Monday, June 10, 2013

NSA: Our Big Brother?

NSA Briefing Slide as posted on Wikipedia via The Guardian

Click here for related story [USA Today - Donna Leinwand Leger]

A while back, we wrote about the Administration attempting to gain control of the Internet and telecommunications.  So far, that has been blocked, even though the Administration continues to push the issue to "protect us from 'terrorists' ", and/or Anthony Weiner.

We've restrained ourselves from jumping into this controversy until more facts came to light.  And, we are beholden to The Guardian, George Stephanopoulis, and USA Today's Donna Leinwand Leger for publishing relevance rather than hyperbole.

Lots of intelligence collected - but ignored    []
First, let's define the National Security Agency's mission, prescribed by the National Security Act of 1947, which later spawned the NSA in 1952.  In brief, the mission was, and has traditionally been, to monitor communications outside the United States in order to obtain early warning on threats to our national security.  This derived from the success of US and British Intelligence programs called Enigma, JN-25, and Ultra which broke the codes of the Japanese and Nazis.  JN-25 was responsible for breaking the Japanese code prior to World War II, and gave the US early warning of the attack on Pearl Harbor -- which, unfortunately, was ignored.

For many years, the NSA was a highly prized asset and professional organization as it delivered superb raw intelligence information from around the world.  The bulk of this it derived from open communications from telephone conversations, to teletype, to more sensitive eavesdropping -- all under the rubric of SIGINT [Signals Intelligence comprised of data derived from communications, and electronic intelligence (ELINT)]. These sets complement MASINT (Measurement and Signature Intelligence) which is the INT which analyzes the products of SIGINT; confused yet? 
[We'll limit our discussion to just this grouping, for simplicity sake]. 

Lots of intelligence collected; but ignored    []
Intelligence analysts praised this raw, unevaluated information as it supplemented or confirmed trends or assessments they were developing on real-time threats.  It was rare, though, that NSA was actually able to break codes since encryption techniques have become highly sophisticated -- such that NSA began demanding the keys to those codes produced by US security companies [oddly, foreign companies declined this demand], so, NSA was left with the keys to only US originated encrypted communications.

DNC apologists such as Bob Cesca are aggressively attempting to discredit the Guardian and ABC disclosures to make it appear that these transgressions are merely exposing
"NSA business as usual protecting America from terrorists.
"Move along folks; nothing to see here.  Keep moving; everything's under control."

To clarify the rules of the NSA intelligence surveillance, the Foreign Intelligence Surveillance Act, Section 702, prohibits
"prohibits 'intentionally' targeting any US citizen or anyone known to be in the US.  NSA also cannot target a person overseas if the purpose is to get information from a person inside the US.  NSA cannot target even foreign persons overseas without a valid foreign intelligence purpose."
[From the DNI Fact Sheet presented to Congress by the DNI, James Clapper.]

But, who decides?
"Targeting decisions are reviewed by the Office of the Director of National Intelligence and the Department of Justice."

The "Deciders" would be James Clapper [DNI] and Eric Holder [AG].
Feel better now?

97 Billion raw data files -- of virtually no intelligence value
To muddy the waters, DNI Director Clapper has declassified the data mining electronic surveillance program: Boundless Informant, which he disclosed captures between 3 - 100 billion data pieces, which he dubs "intelligence"; in fact, it is what is known in the Intelligence Community as "raw, unevaluated information of unknown quality and/or reliability" -- pretty much the same as reading the Washington Post
-- but even less reliable [if that's possible]. 

Storage in Yottabytes   [HistoryCommons]
Boundless Informant conducts the information gathering process for which NSA has been recognized for years, and which justifies its yottabytes in data storage in thousands of IT servers.  That's a lot of raw, information, but, it's highly classified raw data and relatively worthless -- requiring enormous resources to scour for dots to connect to eventually create intelligence.  NSA could likely derive as much information by going into the Black Forest and examining the bark on the trees, but it's difficult to classify tree bark as Top Secret.  To clarify, the only reason the data is classified is to protect the means by which is is acquired -- which is now public knowledge.

Decider: James Clapper    [WBUR]
Mr Clapper declassified this program -- from Top Secret [Codeword] to "Unclassified".

If it could be declassified that easily from the highest level of secrecy and compartmentation, why was it classified so highly in the first place?  Other than highly questionable activities, bordering on the illegal, what aspect of national security did this over-classification protect?

But, let's take a look at what the hubbub is actually all about.

First, we need to know what NSA is unable to do.

Unless its capabilities have changed radically, it can't break current encryption systems which function on the basis that only the sender and receiver have the keys to the encryption. 

Of course, in the movies or TV programs, you'll see an analyst clicking away on the keyboard, and presto, in minutes, the encrypted message is translated and the hero saves the day, just in the nick of time.  Realistically, that never happens, even if Jack Bauer threatens to shoot the analyst behind the ear.

HUMINT Penetration       []
The breakthrough comes when a HUMINT [Human Intelligence] asset [aka: spy] buys, finagles, or steals the encryption key from the target, thus allowing NSA to listen in. 

Otherwise, NSA just listens to a bunch of buzzing, clicks, and incomprehensible noise.  Of course, armed with a FISA Warrant, NSA can demand the encryption keys from US companies -- for "national security" to break through that noise and listen to your cell phone conversations.

Which leads us to the bad stuff.  

If NSA were the whiz-bang agency most people think it is, it wouldn't need to order the Telecom companies to let it eavesdrop.  It could simply decipher the secure systems these companies use to protect your financial transactions and no one would be the wiser.  If it can't spy on US citizens without the decryption keys, is it worth its salt in monitoring our foreign enemies?

