FAIR USE NOTICE

FAIR USE NOTICE

A BEAR MARKET ECONOMICS BLOG


This site may contain copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available in an effort to advance understanding of environmental, political, human rights, economic, democracy, scientific, and social justice issues, etc. we believe this constitutes a ‘fair use’ of any such copyrighted material as provided for in section 107 of the US Copyright Law.

In accordance with Title 17 U.S.C. Section 107, the material on this site is distributed without profit to those who have expressed a prior interest in receiving the included information for research and educational purposes. For more information go to: http://www.law.cornell.edu/uscode/17/107.shtml

If you wish to use copyrighted material from this site for purposes of your own that go beyond ‘fair use’, you must obtain permission from the copyright owner.

FAIR USE NOTICE FAIR USE NOTICE: This page may contain copyrighted material the use of which has not been specifically authorized by the copyright owner. This website distributes this material without profit to those who have expressed a prior interest in receiving the included information for scientific, research and educational purposes. We believe this constitutes a fair use of any such copyrighted material as provided for in 17 U.S.C § 107.

Read more at: http://www.etupdates.com/fair-use-notice/#.UpzWQRL3l5M | ET. Updates
FAIR USE NOTICE FAIR USE NOTICE: This page may contain copyrighted material the use of which has not been specifically authorized by the copyright owner. This website distributes this material without profit to those who have expressed a prior interest in receiving the included information for scientific, research and educational purposes. We believe this constitutes a fair use of any such copyrighted material as provided for in 17 U.S.C § 107.

Read more at: http://www.etupdates.com/fair-use-notice/#.UpzWQRL3l5M | ET. Updates

All Blogs licensed under Creative Commons Attribution 3.0

Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 Unported License.

Sunday, November 3, 2013

No Morsel Too Minuscule for All-Consuming N.S.A.



No Morsel Too Minuscule for All-Consuming N.S.A.

The N.S.A.’s Evolution: The National Security Agency was founded in 1952, and its surveillance capabilities were limited by legislation in 1978. But with the attacks of September 2001 came a new sense of urgency.

Multimedia

Stephen Crowley/The New York Times 
ALLIES AND SPY TARGETS President Obama with other G-20 leaders in St. Petersburg, Russia, in early September, standing between President Dilma Rousseff of Brazil, left, and Chancellor Angela Merkel of Germany. 
 
Ayatollah Khamenei, via Twitter
IN THE MIDEAST Iran’s supreme leader, Ayatollah Ali Khamenei, fourth from left, was tracked in the country’s north by the N.S.A. 



Sean Gallup/Getty Images
SCOLDED John Emerson, left, the American envoy to Germany.



Google Earth
EARS ON THE WORLD The National Security Agency’s complex at Fort Gordon, Ga. Much of the agency’s eavesdropping is run from stations at home and abroad, far beyond its Maryland headquarters. 



Carolyn Kaster/Associated Press
SPY CHIEF James R. Clapper Jr., the director of national intelligence, in September. He has strongly defended intelligence gathering practices.



Patrick Semansky/Associated Press
WINDOWS WITH VIEWS ON EVERYTHING Part of the National Security Agency’s campus in Fort Meade, Md.


When Ban Ki-moon, the United Nations secretary general, sat down with President Obama at the White House in April to discuss Syrian chemical weapons, Israeli-Palestinian peace talks and climate change, it was a cordial, routine exchange. 

The National Security Agency nonetheless went to work in advance and intercepted Mr. Ban’s talking points for the meeting, a feat the agency later reported as an “operational highlight” in a weekly internal brag sheet. It is hard to imagine what edge this could have given Mr. Obama in a friendly chat, if he even saw the N.S.A.’s modest scoop. (The White House won’t say.)
But it was emblematic of an agency that for decades has operated on the principle that any eavesdropping that can be done on a foreign target of any conceivable interest — now or in the future — should be done. After all, American intelligence officials reasoned, who’s going to find out? 

From thousands of classified documents, the National Security Agency emerges as an electronic omnivore of staggering capabilities, eavesdropping and hacking its way around the world to strip governments and other targets of their secrets, all the while enforcing the utmost secrecy about its own operations. It spies routinely on friends as well as foes, as has become obvious in recent weeks; the agency’s official mission list includes using its surveillance powers to achieve “diplomatic advantage” over such allies as France and Germany and “economic advantage” over Japan and Brazil, among other countries. 

Mr. Obama found himself in September standing uncomfortably beside the president of Brazil, Dilma Rousseff, who was furious at being named as a target of N.S.A. eavesdropping. Since then, there has been a parade of such protests, from the European Union, Mexico, France, Germany and Spain. Chagrined American officials joke that soon there will be complaints from foreign leaders feeling slighted because the agency had not targeted them. 

James R. Clapper Jr., the director of national intelligence, has repeatedly dismissed such objections as brazen hypocrisy from countries that do their own share of spying. But in a recent interview, he acknowledged that the scale of eavesdropping by the N.S.A., with 35,000 workers and $10.8 billion a year, sets it apart. “There’s no question that from a capability standpoint we probably dwarf everybody on the planet, just about, with perhaps the exception of Russia and China,” he said. 

Since Edward J. Snowden began releasing the agency’s documents in June, the unrelenting stream of disclosures has opened the most extended debate on the agency’s mission since its creation in 1952. The scrutiny has ignited a crisis of purpose and legitimacy for the N.S.A., the nation’s largest intelligence agency, and the White House has ordered a review of both its domestic and its foreign intelligence collection. While much of the focus has been on whether the agency violates Americans’ privacy, an issue under examination by Congress and two review panels, the anger expressed around the world about American surveillance has prompted far broader questions. 

