NSA Call Monitoring Activities

[a1bion]

By now, I'm sure you've heard about this story that hit the wires today:

The National Security Agency is currently collecting the telephone records of millions of US customers of Verizon, one of America's largest telecoms providers, under a top secret court order issued in April.

The order, a copy of which has been obtained by the Guardian, requires Verizon on an "ongoing, daily basis" to give the NSA information on all telephone calls in its systems, both within the US and between the US and other countries.

The document shows for the first time that under the Obama administration the communication records of millions of US citizens are being collected indiscriminately and in bulk – regardless of whether they are suspected of any wrongdoing.

http://www.guardian.co.uk/world/2013/ju ... P osition1

This is a subject I've been interested in for some time now ever since reading about the existence of the NSA's Echelon program way back in probably around 2000 or so. The media reports I saw today act all surprised about this story. They shouldn't be, but that really speaks to the lack of quality in U.S. reporting based out of the Beltway. So my first response to this story was:

1. No surprise this was reported by American reporters writing for a British publication. The Beltway based media are too fucking lazy to bother with a story like this. Gossip is far easier and fun.

2. No surprise that this program exists. And that's unfortunate on my part, because it kinda shows my cynicism. I was opposed to the Orwellian named Patriot Act being passed when it did, because I thought it was an emotional reaction to the 9/11 attacks which ceded a ton of power to the executive branch without thinking through the long term consequences of doing so. I saw today where one of the authors of the Patriot Act, Jim Sensenbrenner, claimed he never thought that his law would allow for something like this, to which I say, you're either a liar or an idiot. It was perfectly foreseeable. The problem with giveaways like this is that they become institutionalized within the defense and intelligence agencies and that becomes very hard to change. This is what Eisenhower was warning about when it comes to the military-industrial complex. Obama may have sincerely believed he could change this kind of shit when he became president, and I have no reason to doubt that, but when any president comes into office, these entrenched interests are going to push back to maintain their ongoing programs.

3. Just sort of turning this over in my head today, this collection of metadata seems like an overreach in a lot of ways, but then again, having done a lot of research into how data mining gets utilized, who knows. I was reading something awhile back about hedge funds that use high frequency trading algorithms to identify trading patterns to try and make money off of. The fund specifically was Renaissance Technologies. These guys hired a number of people who's specialty was voice recognition technology, which is weird when you think about it at first, but not so much, since that field is about recognizing patterns then trying to teach artificial intelligence algos how to anticipate what is coming next based on past observations. So transferring that kind of activities over to other data mining activities, the possibilities are mind boggling.

I find all this stuff disturbing, but as we become a society more dependent on networks and data analysis, maybe I should be less surprised. That Skynet shit is coming!

[DocZaius]

I agree with everything you just wrote. I get the feeling that this has been going on for years (Echelon dates back to the nineties at least).

Disturbing stuff but the media and public just yawn.

[a1bion]

Yeah, I learned about Echelon in either the late 90's or around 2000 from an article in Wired and follow up reports from the Federation of American Scientists. Keep in mind that, relatively speaking, the public's access to the internet was still a pretty new thing then. I remember using my first web browser (Netscape) around 1995 or so.

There's some new reports about this that I haven't had time to sit down and read. But I did hear something interesting on Bloomberg this morning. They were interviewing Richard Falkenrath, who worked at Homeland Security and knows this stuff pretty well. They asked him if he could recall a leak of this significance and he said that it was comparable to a leak in 2005 about a program that was set up to do the same thing as what's been reported here, but without Congressional authorization or FISA court approval. All the reports I've read about this NSA program mention that it's been in existence for seven years. Well, what Falkenrath is saying, then, is that this program has been around longer than that, but has only had legal signoffs on it for seven years. And I'm no lawyer, but I still find that legal framework--secret Congressional briefings, the FISA court--to be I don't know...maybe troubling is the word I want.

[DocZaius]

http://talkingpointsmemo.com/news/us-de ... etails.php

“I’m a Verizon customer. I could care less if they’re looking at my phone records. … If you’re not getting a call from a terrorist organization, you got nothing to worry about,” said Sen. Lindsey Graham, R-S.C.

