The NSA Hearing, by the Numbers BY KIM ZETTER

Standard

From: http://www.wired.com/threatlevel/2013/06/nsa-hearing-by-the-numbers/

The NSA Hearing, by the Numbers
BY KIM ZETTER
06.18.13
3:00 PM

Director of the National Security Agency (NSA), Gen. Keith B. Alexander, testifies about NSA surveillance before the Senate Appropriations Committee on Capitol Hill. Photo: Charles Dharapak/AP

 

A federal hearing today on NSA surveillance programs leaked by former NSA contractor Edward Snowden produced some interesting numbers about the scope of the data collections and other issues. We’ve produced a roundup below of some of the interesting stats and intelligence gleaned from the discussion.

The hearing, before Congress’s Select Committee on Intelligence, included NSA Director, General Keith Alexander; Deputy Attorney General James Cole; Deputy Director of the FBI Sean Joyce; and General Counsel Robert Litt, from the Office of the Director of National Intelligence General Counsel.

1) NSA Only Uses Section 215 of Patriot Act to Obtain Phone records. NSA Director Keith Alexander, responding to questions about the kinds of business records the agency obtains using this power granted by the Patriot Act, said that the agency only uses it to obtain phone records from companies. This would seem to contradict a recent Wall Street Journal story, which disclosed that the agency was collecting credit card transactions. But Alexander’s statement doesn’t rule out that the FBI is collecting credit card transactions and providing data pertaining to foreign intelligence cases to the NSA. The vast majority of business records requests under Section 215 are done by the FBI and other federal agencies, not the NSA.

2) Phone Records Obtained by NSA under Section 215 Are Destroyed After 5 Years. ODNI General Counsel Robert Litt asserted that the records are not kept indefinitely. Nor are they used for general data mining and pattern analysis, according to Alexander. He stated that the records are only used to perform individual “queries” against specific phone numbers. Presumably this means that pattern analysis likely would be done on those targeted phone numbers that are under investigation in order to ascertain any and all phone numbers that have communicated with the targeted number.

3) Only 22 People at NSA Can Authorize Queries of Phone Records Database. This number includes 20 analysts and two supervisors. Among the 22 people who can authorize such queries of the phone records database are Gen. Alexander himself and Litt.

4) Records/Data Obtained under 215 and Section 702 of FISA Thwarted 50 Potential Terrorist Plots. NSA Director Alexander and FBI Deputy Director Sean Joyce said that at least 50 cases they investigated used data obtained under the two surveillance programs that Snowden exposed. Section 702 of FISA can cover real-time emails and chats, IP addresses and other data. Asked by Rep. Jim Himes (D-Connecticut), how many of these 50 episodes “would have occurred but for your ability to use 702″ (or “How essential are these authorizations to stopping these attacks?”), Alexander said that he believed that in at least half of these cases, the data obtained under Section 702 of FISA was “critical.” He said that of the cases involving the use of phone records obtained under Section 215 of the Patriot Act, a little more than 10 of these cases involved some kind of “domestic nexus” — meaning they involved a U.S. citizen overseas or in the U.S. The vast majority of these cases “had a contribution from the business records requests.”

5) Snowden Worked for the NSA for 15 Months at Time of Leaks. Although it’s been reported that Snowden had only been working for defense contractor Booz Allen Hamilton for three months at the time of the leaks, and had only been stationed at the NSA’s Hawaii facility a few weeks prior to leaking, Alexander noted that Snowden had actually been working for the NSA under a different contractor during the 12 months prior to moving to Booz Allen Hamilton, which would have given him more time to scope out the network and determine which data he wanted to take.

6) NSA Plans to Institute a Two-Person Rule to Govern Activities of SysAdmins This would presumably involve requiring a shadow for every sysadmin to ensure that no one operator can download the kind of data Snowden obtained without authorization from another operator, or change auditing and logging instructions on the system to hide their tracks. Alexander noted that Snowden, as a systems administrator, had great authority to access parts of the network that are not accessible to regular analysts. The sysadmin also has the ability to set the auditing conditions on a portion of the network. “This is a huge problem,” Alexander said. “We’re coming up with a two-person rule to make sure we have a way to block” someone from taking information out of the system. “This is a work in progress,” he said.

7) NSA Has About 1,000 SysAdmins Worldwide. Alexander said the NSA has about 1,000 system administrators that have, in certain sections, the level of authority comparable to what Snowden had to access data. This number seems small, and Alexander said they were working on trying to get a more exact figure, but he noted that the majority of these system administrators were contract workers.