If secrecy can no longer be taken for granted, when does the political risk of eavesdropping overseas outweigh its intelligence benefits? Should foreign citizens, many of whom now rely on American companies for email and Internet services, have any privacy protections from the N.S.A.? Will the American Internet giants’ collaboration with the agency, voluntary or otherwise, damage them in international markets? And are the agency’s clandestine efforts to weaken encryption making the Internet less secure for everyone? 

Matthew M. Aid, an intelligence historian and author of a 2009 book on the N.S.A., said there is no precedent for the hostile questions coming at the agency from all directions. 

“From N.S.A.’s point of view, it’s a disaster,” Mr. Aid said. “Every new disclosure reinforces the notion that the agency needs to be reined in. There are political consequences, and there will be operational consequences.”
A review of classified agency documents obtained by Mr. Snowden and shared with The New York Times by The Guardian, offers a rich sampling of the agency’s global operations and culture. (At the agency’s request, The Times is withholding some details that officials said could compromise intelligence operations.) The N.S.A. seems to be listening everywhere in the world, gathering every stray electron that might add, however minutely, to the United States government’s knowledge of the world. To some Americans, that may be a comfort. To others, and to people overseas, that may suggest an agency out of control. 

The C.I.A. dispatches undercover officers overseas to gather intelligence today roughly the same way spies operated in biblical times. But the N.S.A., born when the long-distance call was a bit exotic, has seen its potential targets explode in number with the advent of personal computers, the Internet and cellphones. Today’s N.S.A. is the Amazon of intelligence agencies, as different from the 1950s agency as that online behemoth is from a mom-and-pop bookstore. It sucks the contents from fiber-optic cables, sits on telephone switches and Internet hubs, digitally burglarizes laptops and plants bugs on smartphones around the globe. 

Mr. Obama and top intelligence officials have defended the agency’s role in preventing terrorist attacks. But as the documents make clear, the focus on counterterrorism is a misleadingly narrow sales pitch for an agency with an almost unlimited agenda. Its scale and aggressiveness are breathtaking. 

The agency’s Dishfire database — nothing happens without a code word at the N.S.A. — stores years of text messages from around the world, just in case. Its Tracfin collection accumulates gigabytes of credit card purchases. The fellow pretending to send a text message at an Internet cafe in Jordan may be using an N.S.A. technique code-named Polarbreeze to tap into nearby computers. The Russian businessman who is socially active on the web might just become food for Snacks, the acronym-mad agency’s Social Network Analysis Collaboration Knowledge Services, which figures out the personnel hierarchies of organizations from texts. 

The spy agency’s station in Texas intercepted 478 emails while helping to foil a jihadist plot to kill a Swedish artist who had drawn pictures of the Prophet Muhammad. N.S.A. analysts delivered to authorities at Kennedy International Airport the names and flight numbers of workers dispatched by a Chinese human smuggling ring. 

The agency’s eavesdropping gear, aboard a Defense Department plane flying 60,000 feet over Colombia, fed the location and plans of FARC rebels to the Colombian Army. In the Orlandocard operation, N.S.A. technicians set up what they called a “honeypot” computer on the web that attracted visits from 77,413 foreign computers and planted spyware on more than 1,000 that the agency deemed of potential future interest. 

The Global Phone Book 
 
No investment seems too great if it adds to the agency’s global phone book. After mounting a major eavesdropping effort focused on a climate change conference in Bali in 2007, agency analysts stationed in Australia’s outback were especially thrilled by one catch: the cellphone number of Bali’s police chief. 

“Our mission,” says the agency’s current five-year plan, which has not been officially scheduled for declassification until 2032, “is to answer questions about threatening activities that others mean to keep hidden.” 

The aspirations are grandiose: to “utterly master” foreign intelligence carried on communications networks. The language is corporate: “Our business processes need to promote data-driven decision-making.” But the tone is also strikingly moralistic for a government bureaucracy. Perhaps to counter any notion that eavesdropping is a shady enterprise, signals intelligence, or Sigint, the term of art for electronic intercepts, is presented as the noblest of callings.
“Sigint professionals must hold the moral high ground, even as terrorists or dictators seek to exploit our freedoms,” the plan declares. “Some of our adversaries will say or do anything to advance their cause; we will not.”
The N.S.A. documents taken by Mr. Snowden and shared with The Times, numbering in the thousands and mostly dating from 2007 to 2012, are part of a collection of about 50,000 items that focus mainly on its British counterpart, Government Communications Headquarters or G.C.H.Q. 

While far from comprehensive, the documents give a sense of the agency’s reach and abilities, from the Navy ships snapping up radio transmissions as they cruise off the coast of China, to the satellite dishes at Fort Meade in Maryland ingesting worldwide banking transactions, to the rooftops of 80 American embassies and consulates around the world from which the agency’s Special Collection Service aims its antennas. 

The agency and its many defenders among senior government officials who have relied on its top secret reports say it is crucial to American security and status in the world, pointing to terrorist plots disrupted, nuclear proliferation tracked and diplomats kept informed. 

But the documents released by Mr. Snowden sometimes also seem to underscore the limits of what even the most intensive intelligence collection can achieve by itself. Blanket N.S.A. eavesdropping in Afghanistan, described in the documents as covering government offices and the hide-outs of second-tier Taliban militants alike, has failed to produce a clear victory against a low-tech enemy. The agency kept track as Syria amassed its arsenal of chemical weapons — but that knowledge did nothing to prevent the gruesome slaughter outside Damascus in August. 