O RLY? Well, let's see them then. You don't mind if I just take a peek at your phone records, e-mails or browsing history, do you, Senator? Seriously, I really hate the "if you don't have anything to hide, you don't have anything to worry about" argument.

And yeah, I'm nominally grateful that the FISA court oversees the warrants to get this information, but who oversees the court? There's no remedy for review of the court's decision, and that's particularly troubling when you look at the numbers, which show that the court is virtually a rubber-stamp for unlimited surveillance.

[a1bion]

Yeah, I rolled my eyes when I saw that quote from Graham with its implied condescension.

I was thinking through what Falkenrath said this morning and I was reminded that it was around that time frame that a whistleblower from AT&T came forward and claimed to have witnessed the NSA operating monitoring machinery at the AT&T data centers in San Francisco. The Electronic Frontier Foundation filed a lawsuit against the NSA based on his claims in 2006 and Congress moved to provide legal cover for such activity the following year. That time line makes sense, but it's just a guess on my part. It wasn't covered in the MSM at the time that I remember, but Wired covered it as did some of the blogs.

How Congress framed the law is a little troubling, as well, but like I said, I'm not a lawyer so I don't want to talk out of my ass here. Doc, you can comment on this stuff better than I can. I want to address this here before talking about the PRISM program that has been revealed, because the way Congress wrote this thing just seems to allow all kinds of leeway:

There are, as you might expect, filters in place to help handle the fire hose of data that comes through daily, the trillions of bits and bytes that make up our online identities and lives. Something to ensure that only the bad guys are being tracked and not honest, everyday citizens. Actually, there's one filter, and it's ridiculous: an NSA analyst has to have "51 percent" confidence that a subject is "foreign." After that, it's carte blanche.

(...)

A little bit of history might be helpful for context. Back in 2007, mounting public pressure forced the Bush administration to abandon the warrantless surveillance program it had initiated in 2001. Well, abandon might be too strong a word. What the administration actually did was to find it a new home.

The Protect America Act of 2007 made it possible for targets to be electronically surveilled without a warrant if they were "reasonably believed" to be foreign. That's where that 51% comes in. It was followed by the 2008 FISA Amendments Act, which immunized companies from legal harm for collaborating handing information over to the government. And that's the one-two punch that gives PRISM full legal standing.

http://gizmodo.com/what-is-prism-511875267

To me, those standards just seem so expansive as to allow the NSA to justify most anything they want to take a look at.

[DocZaius]

You're absolutely right - it's an incredibly lax standard and one that is operating without apparent oversight.

As I was typing this reply, I noticed the "Similar Threads" box below that had this post by annarborgator, in which I foolishly commented:

[QUOTE=DocZaius]I fail to see how even the NSA had the manpower or computing power to monitor ALL communications.

I'm sure they are able to monitor anyone they choose to target, but come on. Logistically, it's just not possible.[/QUOTE]

Mea culpa.

[a1bion]

Now on to PRISM:

The National Security Agency has obtained direct access to the systems of Google, Facebook, Apple and other US internet giants, according to a top secret document obtained by the Guardian.

The NSA access is part of a previously undisclosed program called PRISM, which allows officials to collect material including search history, the content of emails, file transfers and live chats, the document says.

The Guardian has verified the authenticity of the document, a 41-slide PowerPoint presentation – classified as top secret with no distribution to foreign allies – which was apparently used to train intelligence operatives on the capabilities of the program. The document claims "collection directly from the servers" of major US service providers.

Thinking through this, a lot of those companies named already doing their own data mining on you in order to sell you stuff. So being able to data mine their data mining is kind of mind blowing when you think about it. Now to the point of how the FISA court has become a rubber stamp, this jumped out at me:

The presentation claims PRISM was introduced to overcome what the NSA regarded as shortcomings of Fisa warrants in tracking suspected foreign terrorists. It noted that the US has a "home-field advantage" due to housing much of the internet's architecture. But the presentation claimed "Fisa constraints restricted our home-field advantage" because Fisa required individual warrants and confirmations that both the sender and receiver of a communication were outside the US.

"Fisa was broken because it provided privacy protections to people who were not entitled to them," the presentation claimed. "It took a Fisa court order to collect on foreigners overseas who were communicating with other foreigners overseas simply because the government was collecting off a wire in the United States. There were too many email accounts to be practical to seek Fisas for all."