Finally, something else of note that Alexander said in the hearing today. The NSA apparently doesn’t yet know how Snowden obtained access to the court order that authorized Verizon to hand over the phone records of millions of American customers. He noted that to access the kind of data collected under the program required special “certificates” or keys to gain access to areas where the data was stored. Certificates and keys can refer to digital access to walled-off areas of data on a server, but Alexander also seemed to imply that Snowden would have needed physical access to a room where the data was stored.

“To get to any data like business records under 215, that’s in controlled area,” Alexander said. “You need specific certificates to get in to that. I’m not aware that Snowden had any certificates to get into that.” He later noted that by “certificates” he meant keys, meaning presumably electronic door access keys.

“In this case, what the system administrator had access to is what we’ll call the public web forums that NSA operates, and these are the things that talk about how we do our business, not necessarily what’s being collected as a results of that,” Alexander said. “Nor does it necessarily give them the insights that the training and the other issues that training and certification process and accreditation that our folks go through to actually do this. So those are in separate programs and require other certificates to get into.”

When asked if this meant Snowden did not have the certificates necessary to leave that public forum, Alexander replied, “So each set of data that we would have, and in this case let’s say the business records, FISA, you have to have specific certificates … because this is a cordoned off, so that would be extremely difficult for him to. . . he’d have to get up to NSA and get into that room to do. Others require certificates for you to be working in this area to have that. He would have to get one of those certificates to actually enter that area…. In other words, it’s a key.”

Following the hearing, reporters in the room cornered Alexander for further explanation about this, during which Alexander reportedly said that the NSA believes Snowden obtained access to the court order while he was undergoing orientation and training at the NSA’s headquarters at Ft. Meade.

“The FISA warrant was on a web server that he had access to as an analyst coming into the Threat Operations Center,” Alexander told Politico. “It was in a special classified section that as he was getting his training he went to.”

667 total views, no views today

Enemy of the State: Europe alarmed over U.S. intel spy program

Standard

From: http://theextinctionprotocol.wordpress.com/2013/06/12/enemy-of-the-state-europe-alarmed-over-u-s-intel-spy-program/

 

Enemy of the State: Europe alarmed over U.S. intel spy program

  
U.S. government official brands NSA whistleblower as a traitor. The question remains why are U.S. government agencies collecting so much private data on American citizens, as though there were all presumed ’enemies of the state’?
June 12, 2013 – WASHINGTON – The EU is demanding assurances that Europeans’ rights are not being infringed by massive, newly revealed US surveillance program. Justice Commissioner Viviane Reding plans to raise the concerns with US Attorney General Eric Holder on Friday. Last week a series of leaks by a former CIA worker led to claims the US had a vast surveillance network with much less oversight than previously thought. The US insists its snooping is legal under domestic law. The Obama administration is investigating whether the disclosures by former CIA worker Edward Snowden were a criminal offence. More revelations are promised to be released to the press in coming days about the extent of U.S. domestic spying. Mr. Snowden’s employer, defense contractor Booz Allen Hamilton, said on Tuesday it had fired the 29-year-old infrastructure analyst for violating its ethics code. Russia has offered Mr. Snowden political asylum in light of the recent revelations against the U.S. US officials say the snooping program known as Prism, revealed in last week’s leaks, is authorized under the Foreign Intelligence Surveillance Act (FISA). It gives the US National Security Agency (NSA) the power to obtain emails and phone records relating to non-US nationals. But details about the individuals targeted under the act remain secret, and there are concerns the NSA is overstepping its powers. Documents leaked to the Guardian and Washington Post newspapers claimed the US authorities had direct access to the servers of nine major US technology firms, including Apple, Facebook and Google. Mr. Snowden told the Guardian that individual operatives had the power to tap into anyone’s emails at any time. Although the firms have denied granting such access, saying they agreed only to legal requests, US officials have admitted Prism exists. And on Tuesday, Republican Senator Lindsay Graham said US surveillance of phone records allowed the government to monitor phone records for a pattern of calls, even if those numbers had no known connection to terrorism. One of the Guardian journalists who wrote the Prism stories, Glenn Greenwald, has promised “more significant revelations” to come. In the US, the controversy has focused on the possibility that conversations of US citizens may inadvertently be captured. But overseas, governments and activists point out that US law provides foreigners with no protection. The Liberation Daily in China has harsh words for President Obama: “Five years ago, Obama came to power waving an anti-George W Bush banner. Five years later, he is still exactly the same as George W Bush on invasion of privacy issues.” Russia’s Izvestiya compares the revelations to a dystopian novel: “The frightening reality of the 21st Century is that the world has become a house with glass walls, notions of ‘personal secrets’ and ‘confidential information’ are turning into fiction before our very eyes.” –BBC