The documents are skewed toward celebration of the agency’s self-described successes, as underlings brag in PowerPoints to their bosses about their triumphs and the managers lay out grand plans. But they do not entirely omit the agency’s flubs and foibles: flood tides of intelligence gathered at huge cost that goes unexamined; intercepts that cannot be read for lack of language skills; and computers that — even at the N.S.A. — go haywire in all the usual ways. 

Mapping Message Trails 
 
In May 2009, analysts at the agency learned that Iran’s supreme leader, Ayatollah Ali Khamenei, was to make a rare trip to Kurdistan Province in the country’s mountainous northwest. The agency immediately organized a high-tech espionage mission, part of a continuing project focused on Ayatollah Khamenei called Operation Dreadnought. 

Working closely with the National Geospatial-Intelligence Agency, which handles satellite photography, as well as G.C.H.Q., the N.S.A. team studied the Iranian leader’s entourage, its vehicles and its weaponry from satellites, and intercepted air traffic messages as planes and helicopters took off and landed.
They heard Ayatollah Khamenei’s aides fretting about finding a crane to load an ambulance and fire truck onto trucks for the journey. They listened as he addressed a crowd, segregated by gender, in a soccer field. 

They studied Iranian air defense radar stations and recorded the travelers’ rich communications trail, including Iranian satellite coordinates collected by an N.S.A. program called Ghosthunter. The point was not so much to catch the Iranian leader’s words, but to gather the data for blanket eavesdropping on Iran in the event of a crisis. 

This “communications fingerprinting,” as a document called it, is the key to what the N.S.A. does. It allows the agency’s computers to scan the stream of international communications and pluck out messages tied to the supreme leader. In a crisis — say, a showdown over Iran’s nuclear program — the ability to tap into the communications of leaders, generals and scientists might give a crucial advantage. 

On a more modest scale, the same kind of effort, what N.S.A. calls “Sigint development,” was captured in a document the agency obtained in 2009 from Somalia — whether from a human source or an electronic break-in was not noted. It contained email addresses and other contact details for 117 selected customers of a Mogadishu Internet service, Globalsom. 

While most on the list were Somali officials or citizens, presumably including some suspected of militancy, the document also included emails for a United Nations political officer in Mogadishu and a local representative for the charity World Vision, among other international institutions. All, it appeared, were considered fair game for monitoring. 

This huge investment in collection is driven by pressure from the agency’s “customers,” in government jargon, not only at the White House, Pentagon, F.B.I. and C.I.A., but also spread across the Departments of State and Energy, Homeland Security and Commerce, and the United States Trade Representative. 

By many accounts, the agency provides more than half of the intelligence nuggets delivered to the White House early each morning in the President’s Daily Brief — a measure of success for American spies. (One document boasts that listening in on Nigerian State Security had provided items for the briefing “nearly two dozen” times.) In every international crisis, American policy makers look to the N.S.A. for inside information. 

Pressure to Get Everything 
 
That creates intense pressure not to miss anything. When that is combined with an ample budget and near-invisibility to the public, the result is aggressive surveillance of the kind that has sometimes gotten the agency in trouble with the Foreign Intelligence Surveillance Court, a United States federal court that polices its programs for breaches of Americans’ privacy.
In the funding boom that followed the Sept. 11 attacks, the agency expanded and decentralized far beyond its Fort Meade headquarters in Maryland, building or expanding major facilities in Georgia, Texas, Colorado, Hawaii, Alaska, Washington State and Utah. Its officers also operate out of major overseas stations in England, Australia, South Korea and Japan, at overseas military bases, and from locked rooms housing the Special Collection Service inside American missions abroad. 

The agency, using a combination of jawboning, stealth and legal force, has turned the nation’s Internet and telecommunications companies into collection partners, installing filters in their facilities, serving them with court orders, building back doors into their software and acquiring keys to break their encryption. 

But even that vast American-run web is only part of the story. For decades, the N.S.A. has shared eavesdropping duties with the rest of the so-called Five Eyes, the Sigint agencies of Britain, Canada, Australia and New Zealand. More limited cooperation occurs with many more countries, including formal arrangements called Nine Eyes and 14 Eyes and Nacsi, an alliance of the agencies of 26 NATO countries. 

The extent of Sigint sharing can be surprising: “N.S.A. may pursue a relationship with Vietnam,” one 2009 G.C.H.Q. document reported. But a recent G.C.H.Q. training document suggests that not everything is shared, even between the United States and Britain. “Economic well-being reporting,” it says, referring to intelligence gathered to aid the British economy, “cannot be shared with any foreign partner.”
As at the school lunch table, decisions on who gets left out can cause hurt feelings: “Germans were a little grumpy at not being invited to join the 9-Eyes group,” one 2009 document remarks. And in a delicate spy-versus-spy dance, sharing takes place even with governments that are themselves important N.S.A. targets, notably Israel. 

The documents describe collaboration with the Israel Sigint National Unit, which gets raw N.S.A. eavesdropping material and provides it in return, but they also mention the agency’s tracking of “high priority Israeli military targets,” including drone aircraft and the Black Sparrow missile system. 

The alliances, and the need for stealth, can get complicated. At one highly valued overseas listening post, the very presence of American N.S.A. personnel violates a treaty agreed to by the agency’s foreign host. Even though much of the eavesdropping is run remotely from N.S.A.’s base at Fort Gordon, Ga., Americans who visit the site must pose as contractors, carry fake business cards and are warned: “Don’t dress as typical Americans." 

“Know your cover legend,” a PowerPoint security briefing admonishes the N.S.A. staff members headed to the overseas station, directing them to “sanitize personal effects,” send no postcards home and buy no identifiably local souvenirs. (“An option might be jewelry. Most jewelry does not have any markings” showing its place of origin.) 