The new measures introduced in the FAA redefines "electronic surveillance" to exclude anyone "reasonably believed" to be outside the USA – a technical change which reduces the bar to initiating surveillance.

The act also gives the director of national intelligence and the attorney general power to permit obtaining intelligence information, and indemnifies internet companies against any actions arising as a result of co-operating with authorities' requests.

In short, where previously the NSA needed individual authorisations, and confirmation that all parties were outside the USA, they now need only reasonable suspicion that one of the parties was outside the country at the time of the records were collected by the NSA.

http://www.guardian.co.uk/world/2013/ju ... ni=Network

That part is astounding to me. The guidelines set up by Congress seem to me to be incredibly broad and the FISA Court seems pretty reliable on signing off on requests, but they still went completely around all of that. I'll add more later, because I've been thinking through all of this.

[a1bion]

This story just makes everything more interesting:

No one knows what Palantir—named after a magical rock in Lord of The Rings that granted remote vision—exactly does. But we know enough to know it's not just another California startup. The secretive data-mining company works directly with the American government, has a product named "Prism," and some very close ties to Facebook, one of the NSA's top targets.

Palantir says it sells "software that allows organizations to make sense of massive amounts of disparate data," for purposes including "combating terrorism," and offers to bring "Silicon Valley to your doorstep." It's enjoyed early investments from the CIA, which might have something to do with its current napkin-valuation of around $5 billion, and now employs former top spooks like Michael Leiter. Palantir also happens to sell software called "Prism," which shares its namesake with an NSA spy program that also aims to bring Silicon Valley to snoop doorsteps around the Beltway. Palantir's Prism, according to a handy user manual published on TPM, "is a software component that lets you quickly integrate external databases"—exactly the kind of action that the NSA allegedly makes use of to suck up your Facebook browsing, Gmail inbox, and Google searches in realtime.

Coincidentally (!), the government loves Palantir, and spends millions to use its software, according to federal contract data. The Department of Defense—which operates the NSA—has been pumping money into Palantir from 2009 to as recently as spring of this year. It's also something of an eyebrow-moving coincidence that 2009 marked the first year of Facebook's alleged participation in the NSA data-mill. Facebook and Palantir know each other.

Facebook, which used to be a neighbor—directly across the street—from Palantir, at 156 University Avenue in Palo Alto. Peter Thiel, who sits on Facebook's board of directors and has mentored Mark Zuckerberg for close to a decade, is a co-founder of Palantir—though that detail is omitted from his bio on the board's website. And as Facebook has spread into the brains of a billion users and completely saturated the United States, it's become one of the NSA's top targets via PRISM: Federal spies have “continued exponential growth in [surveillance] tasking to Facebook," says the Washington Post, and federal intel analysts enjoy "extensive search and surveillance capabilities against the variety of online social networking services.”

http://gawker.com/is-this-creepy-facebo ... -511895177

He notes that going through a third party company could provided plausible deniability for companies like Facebook. "Hey, we didn't work with the NSA. We worked with Palantir."

[DocZaius]

http://www.techdirt.com/articles/201306 ... t-us.shtml

"I, sitting at my desk, certainly had the authorities to wiretap anyone, from you, or your accountant, to a federal judge, to even the President if I had a personal email."

[a1bion]

Here's a good timeline on the NSA monitoring efforts: http://www.motherjones.com/politics/201 ... bush-obama

I was slightly off in my recollections. The New York Times reported the NSA was using warrant-less wiretaps in December of 2006. Mark Klein, the whistleblower at AT&T came forward in May of 2006 to report the NSA was monitoring the hubs at San Francisco. Interesting that a month after that, more AT&T workers came out to say that the NSA was also monitoring the hubs at St Louis.

So I've been trying to conceptualize how something like this might work, because something like this wouldn't just be like getting water from a firehose. This would be like multiples of firehoses. I figured it has to be some sort of algorithms that are sifting through the data, looking for patterns. I mentioned the hedge fund Renaissance Technologies before and I was trying to use what people think they do and what other quantitative high frequency trading funds do, because it also involves sifting through large amounts of data to attempt pattern recognition. I think Renaissance is an interesting way to frame the idea, because their founder, Jim Simon, is a mathematician who did important work on string theory and worked at one point for the Defense Department. Renaissance hires a lot of mathematicians with background in cryptography, code breaking, and pattern recognition as well.

