutory authorities regulating surveillance on U.S. soil, little information is publicly available regarding the rules that apply to surveillance of Americans' international calls and emails under EO 12,333.
That gap in public knowledge is particularly troubling in light of recent revelations, which make clear that the NSA is collecting vast quantities of data worldwide pursuant to EO 12,333. For instance, recent news reports indicate that, relying on the executive order, the NSA is collecting: nearly 5 billion records per day on the location of cell phones, including Americans' cell phones; hundreds of millions of contact lists or address books from personal email and instant messaging accounts; and information from Google and Yahoo user accounts as that information travels between those companies' data centers located abroad.
This is quite important for a variety of reasons, including that nearly every rationale given by the NSA and its defenders for surveillance programs under Section 215 of the PATRIOT Act and Section 702 of the FISA Amendments Act simply doesn't apply to surveillance done under EO 12333. Claims such as that the surveillance has oversight from all three branches of government? That's not true at all -- not even in the fake-oversight way that there's "official" oversight of the US-focused programs. Claims that the courts have tested these programs? Again, not so. The FISA Court has no authority over the programs that are technically under EO 12333. Basically, it's fair game -- and since it's now obvious that these programs are collecting data on Americans, the ACLU is making the fairly strong argument that there needs to be some legal analysis -- and, as a starting point, the government should reveal its own basis for these programs.
from the like-they-don't-have-a-history-of-abuses? dept
For all the focus on the NSA of late, a few folks have been trying to remind everyone that the FBI is heavily involved in all of this and, in many ways, has an equally bad if not worse record in abusing the rights of Americans. Many of the programs discussed were to retrieve information by the FBI or the NSA, and it turns out that the FBI often does much of the dirty work for the NSA, including interfacing with various companies to get access to data. We'd mentioned recently how the FBI was pushing tech companies to install "port readers" at both telco and tech companies (though, many tech firms were resisting), and also that the FBI had been ramping up their use of malware.
Shane Harris, over at Foreign Policy has a nice profile on the FBI's Data Intercept Technology Unit, or DITU, who handles most of this work. It repeats the story of the port readers, but adds how the DITU is often the unit that works with tech companies and then passes info along to the NSA -- so some companies don't even realize they're dealing with the NSA, believing it's just via the FBI (not that this would make things any better). It also notes that the DITU tends to be made up of a lot of ex-telco guys who know very specifically how the telco networks work, something that at least some people at the telcos may be uncomfortable with the government knowing (though, again, the telcos seem much more willing to open up to the government than the tech companies).
It's an interesting profile all around, but at the end it gets even more interesting, as an ex-law enforcement source that Harris talks to highlights that without investigating what the DITU is up to, Congress' exploration of what's going on will be very incomplete.
The former law enforcement official said Holder and Mueller should have offered testimony and explained how the FBI works with the NSA. He was concerned by reports that the NSA had not been adhering to its own minimization procedures, which the Justice Department and the FBI review and vouch for when submitting requests to the Foreign Intelligence Surveillance Court.
"Where they hadn't done what was represented to the court, that's unforgivable. That's where I got sick to my stomach," the former law enforcement official said. "The government's position is, we go to the court, apply the law -- it's all approved. That makes for a good story until you find out what was approved wasn't actually what was done."
That makes it sound like even more bad behavior is going to be revealed eventually...
We recently wrote about how Kurt Eichenwald's bizarre and irrational deference to his friends in the security state led him to claim that Ed Snowden is a Chinese spy, whose work was specifically designed to aid China in its attempts to attack the internet. The level of cognitive dissonance to make such an argument is quite stunning. Thankfully, most people seemed to see right through the insanity. In the meantime, over at The Guardian, John Kampfner has what might be considered the much more accurate version of the same story. It notes how the knowledge of the NSA's activities have played right into Russia and China's hands concerning their efforts to gain greater control over the internet:
Slowly but surely governance of the internet is moving from the existing mishmash of institutions and into the hands of national governments. The Chinese call this "cyber autonomy".