Bypassing Security 
 
In the agency’s early years, its brainy staff members — it remains the largest employer of mathematicians in the country — played an important role in the development of the first computers, then largely a tool for code breaking.
Today, with personal computers, laptops, tablets and smartphones in most homes and government offices in the developed world, hacking has become the agency’s growth area. 

Some of Mr. Snowden’s documents describe the exploits of Tailored Access Operations, the prim name for the N.S.A. division that breaks into computers around the world to steal the data inside, and sometimes to leave spy software behind. T.A.O. is increasingly important in part because it allows the agency to bypass encryption by capturing messages as they are written or read, when they are not encoded. 

In Baghdad, T.A.O. collected messages left in draft form in email accounts maintained by leaders of the Islamic State of Iraq, a militant group. Under a program called Spinaltap, the division’s hackers identified 24 unique Internet Protocol addresses identifying computers used by the Lebanese militant group Hezbollah, making it possible to snatch Hezbollah messages from the flood of global communications sifted by the agency. 

The N.S.A.’s elite Transgression Branch, created in 2009 to “discover, understand, evaluate and exploit” foreign hackers’ work, quietly piggybacks on others’ incursions into computers of interest, like thieves who follow other housebreakers around and go through the windows they have left ajar.
In one 2010 hacking operation code-named Ironavenger, for instance, the N.S.A. spied simultaneously on an ally and an adversary. Analysts spotted suspicious emails being sent to a government office of great intelligence interest in a hostile country and realized that an American ally was “spear-phishing” — sending official-looking emails that, when opened, planted malware that let hackers inside. 

The Americans silently followed the foreign hackers, collecting documents and passwords from computers in the hostile country, an elusive target. They got a look inside that government and simultaneously got a close-up look at the ally’s cyberskills, the kind of intelligence twofer that is the unit’s specialty.
In many other ways, advances in computer and communications technology have been a boon for the agency. N.S.A. analysts tracked the electronic trail left by a top leader of Al Qaeda in Africa each time he stopped to use a computer on his travels. They correctly predicted his next stop, and the police were there to arrest him. 

And at the big N.S.A. station at Fort Gordon, technicians developed an automated service called “Where’s My Node?” that sent an email to an analyst every time a target overseas moved from one cell tower to another. Without lifting a finger, an analyst could follow his quarry’s every move. 

The Limits of Spying 
 
The techniques described in the Snowden documents can make the N.S.A. seem omniscient, and nowhere in the world is that impression stronger than in Afghanistan. But the agency’s capabilities at the tactical level have not been nearly enough to produce clear-cut strategic success there, in the United States’ longest war. 

A single daily report from June 2011 from the N.S.A.’s station in Kandahar, Afghanistan, the heart of Taliban country, illustrates the intensity of eavesdropping coverage, requiring 15 pages to describe a day’s work. 

The agency listened while insurgents from the Haqqani network mounted an attack on the Hotel Intercontinental in Kabul, overhearing the attackers talking to their bosses in Pakistan’s tribal area and recording events minute by minute. “Ruhullah claimed he was on the third floor and had already inflicted one casualty,” the report said in a typical entry. “He also indicated that Hafiz was located on a different floor.” 

N.S.A. officers listened as two Afghan Foreign Ministry officials prepared for a meeting between President Hamid Karzai of Afghanistan and Iranian officials, assuring them that relations with the United States “would in no way threaten the interests of Iran,” which they decided Mr. Karzai should describe as a “brotherly country.” 

The N.S.A. eavesdropped as the top United Nations official in Afghanistan, Staffan de Mistura, consulted his European Union counterpart, Vygaudas Usackas, about how to respond to an Afghan court’s decision to overturn the election of 62 members of Parliament. 

And the agency was a fly on the wall for a long-running land dispute between the mayor of Kandahar and a prominent local man known as the Keeper of the Cloak of the Prophet Muhammad, with President Karzai’s late brother, Ahmed Wali Karzai, as a mediator. 

The agency discovered a Taliban claim to have killed five police officers at a checkpoint by giving them poisoned yogurt, and heard a provincial governor tell an aide that a district police chief was verbally abusing women and clergymen. 

A Taliban figure, Mullah Rahimullah Akhund, known on the United States military’s kill-or-capture list by the code name Objective Squiz Incinerator, was overheard instructing an associate to buy suicide vests and a Japanese motorbike, according to the documents. 

And N.S.A. listened in as a Saudi extremist, Abu Mughira, called his mother to report that he and his fellow fighters had entered Afghanistan and “done victorious operations.” 

Such reports flowed from the agency’s Kandahar station day after day, year after year, and surely strengthened the American campaign against the Taliban. But they also suggest the limits of intelligence against a complex political and military challenge. The N.S.A. recorded the hotel attack, but it had not prevented it. It tracked Mr. Karzai’s government, but he remained a difficult and volatile partner. Its surveillance was crucial in the capture or killing of many enemy fighters, but not nearly enough to remove the Taliban’s ominous shadow from Afghanistan’s future. 

Mining All the Tidbits 
 
In the Afghan reports and many others, a striking paradox is the odd intimacy of a sprawling, technology-driven agency with its targets. It is the one-way intimacy of the eavesdropper, as N.S.A. employees virtually enter the office cubicles of obscure government officials and the Spartan hide-outs of drug traffickers and militants around the world. 

Venezuela, for instance, was one of six “enduring targets” in N.S.A.’s official mission list from 2007, along with China, North Korea, Iraq, Iran and Russia. The United States viewed itself in a contest for influence in Latin America with Venezuela’s leader then, the leftist firebrand Hugo Chávez, who allied himself with Cuba, and one agency goal was “preventing Venezuela from achieving its regional leadership objectives and pursuing policies that negatively impact U.S. global interests.” 