This is from the book The Quants by Scott Patterson and it is admittedly a guess on how they work internally based on the backgrounds of people they've hired:

At first blush, speech recognition and investing would appear to have little in common. But beneath the surface, there are striking connections. Computer models designed to map human speech depend on historical data that mimic acoustic signals. To operate most efficiently, speech recognition program monitor the signals and, based on probability functions, try to guess what sound is coming next. The programs constantly make such guesses to keep up with the speaker.

Financial models are also made up of data strings. By glomming complex speech recognition models onto financial data, say a series of soybean prices, Renaissance can discern a range of probabilities for the future directions of prices. If the odds become favorable...if you have an edge...

So when I try to conceptualize what they're doing, it's a guess based on a guess along those lines. Sifting through that data, trying to discern patterns of behavior. Which could then lead back to who knows what? Which is where we run into all sorts of troubling possibilities. Certainly, laws regarding wiretapping need to be reviewed by Congress in a serious manner.

[a1bion]

Jane Mayer gets at this idea of sifting for pattern recognition in the New Yorker today as well.

Dianne Feinstein, a Democrat from liberal Northern California and the chairman of the Senate Select Committee on Intelligence, assured the public earlier today that the government’s secret snooping into the phone records of Americans was perfectly fine, because the information it obtained was only “meta,” meaning it excluded the actual content of the phone conversations, providing merely records, from a Verizon subsidiary, of who called whom when and from where. In addition, she said in a prepared statement, the “names of subscribers” were not included automatically in the metadata (though the numbers, surely, could be used to identify them). “Our courts have consistently recognized that there is no reasonable expectation of privacy in this type of metadata information and thus no search warrant is required to obtain it,” she said, adding that “any subsequent effort to obtain the content of an American’s communications would require a specific order from the FISA court.”

(...)

The answer, according to the mathematician and former Sun Microsystems engineer Susan Landau, whom I interviewed while reporting on the plight of the former N.S.A. whistleblower Thomas Drake and who is also the author of “Surveillance or Security?,” is that it’s worse than many might think.

“The public doesn’t understand,” she told me, speaking about so-called metadata. “It’s much more intrusive than content.” She explained that the government can learn immense amounts of proprietary information by studying “who you call, and who they call. If you can track that, you know exactly what is happening—you don’t need the content.”

But with each technological breakthrough comes a break-in to realms previously thought private. “It’s really valuable for law enforcement, but we have to update the wiretap laws,” Landau said.

It was exactly these concerns that motivated the mathematician William Binney, a former N.S.A. official who spoke to me for the Drake story, to retire rather than keep working for an agency he suspected had begun to violate Americans’ fundamental privacy rights. After 9/11, Binney told me, as I reported in the piece, General Michael Hayden, who was then director of the N.S.A., “reassured everyone that the N.S.A. didn’t put out dragnets, and that was true. It had no need—it was getting every fish in the sea.”

Binney, who considered himself a conservative, feared that the N.S.A.’s data-mining program was so extensive that it could help “create an Orwellian state.”

As he told me at the time, wiretap surveillance requires trained human operators, but data mining is an automated process, which means that the entire country can be watched. Conceivably, the government could “monitor the Tea Party, or reporters, whatever group or organization you want to target,” he said. “It’s exactly what the Founding Fathers never wanted.”

http://www.newyorker.com/online/blogs/n ... oblem.html

[a1bion]

Read this over the weekend. It's long, but good. Bamford has written about the NSA and other intelligence agencies for a long time, so he knows what he's talking about. He gets into some interesting issues that go beyond the call monitoring and more into NSA's other capabilities. I've thought about a lot of these issues ever since seeing 60 Minutes piece on Stuxnet a few years ago, where they raised the issues of target countries reverse engineering cyber attacks and using them against us. He also gets into some issues of the use of private contractors for national security issues (this is a pet peeve of mine) which are relevant since Snowden was actually a contractor.