Authoritarian regimes are showing ever-greater confidence in restricting information, filtering, blocking, monitoring and punishing anyone who steps over the mark.
And, yes, the knowledge of what the US is doing is giving the Chinese, Russians and plenty of others greater confidence to push for their own agenda. Amazingly, and in a sad statement on the state of the US government today, the report notes that a Chinese official recently argued:
At the recent IGF in Indonesia the Chinese were, for the first time, out in force. One "expert" offered to explain to a US state department official why US human rights standards are not up to scratch and how China could help.
This is, certainly, all just political posturing from a country that has a dreadful human rights record, but as we've noted plenty of times, the loss of any semblance of a moral high ground by the US on human rights has serious consequences. But unlike Eichenwald, Kampfner doesn't blame the messenger. Instead he puts the blame squarely where it belongs -- on the US government for its activities.
American dominance of the internet is being challenged on several fronts. The Obama administration and its spooks only have themselves to blame.
Except, of course, they're using compliant mouthpieces like Eichenwald to, instead, try to blame the messenger. Nothing is going to get fixed here until the current leadership either takes responsibility or is replaced in office by those who will take responsibility.
Over the past several months, the Obama Administration has defended the government's far-reaching data collection efforts, arguing that only criminals and terrorists need worry. The nation's leading internet and telecommunications companies have said they are committed to the sanctity of their customers' privacy.
I have some very personal reasons to doubt those assurances.
In 2004, my telephone records as well as those of another New York Times reporter and two reporters from the Washington Post, were obtained by federal agents assigned to investigate a leak of classified information. What happened next says a lot about what happens when the government's privacy protections collide with the day-to-day realities of global surveillance.
The story begins in 2003 when I wrote an article about the killing of two American teachers in West Papua, a remote region of Indonesia where Freeport-McMoRan operates one of the world's largest copper and gold mines. The Indonesian government and Freeport blamed the killings on a separatist group, the Free Papua Movement, which had been fighting a low-level guerrilla war for several decades.
I opened my article with this sentence: "Bush Administration officials have determined that Indonesian soldiers carried out a deadly ambush that killed two American teachers."
I also reported that two FBI agents had travelled to Indonesia to assist in the inquiry and quoted a "senior administration official" as saying there "was no question there was a military involvement.''
The story prompted a leak investigation. The FBI sought to obtain my phone records and those of Jane Perlez, the Times bureau chief in Indonesia and my wife. They also went after the records of the Washington Post reporters in Indonesia who had published the first reports about the Indonesian government's involvement in the killings.
As part of its investigation, the FBI asked for help from what is described in a subsequent government report as an "on-site communications service" provider. The report, by the Department of Justice's Inspector General, offers only the vaguest description of this key player, calling it "Company A.''
"We do not identify the specific companies because the identities of the specific providers who were under contract with the FBI for specific services are classified,'' the report explained.
Whoever they were, Company A had some impressive powers. Through some means – the report is silent on how – Company A obtained records of calls made on Indonesian cell phones and landlines by the Times and Post reporters. The records showed whom we called, when and for how long -- what has now become famous as "metadata."
Under DOJ rules, the FBI investigators were required to ask the Attorney General to approve a grand jury subpoena before requesting records of reporters' calls. But that's not what happened.
Instead, the bureau sent Company A what is known as an "exigent letter'' asking for the metadata.
A heavily redacted version of the DOJ report, released in 2010, noted that exigent letters are supposed to be used in extreme circumstances where there is no time to ask a judge to issue a subpoena. The report found nothing "exigent'' in an investigation of several three-year-old newspaper stories.
The need for an exigent letter suggests two things about Company A. First, that it was an American firm subject to American laws. Second, that it had come to possess my records through lawful means and needed legal justification to turn them over to the government.