634 total views, no views today

USA Calling For the Extradition of Snowden

Standard

From: http://news.slashdot.org/story/13/06/10/1134226/usa-calling-for-the-extradition-of-snowden?utm_source=rss1.0mainlinkanon&utm_medium=feed

 

Taco Cowboy writes”Edward Snowden, the leaker who gave us the evidence of US government spying on its people is under threat of being extradited back to the U.S. to face prosecution. Some people in Congress, including Republican Peter King (R-NY), are calling for his extradition from Hong Kong to face trial. From the article: ‘A spokesman for the director of national intelligence, James Clapper, said Snowden’s case had been referred to the justice department and US intelligence was assessing the damage caused by the disclosures. “Any person who has a security clearance knows that he or she has an obligation to protect classified information and abide by the law,” the spokesman, Shawn Turner, said.'”

596 total views, 1 views today

Meet your new martyr: Edward Snowden PRISM whistleblower’s not the new Assange, not even a very naughty boy

Standard

From: http://www.theregister.co.uk/2013/06/10/dont_draw_assanges_halo_around_snowdens_head/

 

So, we have a name for the PRISM leaker: Edward Snowden. Now his name is public, the US government and the military-infosec complex are going to work really hard at blowing smoke around the whole thing.

In that, I think Snowden made a tactical error – not because of the danger he’s in (his name would have been found out by his former masters before many days had passed). Rather, he has put his name at the centre of the story, which will help the spinners re-frame the story as Snowden rather than PRISM.

The spin-masters are already at work, and they’re going to spend a lot of effort discrediting Snowden’s actions, character and information – along the way, blurring the issues and giving us black painted as white.

  • “Junior employee” – The implication of the Booz Allen Hamilton announcement that he’d only been with the company for three months is that Snowden didn’t really know what’s going on. The proper response to that is that neither do we, and we should.
  • Expect attacks on his character and motives. We know that he’s breached his employer’s trust – that’s what a whistleblower does. When media starts looking for “the man behind the story”, we give the spinners an angle to work, because you can be sure that the spinners are looking for ways to tell us we’re mistaken about his motives.
  • Attack his facts – Minor corrections of what Snowden claims don’t invalidate the underlying outrage that comprises mass-scale spying on the communications of innocent individuals.
  • Retreat behind the secrecy of national security – “This program has saved lives, but we can’t tell you how.”

The underlying strategy of the spin machine will be to keep the spotlight on Snowden, and draw attention away from the things he’s revealed.

It’s a strategy that’s worked in the past, partly because people so willingly co-operate with it. We’ve been here before, with Julian Assange. The creation of “Saint Julian” suited his opponents perfectly: it allows them to publicly identify the value of Wikileaks with the character of its founder.

Snowden looks personable enough, sounds intelligent and sincere to the point of earnestness, and he’s now in serious trouble, all of which pulls the vox humana stop all the way out. The human interest is irresistible – and all of which plays into Snowden’s opponents, who want the story to be playing the man rather than the ball.

I realise that as an activist, I make a passable journalist, but if any of the activists are listening, here is my advice.

Don’t draw the halo of secular sainthood around Snowden’s head. There is practically no human who would survive the scrutiny (and whisper campaign) that’s about to commence. He will have imperfections and they’ll be played to discredit him.

Don’t become disillusioned if and when something damaging is revealed about Snowden.

Don’t let your attention be distracted by the shiny bauble of a personable front-man. The story is about government surveillance.

550 total views, 1 views today

Edward Snowden, NSA files source: ‘If they want to get you, in time they will’ Source for the Guardian’s NSA files on why he carried out the biggest intelligence leak in a generation – and what comes next

Standard

From: http://www.guardian.co.uk/world/2013/jun/09/nsa-whistleblower-edward-snowden-why


Edward Snowden
 was interviewed over several days in Hong Kong by Glenn Greenwald and Ewen MacAskill.

Q: Why did you decide to become a whistleblower?

A: “The NSA has built an infrastructure that allows it to intercept almost everything. With this capability, the vast majority of human communications are automatically ingested without targeting. If I wanted to see your emails or your wife’s phone, all I have to do is use intercepts. I can get your emails, passwords, phone records, credit cards.

“I don’t want to live in a society that does these sort of things … I do not want to live in a world where everything I do and say is recorded. That is not something I am willing to support or live under.”