A glimpse of what this meant in practice comes in a brief PowerPoint presentation from August 2010 on “Development of the Venezuelan Economic Mission.” The N.S.A. was tracking billions of dollars flowing to Caracas in loans from China (radar systems and oil drilling), Russia (MIG fighter planes and shoulder-fired missiles) and Iran (a factory to manufacture drone aircraft).
But it was also getting up-close and personal with Venezuela’s Ministry of Planning and Finance, monitoring the government and personal emails of the top 10 Venezuelan economic officials. An N.S.A. officer in Texas, in other words, was paid each day to peruse the private messages of obscure Venezuelan bureaucrats, hunting for tidbits that might offer some tiny policy edge. 

In a counterdrug operation in late 2011, the agency’s officers seemed to know more about relations within a sprawling narcotics network than the drug dealers themselves. They listened to “Ricketts,” a Jamaican drug supplier based in Ecuador, struggling to keep his cocaine and marijuana smuggling business going after an associate, “Gordo,” claimed he had paid $250,000 and received nothing in return. 

The N.S.A., a report said, was on top of not just their cellphones, but also those of the whole network of “buyers, transporters, suppliers, and middlemen” stretching from the Netherlands and Nova Scotia to Panama City and Bogotá, Colombia. The documents do not say whether arrests resulted from all that eavesdropping. 

Even with terrorists, N.S.A. units can form a strangely personal relationship. The N.S.A.-G.C.H.Q. wiki, a top secret group blog that Mr. Snowden downloaded, lists 14 specialists scattered in various stations assigned to Lashkar-e-Taiba, the Pakistani terrorist group that carried out the bloody attack on Mumbai in 2008, with titles including “Pakistan Access Pursuit Team” and “Techniques Discovery Branch.” Under the code name Treaclebeta, N.S.A.’s hackers at Tailored Access Operations also played a role. 

In the wiki’s casual atmosphere, American and British eavesdroppers exchange the peculiar shoptalk of the secret world. “I don’t normally use Heretic to scan the fax traffic, I use Nucleon,” one user writes, describing technical tools for searching intercepted documents. 

But most striking are the one-on-one pairings of spies and militants; Bryan is assigned to listen in on a man named Haroon, and Paul keeps an ear on Fazl. 

A Flood of Details 
 
One N.S.A. officer on the Lashkar-e-Taiba beat let slip that some of his eavesdropping turned out to be largely pointless, perhaps because of the agency’s chronic shortage of skilled linguists. He “ran some queries” to read intercepted communications of certain Lashkar-e-Taiba members, he wrote in the wiki, but added: “Most of it is in Arabic or Farsi, so I can’t make much of it.” 

It is a glimpse of the unsurprising fact that sometimes the agency’s expensive and expansive efforts accomplish little. Despite the agency’s embrace of corporate jargon on goal-setting and evaluation, it operates without public oversight in an arena in which achievements are hard to measure. 

In a world of ballooning communications, the agency is sometimes simply overwhelmed. In 2008, the N.S.A.’s Middle East and North Africa group set about updating its Sigint collection capabilities. The “ambitious scrub” of selectors — essentially search terms — cut the number of terms automatically searched from 21,177 to 7,795 and the number of messages added to the agency’s Pinwale database from 850,000 a day to 450,000 a day. 

The reduction in volume was treated as a major achievement, opening the way for new collection on Iranian leadership and Saudi and Syrian diplomats, the report said. 

And in a note that may comfort computer novices, the N.S.A. Middle East analysts discovered major glitches in their search software: The computer was searching for the names of targets but not their email addresses, a rather fundamental flaw. “Over 500 messages in one week did not come in,” the report said about one target. 

Those are daily course corrections. Whether the Snowden disclosures will result in deeper change is uncertain. Joel F. Brenner, the agency’s former inspector general, says much of the criticism is unfair, reflecting a naïveté about the realpolitik of spying. “The agency is being browbeaten for doing too well the things it’s supposed to do,” he said. 

But Mr. Brenner added that he believes “technology has outrun policy” at the N.S.A., and that in an era in which spying may well be exposed, “routine targeting of close allies is bad politics and is foolish.” 

Another former insider worries less about foreign leaders’ sensitivities than the potential danger the sprawling agency poses at home. William E. Binney, a former senior N.S.A. official who has become an outspoken critic, says he has no problem with spying on foreign targets like Brazil’s president or the German chancellor, Angela Merkel. “That’s pretty much what every government does,” he said. “It’s the foundation of diplomacy.” But Mr. Binney said that without new leadership, new laws and top-to-bottom reform, the agency will represent a threat of “turnkey totalitarianism” — the capability to turn its awesome power, now directed mainly against other countries, on the American public. 

“I think it’s already starting to happen,” he said. “That’s what we have to stop.”
Whatever reforms may come, Bobby R. Inman, who weathered his own turbulent period as N.S.A. director from 1977 to 1981, offers his hyper-secret former agency a radical suggestion for right now. “My advice would be to take everything you think Snowden has and get it out yourself,” he said. “It would certainly be a shock to the agency. But bad news doesn’t get better with age. The sooner they get it out and put it behind them, the faster they can begin to rebuild.”