The report disclosed that the agents' use of the exigent letter was choreographed by the company and the bureau. It said the FBI agent drafting the letter received "guidance" from "a Company A analyst.'' According to the report, lawyers for Company A and the bureau worked together to develop the approach.
Not surprisingly, "Company A" quickly responded to the letter it helped write. In fact, it was particularly generous, supplying the FBI with records covering a 22-month period, even though the bureau's investigation was limited to a seven-month period. Altogether, "Company A" gave the FBI metadata on 1,627 calls by me and the other reporters.
Only three calls were within the seven-month window of phone conversations investigators had decided to review.
It doesn't end there.
The DOJ report asserts that "the FBI made no investigative use of the reporters' telephone records." But I don't believe that is accurate.
In 2007, I heard rumblings that the leak investigation was focusing on a diplomat named Steve Mull, who was the deputy chief of mission in Indonesia at the time of the killings. I had known Mull when he was a political officer in Poland and I was posted there in the early 1990s. He is a person of great integrity and a dedicated public servant.
The DOJ asked to interview me. Of course, I would not agree to help law enforcement officials identify my anonymous sources. But I was troubled because I felt an honorable public servant had been forced to spend money on lawyers to fend off a charge that was untrue. After considerable internal debate, I decided to talk to the DOJ for the limited purpose of clearing Mull.
It was not a decision I could make unilaterally. The Times also had a stake in this. If I allowed myself to be interviewed, how could the Times say no the next time the government wanted to question a Times reporter about a leak?
The Times lawyer handling this was George Freeman, a journalist's lawyer, a man Times reporters liked having in their corner. George and the DOJ lawyers began to negotiate over my interview. Eventually, we agreed that I would speak on two conditions: one, that they could not ask me for the name of my source; and two, if they asked me if it was ‘X,' and I said no, they could not then start going through other names.
Freeman and I sat across a table from two DOJ lawyers. I'm a lawyer, and prided myself on being able to answer their questions with ease, never having to turn to Freeman for advice.
Until that is, one of the lawyers took a sheaf of papers that were just off to his right, and began asking me about phone calls I made to Mull. One call was for 19 minutes, the DOJ lawyer said, giving me the date and time. I asked for a break to consult with Freeman.
We came back, and answered questions about the phone calls. I said that I couldn't remember what these calls were about – it had been more than four years earlier – but that Mull had not given me any information about the killings. Per our agreement, the DOJ lawyers did not ask further questions about my sources, and the interview ended.
I didn't know how the DOJ had gotten my phone records, but assumed the Indonesian government had provided them. Then, about a year later, I received a letter from the FBI's general counsel, Valerie Caproni who wrote that my phone records had been taken from "certain databases" under the authority of an "exigent letter,'' (a term I had never heard).
Caproni sent similar letters to Perlez, to the Washington Post reporters, and to the executive editors of the Post and the Times, Leonard Downie and Bill Keller, respectively. In addition, FBI Director Robert Mueller called Downie and Keller, according to the report.
Caproni wrote that the records had not been seen by anyone other than the agent requesting them and that they had been expunged from all databases.
I'm uneasy because the DOJ report makes clear that the FBI is still concealing some aspect of this incident. After describing Caproni's letters, the report says: "However, the FBI did not disclose to the reporters or their editors that [BLACKED OUT]." The thick black lines obliterate what appear to be several sentences.
If you were to ask senior intelligence officials whether I should wonder about those deletions, they'd probably say no.
I'm not so sure.
The government learned extensive details about my personal and professional life. Most of those calls were about other stories I was writing. Some were undoubtedly to arrange my golf game with the Australian ambassador. Is he now under suspicion? The report says the data has been destroyed and that only two analysts ever looked at it.
But who is this 'Company A" that willingly cooperated with the government? Why was it working hand in glove with the FBI? And what did the FBI director not tell the editors of the Times and the Washington Post when he called them acknowledging the government had improperly obtained reporter's records?