One of the most secretive of these contractors is Endgame Systems, a startup backed by VCs including Kleiner Perkins Caufield & Byers, Bessemer Venture Partners, and Paladin Capital Group. Established in Atlanta in 2008, Endgame is transparently antitransparent. “We’ve been very careful not to have a public face on our company,” former vice president John M. Farrell wrote to a business associate in an email that appeared in a WikiLeaks dump. “We don’t ever want to see our name in a press release,” added founder Christopher Rouland. True to form, the company declined Wired’s interview requests.

Perhaps for good reason: According to news reports, Endgame is developing ways to break into Internet-connected devices through chinks in their antivirus armor. Like safecrackers listening to the click of tumblers through a stethoscope, the “vulnerability researchers” use an extensive array of digital tools to search for hidden weaknesses in commonly used programs and systems, such as Windows and Internet Explorer. And since no one else has ever discovered these unseen cracks, the manufacturers have never developed patches for them.

Thus, in the parlance of the trade, these vulnerabilities are known as “zero-day exploits,” because it has been zero days since they have been uncovered and fixed. They are the Achilles’ heel of the security business, says a former senior intelligence official involved with cyberwarfare. Those seeking to break into networks and computers are willing to pay millions of dollars to obtain them.

According to Defense News’ C4ISR Journal and Bloomberg Businessweek, Endgame also offers its intelligence clients—agencies like Cyber Command, the NSA, the CIA, and British intelligence—a unique map showing them exactly where their targets are located. Dubbed Bonesaw, the map displays the geolocation and digital address of basically every device connected to the Internet around the world, providing what’s called network situational awareness. The client locates a region on the password-protected web-based map, then picks a country and city— say, Beijing, China. Next the client types in the name of the target organization, such as the Ministry of Public Security’s No. 3 Research Institute, which is responsible for computer security—or simply enters its address, 6 Zhengyi Road. The map will then display what software is running on the computers inside the facility, what types of malware some may contain, and a menu of custom-designed exploits that can be used to secretly gain entry. It can also pinpoint those devices infected with malware, such as the Conficker worm, as well as networks turned into botnets and zombies— the equivalent of a back door left open.

Bonesaw also contains targeting data on US allies, and it is soon to be upgraded with a new version codenamed Velocity, according to C4ISR Journal. It will allow Endgame’s clients to observe in real time as hardware and software connected to the Internet around the world is added, removed, or changed. But such access doesn’t come cheap. One leaked report indicated that annual subscriptions could run as high as $2.5 million for 25 zero-day exploits.

The buying and using of such a subscription by nation-states could be seen as an act of war. “If you are engaged in reconnaissance on an adversary’s systems, you are laying the electronic battlefield and preparing to use it,” wrote Mike Jacobs, a former NSA director for information assurance, in a McAfee report on cyberwarfare. “In my opinion, these activities constitute acts of war, or at least a prelude to future acts of war.” The question is, who else is on the secretive company’s client list? Because there is as of yet no oversight or regulation of the cyberweapons trade, companies in the cyber-industrial complex are free to sell to whomever they wish. “It should be illegal,” says the former senior intelligence official involved in cyber*warfare. “I knew about Endgame when I was in intelligence. The intelligence community didn’t like it, but they’re the largest consumer of that business.”

Thus, in their willingness to pay top dollar for more and better zero-day exploits, the spy agencies are helping drive a lucrative, dangerous, and unregulated cyber arms race, one that has developed its own gray and black markets. The companies trading in this arena can sell their wares to the highest bidder—be they frontmen for criminal hacking groups or terrorist organizations or countries that bankroll terrorists, such as Iran. Ironically, having helped create the market in zero-day exploits and then having launched the world into the era of cyberwar, Alexander now says the possibility of zero-day exploits falling into the wrong hands is his “greatest worry.”

http://www.wired.com/threatlevel/2013/0 ... erwar/all/

[DocZaius]

Good information.

[rock8591]

I'm going to throw napalm and rattle the sabres...

I do not believe that there is anything wrong (morally and biblically) to wiretapping.

If a peeping tom goes on your property to look through windows, one can claim that there is an unauthorized individual or trespasser on the property, where he is not invited to be. If he is standing across the street looking at you naked, while you leave your window open, that is your fault for being naked and not taking proper steps to secure your privacy, not his fault for looking at the nuisance that you presented to him.