'Spoiler Alert': NYT's Rapid-Fire Review of Snowden Docs Questioned




'Gutting over a dozen serious stories from rivals,' paper accused of 'spoiler' journalism

- Jon Queally, staff writer
Director of National Intelligence James R. Clapper Jr., the director of national intelligence, in September. He has strongly defended intelligence gathering practices. (Photo: Carolyn Kaster/Associated Press )Given access to a large trove of the NSA documents leaked by whistleblower Edward Snowden, the New York Times has published an aerial view of the agency—cataloging numerous and varied surveillance programs—which the paper says shows that President Obama and other high-ranking officials who defend the agency by citing its counterterrorism credentials are using "a misleadingly narrow sales pitch for an agency with an almost unlimited agenda."
Though critical and informative on many levels, however, the approach and perhaps unintended consequences of the story raises some questions.
According to the Times, "the scale and aggressiveness" of the NSA's global spying apparatus detailed in the Snowden documents "are breathtaking."
And in three key paragraphs, the Times rattled off a series of acronym-laden programs and clandestine cyber-operations conducted by the NSA:
The agency’s Dishfire database — nothing happens without a code word at the N.S.A. — stores years of text messages from around the world, just in case. Its Tracfin collection accumulates gigabytes of credit card purchases. The fellow pretending to send a text message at an Internet cafe in Jordan may be using an N.S.A. technique code-named Polarbreeze to tap into nearby computers. The Russian businessman who is socially active on the web might just become food for Snacks, the acronym-mad agency’s Social Network Analysis Collaboration Knowledge Services, which figures out the personnel hierarchies of organizations from texts.
The spy agency’s station in Texas intercepted 478 emails while helping to foil a jihadist plot to kill a Swedish artist who had drawn pictures of the Prophet Muhammad. N.S.A. analysts delivered to authorities at Kennedy International Airport the names and flight numbers of workers dispatched by a Chinese human smuggling ring.
The agency’s eavesdropping gear, aboard a Defense Department plane flying 60,000 feet over Colombia, fed the location and plans of FARC rebels to the Colombian Army. In the Orlandocard operation, N.S.A. technicians set up what they called a “honeypot” computer on the web that attracted visits from 77,413 foreign computers and planted spyware on more than 1,000 that the agency deemed of potential future interest.
However, despite the scale and scope of the Times' reporting on the documents, it was difficult for some to avoid the feeling that part of the exhaustive review was designed to scuttle future—perhaps more detailed—reporting on the same programs.
Unlike most other reporting so far done on the leaked NSA documents, which seem to have followed a more deliberate kind of approach by looking at one surveillance program or revelation at a time, the decision to publish a single feature-length piece on numerous programs raised the ire of some.
As the transparency advocacy group Wikileaks responded:

WikiLeaks         @wikileaks
NYTimes does NSA spoiler story, gutting over a dozen serious stories from rivals; justifies using Inman http://www.nytimes.com/2013/11/03/world/no-morsel-too-minuscule-for-all-consuming-nsa.html?pagewanted=1&_r=0&pagewanted=all  @GGreenwald



The reference is to former Bobby Inman, who directed the NSA himself in the late 70s and early 80s. For those who  think the Times' rapid-fire review of the Snowden documents might, in fact, serve the interests of the agency over the public, Inman's unsolicited advice to his former employer serves as an interesting clue.

“My advice would be to take everything you think Snowden has and get it out yourself,” Inman told the Times. “It would certainly be a shock to the agency. But bad news doesn’t get better with age. The sooner they get it out and put it behind them, the faster they can begin to rebuild.”
_______________________________

Privacy Is Dead. Long Live Transparency!

Mother Jones



 

Modest proposal: Accept surveillance is inevitable, but demand that all data be public.


Illustration: Harry Campbell


Thanks to Edward Snowden, we've learned a lot over the past few months about the breathtaking scope and depth of US government surveillance programs. It's going to take a while to digest all the details he's disclosed, but in the meantime it might be a good idea to step back and ask some pointed questions about what it all means—and what kind of country we want to live in.

What keeps the NSA's capabilities from being abused in the future?

With only a few (albeit worrying) exceptions, Snowden's documents suggest that today the NSA is focused primarily on foreign terrorism and mostly operates within its legal limits. But the agency has built an enormous infrastructure that sweeps up email, phone records, satellite communications, and fiber-optic data in terabyte quantities—and if history teaches us anything, it's that capabilities that exist will eventually be used. Inadvertent collection of US communications is required by law to be "minimized," but even now there are plenty of loopholes that allow the NSA to hold on to large quantities of domestic surveillance for its own use and the use of others. And there's little to keep it from covertly expanding that capability in the future. All it would take is another 9/11 and a president without a lot of scruples about privacy rights.

What kind of independent oversight should the NSA have?

Right now, oversight is weak. There are briefings for a few members of Congress, but the NSA decides what's in those briefings, and one leaked report revealed that the agency has set out very specific guidelines for what its analysts may divulge to "our overseers." That caginess extends to the FISA court charged with making sure NSA programs remain within the law: In a 2011 opinion recently released by the Obama administration, the court noted that the NSA had misled it about the specific nature of a surveillance program for the third time in three years.

No organization can adequately oversee itself. If the NSA is allowed to decide on its own what it reveals to Congress and to the courts, then it's under no real oversight at all.

What happened to the Fourth Amendment?

Back in 1979, the Supreme Court ruled that although a warrant is required to tap a telephone line, none is needed to acquire phone records. This means that police don't need a warrant to find out whom you've been calling and who's been calling you.

Whatever you think of this ruling, it was fairly limited at the time. Today it's anything but. The NSA now sweeps up records of every single phone call made in the United States under the authority of Section 215 of the Patriot Act, which gives it power to obtain any "tangible thing" that's relevant to a terrorist investigation. Did Congress mean for that section to be interpreted so broadly? Rep. Jim Sensenbrenner (R-Wis.), one of the authors of the Patriot Act, doesn't think so. But the NSA does, and the FISA court has backed it up.