You may recall that it came out last year that the New Zealand equivalent of the NSA, the GCSB, illegally spied on Kim Dotcom (oh, and dozens of others), possibly with the help of the NSA, despite not being allowed to spy on those in New Zealand.
An investigation by the police has agreed that the GCSB clearly broke the law... but the police have said that they don't plan to prosecute the spy agency. Because, you know, that might hold them accountable. Now, at least, the GCSB knows that it can abuse the law at will with no punishment.
Instead, it appears that the excuse being used by the police is the same one we've been hearing from NSA defenders: because these abuses weren't intentional, they can be ignored:
Today, Detective Superintendent Peter Read told a media conference that in spite of the GCSB committing one breach under the provisions of the Crimes Act, no criminal "intent" by the GCSB could be established.
I'm not sure that actually makes sense. Yes, when it comes to criminal activity, intent can be important in determining if it's actually criminal, but there's little doubt that the GCSB intentionally spied on Dotcom. It wouldn't have taken very much at all to recognize that Dotcom was a resident of New Zealand who GCSB is forbidden from surveilling. So it seems like the intent was pretty clear.
There are lots of people digging through the latest Ed Snowden leaks concerning the black budget for intelligence activities in the US trying to pick out various nuggets. Over at Wired, Kevin Poulsen has found one of the most interesting tidbits, highlighting how James Clapper cheers on the "groundbreaking cryptanalytic capabilities to defeat adversarial cryptofgraphy and exploit internet traffic." In short, the NSA has gotten pretty good at breaking encrypted communications. Encryption is a strong protector, but can be broken -- and that's always been a part of the NSA's mission: code-breaking. But, there have long been questions about to what level the NSA can break today's popular encryption standards. What today's leaks show is that they're apparently pretty successful and are spending more and more money on it:
The pie chart above? That's $11 billion and it employes 35,000 people. Breaking your encryption. As Poulsen notes, James Bamford (who has followed the NSA closely for years) revealed last year that the NSA had recently made an "enormous breakthrough" in cryptanalysis, and this should raise some questions about just how secure various forms of encryption really are today.
Over the weekend, Der Spiegel broke the somewhat unsurprising news that the NSA had bugged the UN and various EU embassies in the US and had hacked into the UN's videoconferencing software to be able to get access to such calls. On a first pass, this isn't all that surprising. As we noted with some earlier leaks, spying on foreign diplomats is just something that countries do. Spying on foreign government officials is very different than spying on the public. Of course, since the NSA insists that it does everything to avoid intercepting communications of people inside the US, I wondered how they could make that claim while directly tapping conference calls from the UN in NY. The answer is likely to be yet another classic NSA twisting of the words to find a loophole. While the UN headquarters are in NYC, "technically" the headquarters are outside of the US and in the control of the UN itself, but with an agreement that it abides by all local laws. This is similar to embassies, which are often treated as if they are the territory of the country that uses them. I'm wondering if the NSA is using that to argue these are fair game, since they're "outside" the US.
There's also the issue, as noted in the article, that President Obama has insisted that the spying on people was only done to prevent terrorism -- and spying on EU diplomats seems unlikely to have anything to do with terrorism prevention. But, again, spying between government officials is kind of expected, and not quite a huge deal, even if it may present a diplomatic problem for the US.
Much more interesting to me, however, is the snippet claiming that the NSA had figured out how to hack into the UN's video conferencing software, allowing them to record internal video conferences. In fact, after this was cracked just a year ago, a document was sent around, "celebrating" this:
Furthermore, NSA technicians working for the Blarney program have managed to decrypt the UN's internal video teleconferencing (VTC) system. The combination of this new access to the UN and the cracked encryption code have led to "a dramatic improvement in VTC data quality and (the) ability to decrypt the VTC traffic," the NSA agents noted with great satisfaction: "This traffic is getting us internal UN VTCs (yay!)." Within just under three weeks, the number of decrypted communications increased from 12 to 458.