Q: But isn’t there a need for surveillance to try to reduce the chances of terrorist attacks such as Boston?

A: “We have to decide why terrorism is a new threat. There has always been terrorism. Boston was a criminal act. It was not about surveillance but good, old-fashioned police work. The police are very good at what they do.”

Q: Do you see yourself as another Bradley Manning?

A: “Manning was a classic whistleblower. He was inspired by the public good.”

Q: Do you think what you have done is a crime?

A: “We have seen enough criminality on the part of government. It is hypocritical to make this allegation against me. They have narrowed the public sphere of influence.”

Q: What do you think is going to happen to you?

A: “Nothing good.”

Q: Why Hong Kong?

A: “I think it is really tragic that an American has to move to a place that has a reputation for less freedom. Still, Hong Kong has a reputation for freedom in spite of the People’s Republic of China. It has a strong tradition of free speech.”

Q: What do the leaked documents reveal?

A: “That the NSA routinely lies in response to congressional inquiries about the scope of surveillance in America. I believe that when [senator Ron] Wyden and [senator Mark] Udall asked about the scale of this, they [the NSA] said it did not have the tools to provide an answer. We do have the tools and I have maps showing where people have been scrutinised most. We collect more digital communications from America than we do from the Russians.”

nsa whistleblowerSnowden is a 29-year-old former technical assistant for the CIA

Q: What about the Obama administration‘s protests about hacking by China?

A: “We hack everyone everywhere. We like to make a distinction between us and the others. But we are in almost every country in the world. We are not at war with these countries.”

Q: Is it possible to put security in place to protect against state surveillance?

A: “You are not even aware of what is possible. The extent of their capabilities is horrifying. We can plant bugs in machines. Once you go on the network, I can identify your machine. You will never be safe whatever protections you put in place.”

Q: Does your family know you are planning this?

A: “No. My family does not know what is happening … My primary fear is that they will come after my family, my friends, my partner. Anyone I have a relationship with …

I will have to live with that for the rest of my life. I am not going to be able to communicate with them. They [the authorities] will act aggressively against anyone who has known me. That keeps me up at night.”

Q: When did you decide to leak the documents?

A: “You see things that may be disturbing. When you see everything you realise that some of these things are abusive. The awareness of wrong-doing builds up. There was not one morning when I woke up [and decided this is it]. It was a natural process.

“A lot of people in 2008 voted for Obama. I did not vote for him. I voted for a third party. But I believed in Obama’s promises. I was going to disclose it [but waited because of his election]. He continued with the policies of his predecessor.”

Q: What is your reaction to Obama denouncing the leaks on Friday while welcoming a debate on the balance between security and openness?

A: “My immediate reaction was he was having difficulty in defending it himself. He was trying to defend the unjustifiable and he knew it.”

Q: What about the response in general to the disclosures?

A: “I have been surprised and pleased to see the public has reacted so strongly in defence of these rights that are being suppressed in the name of security. It is not like Occupy Wall Street but there is a grassroots movement to take to the streets on July 4 in defence of the Fourth Amendment called Restore The Fourth Amendment and it grew out of Reddit. The response over the internet has been huge and supportive.”

Q: Washington-based foreign affairs analyst Steve Clemons said he overheard at the capital’s Dulles airport four men discussing an intelligence conference they had just attended. Speaking about the leaks, one of them said, according to Clemons, that both the reporter and leaker should be “disappeared”. How do you feel about that?

A: “Someone responding to the story said ‘real spies do not speak like that’. Well, I am a spy and that is how they talk. Whenever we had a debate in the office on how to handle crimes, they do not defend due process – they defend decisive action. They say it is better to kick someone out of a plane than let these people have a day in court. It is an authoritarian mindset in general.”

Q: Do you have a plan in place?

A: “The only thing I can do is sit here and hope the Hong Kong government does not deport me … My predisposition is to seek asylum in a country with shared values. The nation that most encompasses this is Iceland. They stood up for people over internet freedom. I have no idea what my future is going to be.

“They could put out an Interpol note. But I don’t think I have committed a crime outside the domain of the US. I think it will be clearly shown to be political in nature.”

Q: Do you think you are probably going to end up in prison?

A: “I could not do this without accepting the risk of prison. You can’t come up against the world’s most powerful intelligence agencies and not accept the risk. If they want to get you, over time they will.”

Q: How to you feel now, almost a week after the first leak?

A: “I think the sense of outrage that has been expressed is justified. It has given me hope that, no matter what happens to me, the outcome will be positive for America. I do not expect to see home again, though that is what I want.”

577 total views, no views today