Another law, Section 702 of the FISA Amendments Act, allows the NSA to obtain access to vast categories of online communications without a warrant. It's supposed to apply only to foreigners, but via errors and loopholes plenty of Americans end up being targeted too. In fact, one of the loopholes specifically allows the agency to use domestic data collected "inadvertently" if it shows evidence of a crime being or "about to be" committed. This provides a pretty obvious incentive to gather up bulk domestic communications in hopes of finding evidence of imminent activity. And the practice isn't limited to national security cases: The Drug Enforcement Administration, for example, has a special division dedicated to using intelligence intercepts in drug cases, a fact that it routinely conceals from courts and defense attorneys.

What all this means is that the traditional constitutional requirement of a particularized warrant—one targeted at a specific person—is fast becoming a relic. In the NSA's world, they simply collect everything they can using the broad powers they've been given, then decide for themselves which records they're actually allowed to read. Is that really what we want?

Does all this surveillance keep us safer?

There's no way to know for sure, since virtually everything about the NSA's programs is classified. But shortly after the publication of the first Snowden documents, the head of the NSA told Congress that its surveillance programs had "contributed" to understanding or disrupting 50 terrorist plots—10 of them domestic—since 9/11. That amounts to less than one domestic plot per year. Of the handful he described, the most significant one involved a Somali immigrant who sent a few thousand dollars back to fighters in Somalia.

When you narrow things down to just the NSA's collection of domestic phone records—perhaps its most controversial program—things get even shakier. In 2009, a FISA court judge who had received detailed reports on the program expressed open skepticism that it had accomplished much. And two US senators who have seen classified briefings about all 50 plots say that the phone records played "little or no role" in disrupting any of them. If this is the best case the NSA can make, it's fair to ask whether its programs are worth the cost, either in money or in degraded privacy.

What about corporate surveillance?

Government eavesdropping isn't the only thing we have to worry about. We're also subjected to steadily increasing data collection from private actors. It's true that, unlike a government, a corporation can't put you on a no-fly list or throw you in jail. But there are at least a couple of reasons that corporate surveillance can be every bit as intrusive as the government variety—and possibly every bit as dangerous too.

First, if Target can analyze your shopping habits to figure out if you're pregnant—and it can—another company might figure out that you're in the early stages of Alzheimer's disease and then start badgering you to buy worthless insurance policies. Multiply that by a thousand and "targeted advertising" doesn't seem quite so benign anymore.

Second, there's nothing that prevents the government from buying up all this information and combining it with its programs into an even bigger surveillance octopus. That was the goal of the Orwellian-named Bush-era program known as Total Information Awareness. It was officially killed after a public outcry, but as we now know, it never really went away. It just got split apart, renamed, and dumped into black budgets.

Even the NSA itself is in on the action: The Wall Street Journal reported earlier this year that the agency collects more than just phone records and data packets. Via internet service providers and financial institutions, it also gathers web search records, credit card transactions, and who knows what else. In addition, the NSA has long maintained a deep collaboration with the leading-edge data mining companies of Silicon Valley. And why not? As the New York Times put it, both sides realize that "they are now in the same business."

Can we save privacy?

I call this the "David Brin question," after the science fiction writer who argued in 1996 that the issue isn't whether surveillance will become ubiquitous—given technological advances, it will—but how we choose to live with it. Sure, he argued, we may pass laws to protect our privacy, but they'll do little except ensure that surveillance is hidden ever more deeply and is available only to governments and powerful corporations. Instead, Brin suggests, we should all tolerate less privacy, but insist on less of it for everyone. With the exception of a small sphere within our homes, we should accept that our neighbors will know pretty much everything about us and vice versa. And we should demand that all surveillance data be public, with none restricted to governments or data brokers. Give everyone access to the NSA's records. Give everyone access to all the video cameras that dot our cities. Give everyone access to corporate databases.

This is, needless to say, easier said than done, and Brin acknowledges plenty of problems. Nonetheless, his provocation is worth thinking about. If privacy in the traditional sense is impossible in a modern society, our best bet might be to make the inevitable surveillance more available, not less. It might, in the end, be the only way to keep governments honest.


Kevin Drum

Political Blogger
Kevin Drum is a political blogger for Mother Jones. For more of his stories, click here. RSS |

NSA Invaded the Google and Yahoo Servers Monitoring Nearly Everyone's Internet Use



Dissident Voice: a radical newsletter in the struggle for peace and social justice

NSA Invaded the Google and Yahoo Servers

Monitors Nearly Everyone's Internet Use



What a week! Shortly after Secretary of State John Kerry admitted that maybe our government had gone “too far” in its surveillance programs, the Washington Post dropped another Edward Snowden bombshell demonstrating that it is going a whole lot farther than we knew.
If Kerry’s ersatz admission — couched in a defense of National Security Agency surveillance — provoked a collective yawn from many who follow these developments, the latest Snowden stuff snapped us to attention. The Post published an article detailing the NSA’s interception of information coming in and out of Google and Yahoo servers over non-public, internal network fibre optic lines. In December, 2012 alone, the program (revealingly called “MUSCULAR”) processed 181,280,466 Google and Yahoo records that included email, searches, videos and photos.
 note the smiley!
The NSA diagram for Google interception: note the smiley!


Up to now, the NSA has defended its actions by telling us it is combatting terrorism through the capture of data in a public space, the Internet, after obtaining court orders. This shows they were lying. MUSCULAR is the theft of about 25 percent of all Internet data from two of the most popular data handling companies with no court orders or advisories in complete defiance of the law and our rights. It is, quite simply, government gangsterism.

And it brings into focus the most important question: why? Because this isn’t about counter-terrorism, not with that many records and their surreptitious capture. This is about surveillance and analysis of the daily communications of an entire country and much of the world.