Yay! We can spy on more things! Yay! Either way, I'm curious if anyone knows who provides the UN's video conferencing technology, because that's now a much more interesting issue. The suggestion being made that the NSA "cracked" the encryption that was being used could have much wider implications if true -- so it would be nice to know what kind of encryption, and what sort of system is being used. Either way, I'm guessing that many in the UN will be seeking out alternative communication methods shortly.
And, here we go again. This time, it's the WSJ journal with the scoop on NSA surveillance, and how the defenders of the NSA have been lying to us. Despite claims that the NSA was really only focused on foreign communications, the WSJ is reporting that it actually covers 75% of US internet traffic:
The National Security Agency—which possesses only limited legal authority to spy on U.S. citizens—has built a surveillance network that covers more Americans' Internet communications than officials have publicly disclosed, current and former officials say.
The system has the capacity to reach roughly 75% of all U.S. Internet traffic in the hunt for foreign intelligence, including a wide array of communications by foreigners and Americans. In some cases, it retains the written content of emails sent between citizens within the U.S. and also filters domestic phone calls made with Internet technology, these people say.
Basically, they're just revealing more details about the things that whistleblower Mark Klein revealed years ago: that the NSA has deals with the major telcos which scoop up a huge amount of internet traffic.
The programs, code-named Blarney, Fairview, Oakstar, Lithium and Stormbrew, among others, filter and gather information at major telecommunications companies. Blarney, for instance, was established with AT&T Inc., former officials say. AT&T declined to comment.
This filtering takes place at more than a dozen locations at major Internet junctions in the U.S., officials say.
The WSJ report is wrong on one account, though. It claims that people believed that the NSA's filtering actually happened "where undersea or other foreign cables enter the country" but that's not true. Mark Klein made it clear that the NSA had machines directly on AT&T's property.
And, of course, it will come as no surprise that these programs that work directly with telcos to tap into full internet traffic aren't just about metadata:
...this set of programs shows the NSA has the capability to track almost anything that happens online, so long as it is covered by a broad court order.
[....] Inevitably, officials say, some U.S. Internet communications are scanned and intercepted, including both "metadata" about communications, such as the "to" and "from" lines in an email, and the contents of the communications themselves.
This also shouldn't be a surprise. For all the talk of "metadata" it was always clear that the surveillance defenders were talking about this program only, which was the Patriot Act Section 215 "business records" program. But other programs, such as these listed above, were clearly about actual content as well.
While the report does note that some "minimization" happens, there is clearly widespread ability to abuse. The system works by having the NSA telling the telcos to only send over certain traffic covering "certain areas of interest" which the NSA then "briefly copies" and decides what to keep and what to dump. Again, this is consistent with earlier reports of the NSA searching all emails that go into and out of the US.
The latest report is, again, replete with NSA doublespeak. It claims that it's not "accessing" all of this traffic, because it asks the telcos to do some of the filtering for it. That's how it gets away with talking about "things we actually touch," even though its deals with the telcos basically mean they can access almost everything.
The WSJ further reports that, while most of the requests are targeted towards foreign communications, there are times when it's quite clear that requests are likely to cover domestic communications. Some telcos apparently push back, causing "friction", while others seem to comply with no qualms, though there is no indication of which telcos fall into which camp.
The report further confirms that this program is considered "legal" by the administration thanks to a broad interpretation of the FISA Amendments Act, giving the NSA the power to snoop on people "reasonably believed" to be outside the US, rather than requiring "probable cause" that they were "an agent of a foreign power." Also, there's this:
NSA has discretion on setting its filters, and the system relies significantly on self-policing. This can result in improper collection that continues for years.
The report also claims that it was one of these "mistakes" that resulted in three years of illegal collections (much greater than the "few months" that were revealed in last week's Washington Post article).
And now we wait for another bunch of carefully worded statements from NSA defenders...