Since we're guessing NSA does not have a real deciphering capability, it has to order [via FISA warrant] the telecoms to give up their encryption keys.

Verizon appears to be the first to be outed as granting access, and we have to wonder if the persuasion process there came through the unique positioning of Bill Barr, a former CIA analyst, and later, acting US Attorney General under George for his energetic litigation to achieve telecom competition by "scuttling a series of FCC rules" which gave us a choice of carriers other than Ma Bell [even if most of the carriers today are "Baby Bells"].

So, where are we now?

Essentially, NSA has established a semi-legal framework under which it operates, and creates secret warrants, delivered to a secret court [Foreign Intelligence Surveillance Court], adjudicated by an anonymous judge, to monitor and search all data records of all the telecom companies in the US -- to search for "terrorists"; the DNI Director admits to only nine companies [the rest are feeders from these nine, so, tap the nine, and you have all data].  But, since even FISA judges are outraged at the feeble rationales offered as justification for these warrants, NSA bypasses the system entirely.

Those served with these secret warrants are warned that they are prohibited from representation by an attorney, or to even mention that they have been served.  All in the name of "national security".

This was justified by NSA and our stalwart Director of National Intelligence, Mr Clapper during his brief to the HPSCI [House Permanent SubCommittee on Intelligence] and the SSCI [Senate Select Committee on Intelligence],

Some Background: 
This invasive program was formally introduced by Ted Kennedy and signed into law by Jimmy Carter; warrantless searches were introduced under Bill Clinton in 2000.  However, Project Minaret, in which NSA supported US law enforcement operations, was initiated under LBJ way back in 1967.  (This would have been in clear violation of Posse Comitatus which forbids the use of the US Military in a law enforcement role - NSA was a component of DOD until recently.). 

Accompanying Minaret was Project Shamrock, which monitored all telegraphic communication entering or exiting the US -- which was technically legal under NSA's original charter since it was not directly monitoring US citizens -- well, sort of, if you stretch credibility a bit. 

Believe it or not [just kidding], it turns out NSA has been operating illegally for a number of years.  Another whistle-blower, Mark Klein from ATT, was interviewed in 2008 when he outed an illegal NSA intercept operation in San Francisco dating back at least to 2003, and likely long before. 

NSA installed a fiber optic splitter on ATT's "backbone" Internet hub which would feed NSA computers all Internet traffic passing through the hub.  The splitter, which could process 10 gigabits of data [e.g., the equivalent of the entire Encyclopedia Brittanica] per second, was a creation of the Narus, an Israeli company [you may ask why a foreign company is integrated into our intelligence system; good question, but there is no legitimate explanation -- although Boeing did buy it to keep it "legal".]. 

Klein noted that such NSA operations were conducted at a number of [all?] other Telecom hubs throughout the US.  A lawsuit filed was eventually dismissed in 2011 based on a retroactive grant of immunity based on the companies' cooperation with the US government.

Such programs, along with abusive programs of the FBI, the CIA, and Army Intelligence led to the Church Committee hearings which resulted in subsequent Congressional close oversight over, and restrictions on all US Intelligence organizations.  Little did we imagine that Congress itself would be complicit.

Official Logo      [(c) NSA]
So now, let's take a look at Project Prism, which extends NSA's reach into the Internet, enabling NSA to conduct surveillance on both live communications as well as stored information of telecom clients of companies outside the US, or, American citizens whose communications include web content of people/companies outside the US; since most telecoms tie to cloud storage maintained outside the US, that means any and all communications and personal information of ALL US citizens is open to NSA surveillance and monitoring.

NSA monitors you to protect you
[Slide posted on Wikipedia via The Guardian]
Are you being monitored?

Well, according to this NSA slide, you probably are if you use products or services from Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube, or Apple.  But, according to Mr Clapper, your communications and/or personal files would only be looked at if you might be connected to "terrorists" -- and he and Mr Holder will decide what the definition of "terrorist" is.

Why the high classification?
Perhaps because NSA has been violating the law?

If the Attorney General thinks you're a threat, you're a target
[Slide posted on Wikipedia via The Guardian

And, what is it that NSA and its government clients hope to retrieve from this monitoring?

A handy selection from your email, video conferencing, login information, passwords to your bank accounts, and let's not forget, all your social networking contacts and information - just in case you have an al Qaeda cell at home.

Note the Special Requests Ex-spouses, annoying neighbors, or a police suspect you want dirt on? NSA can target individuals  the Attorney General deems a "threat", and all those records are exploitable.

The bottom line is that these revelations are merely the tip of the iceberg, so-to-speak.  We have foxes guarding the hen-house, and foreign companies involved in monitoring all our US communications.  When we catch these agencies breaking the law, Congress grants them retroactive immunity.

And, it's ALL in the name of National Security!
Will we find out that one of NSA's clients is the IRS, and that NSA has been data mining on political parties and candidates -- as they did in the 1960s and 1970s?

How many more whistle-blowers will step forward to reveal more intelligence evil-doers?

We do want to congratulate NSA on its sterling performance on monitoring, identifying, and protecting us from the terrorists who bombed the Federal Building in Oklahoma City, the World Trade Center [twice], and of course, most recently, the Boston Marathon bombers.  

Oh, sorry, NSA missed those events since they were busy siphoning through your phone, email, and cable TV records.

Do you feel safe and secure with James Clapper and Eric Holder deciding if you are a threat to America. 

George Orwell warned us in "1984" -- Is it time to take notice?                    [United]