The technology of MUSCULAR, a program jointly carried on by the NSA and its British counterpart, isn’t hard to explain. Essentially, technologists at the spy agency have figured out a way to intercept data being exchanged among servers that store everything you do on Google and Yahoo.

Here’s the difference between this and other previously revealed spying programs. Your data travels over the Internet to get to those servers and be stored there. For others to see what data you’ve stored, it must travel out, again over the Internet. That’s legally protected data and the NSA (at least theoretically) needs a court order to remove it from those servers. The FISA court (the NSA’s blessing source) almost always rubber stamps NSA requests so it’s pretty easy to conduct that kind of data extraction but at least there is still a record of what the NSA is looking for and why and some grounds for taking legal action against it.

Muscular doesn’t go near the data as it’s travelling on the Internet or while it’s on those servers. Instead it intercepts data that’s already been stored and is travelling through non-public connections between each company’s many servers as the companies synchronize stored data or transfer it internally. Internet giants like Google transfer data among their servers constantly in networks of servers known as (you’ve heard it before) “clouds”. This constant transfer helps distribute server activity so that a sudden spike in requests for data on a particular server doesn’t crash it (called “load management”) or for maintenance, security and other reasons. To do this they use special fibre-optic wires that connect their various servers and are not publicly available.

The data transferred among these servers is typically encoded so nobody can read it without having the decoding keys. That’s a security measure. According to these reports, the NSA has figured out a way to de-code those formats, then captures the data being transferred by tapping into these internal connections and then, without anyone outside the NSA knowing it, decodes the stuff and analyses it to decide what, if anything, they want to do with it. If they decide to store it, they have several NSA storage centers that can easily handle it. They then allow the data to resume its journey. It all happens in micro-seconds.

This is typically called a “man in the middle interception” and it’s like tapping the wire between your computer and an external hard drive you use for storage — except multiplied hundreds of millions of times.

“I knew the NSA drawing was real from the smiley-face,” wrote Slate‘s David Auerbach, referring to the Internet smile icon used in the leaked diagram and replicated above. “Only an eager and myopic software engineer — seeing the interception of Google and Yahoo’s data as a challenge and game rather than as a security and political matter — would make such a light-hearted and self-satisfied gesture at the prospect of hacking into Google’s internal servers.”
Of course, it’s not a game. It is a highly sophisticated and intentionally intrusive method of data-gathering: spycraft at its most pernicious performed constantly on the email, photos, videos and other data posted by the people of this country (and many others).

NSA chief Keith Alexander was immediately dispatched to issue his predictable disclaimers: “It would be illegal for us to do that. So, I don’t know what the report is,” he told a cyber-security conference last week. “But I can tell you factually we do not have access to Google servers, Yahoo servers. We go through a court order.” Alexander has proven himself a master of evasion in the past but this was a doozy. This is about tapping wires not accessing servers.
Officials at both Google and Yahoo tried to put make-up on their black eyes through statements of outrage, calls for “restraint”, and assurance that they were not “advised” of a massive surveillance effort they would never have approved. But the point is that it’s happening and their PR-driven assurances to users that our data is safe mean absolutely nothing.

What a mess! In the space of two weeks, President Obama publicly states that he didn’t know the extent of the spying but will aggressively “look into it”. Secretary Kerry admits it may have gone too far but it’s all in a good cause. Alexander side-stepped comment on the real revelation and his National Security Advisor boss James Clapper seemed intent on avoiding the issue entirely be issuing another of his famous non-denial statements. In fact, the non-denials were bouncing like a bunch of ping-pong balls during an earthquake — colliding with each other in a nonsensical frenzy. That was coupled with the flow of rhetorical outrage emanating from many governments as Snowden information made clear that surveillance was being conducted on everything from Spanish citizens’ email accounts to the personal emails (and perhaps phone calls) of German chancellor Angela Merkel.

Obviously, data gathering of this scope isn’t about catching terrorists. That certainly could be part of the outcome but there’s no way you analyze over 183 million pieces of data in a month to identify crazies. Something else is going on.

Post reporter Bart Gellman, who broke the story, told PBS that “…on its face I don’t see any evidence that they’re flouting the law here. They’re using it in ways that the companies and the public didn’t expect.” But that challenges logic. Going into a company’s internal systems to remove data without that company’s knowledge sure seems illegal. At the very least, it reflects a disturbing cynicism on the Administration’s part about the spirit of the law and what privacy laws tell our government about how it should relate to its citizens.

The question, however, isn’t whether this is legal but what the Obama Administration is trying to do with the definition of legality. The history of this Administration demonstrates that it’s preparing for some very troubled times and its preparations are obscenely repressive. With an economy that simply cannot return 25 million unemployed people to work, the massive retrenchment of people’s rights, the slashing of our social safety nets, a society ripped apart by the frantic hysteria of weekly domestic terrorism, an insane but growing extreme right-wing and a Congress that has no popular support and is no longer governing anyone, the eruption of massive protest and resistance in every corner of the society is no surprise. Nor does it take much vision to predict that things are going to get a whole lot hotter.

The politically powerful are involved in an intense debate about how to govern this society while the social contract it has used to govern in the past can’t be met. The debate rages but it’s clear that all sides are talking about a more restrictive society. The key to such repression is data capture. No matter how intense and widespread this repression turns out to be, they have the data they need to make all options possible including the crushing of protest movements. Do we trust them not to use the data that way?

In past contributions to these web pages, I’ve written that, while we are not in a police state, the government has constructed an apparatus capability of turning this country into one with a flip of its legal switch.

That’s the meaning of the MUSCULAR revelations. As far as data is concerned, everything is in place.

Alfredo Lopez writes for This Can't Be Happening! where this article first appeared. Read other articles by Alfredo.