Just as I believe it is someone's right to listen to my phone calls, it is equally my right to encrypt and secure my communications so that he cannot listen in.

[a1bion]

This is a pretty good article. To me, there's not a lot of new ground broken, but I've been following this stuff for a long time as a side interest. Nice to see some reporters starting to put some of this info together, nonetheless.

A close reading of Mr. Snowden’s documents shows the extent to which the eavesdropping agency now has two new roles: It is a data cruncher, with an appetite to sweep up, and hold for years, a staggering variety of information. And it is an intelligence force armed with cyberweapons, assigned not just to monitor foreign computers but also, if necessary, to attack.

After the 2001 terrorist attacks, the documents suggest, the N.S.A. decided it was too risky to wait for leads on specific suspects before going after relevant phone and Internet records. So it followed the example of the hoarder who justifies stacks of paper because someday, somehow, a single page could prove vitally important.

The agency began amassing databases of “metadata” — logs of all telephone calls collected from the major carriers and similar data on e-mail traffic. The e-mail program was halted in 2011, though it appears possible that the same data is now gathered in some other way.

The documents show that America’s phone and Internet companies grew leery of N.S.A. demands as the years passed after 9/11, fearing that customers might be angry to find out their records were shared with the government. More and more, the companies’ lawyers insisted on legal orders to compel them to comply.

So the N.S.A. came up with a solution: store the data itself. That is evidently what gave birth to a vast data storage center that the N.S.A. is building in Utah, exploiting the declining cost of storage and the advance of sophisticated search software.

Those huge databases were once called “bit buckets” in the industry — collections of electronic bits waiting to be sifted. “They park stuff in storage in the hopes that they will eventually have time to get to it,” said James Lewis, a cyberexpert at the Center for Strategic and International Studies, “or that they’ll find something that they need to go back and look for in the masses of data.” But, he added, “most of it sits and is never looked at by anyone.”

Indeed, an obscure passage in one of the Snowden documents — rules for collecting Internet data that the Obama administration wrote in secret in 2009 and that the Foreign Intelligence Surveillance Court approved — suggested that the government was concerned about its ability to process all the data it was collecting. So it got the court to approve an exception allowing the government to hold on to that information if it could not keep up. The rules said that “the communications that may be retained” for up to five years “include electronic communications acquired because of the limitation on the N.S.A.’s ability to filter communications.”

As one private expert who sometimes advises the N.S.A. on this technology put it: “This means that if you can’t desalinate all the seawater at once, you get to hold on to the ocean until you figure it out.”

(...)

And a secret presidential directive on cyberactivities unveiled by Mr. Snowden — discussing the primary new task of the N.S.A. and its military counterpart, Cyber Command — makes clear that when the agency’s technicians probe for vulnerabilities to collect intelligence, they also study foreign communications and computer systems to identify potential targets for a future cyberwar.

Infrastructure analysts like Mr. Snowden, in other words, are not just looking for electronic back doors into Chinese computers or Iranian mobile networks to steal secrets. They have a new double purpose: building a target list in case American leaders in a future conflict want to wipe out the computers’ hard drives or shut down the phone system.

http://www.nytimes.com/2013/07/01/us/jo ... =all&_r=1&

Read the whole thing. It's interesting. The reporters act a little over surprised, though, that the NSA is also engaging in offensive cyber capabilities. That's been obvious to me since the Stuxnet worm was revealed. Even from the 60 Minutes report on it a few years ago or follow up articles on it, it was obvious that was a show of their offensive capabilities. Credit where credit is due, Stuxnet was clever as hell. They had to do some old fashioned intel work to get info on how Iran's network infrastructure was set up. Then Stuxnet was written to where it could infect pretty much any computer and run a series of yes/no questions to determine where it was on the internet. If it wasn't on the Iranian network, it disabled itself but could still be transmitted. Once it made it's way into the Iranian network, it went to work fucking shit up.

Once another government is aware of that type of thing and can start reverse engineering that, we're in a whole new world however. There's all kinds of crazy shit out there about the Chinese hackers they have in their military and how they work, trying to penetrate government and industrial networks. No different from the work the NSA is doing. This is, literally, our new arms race.