Tracking: The NSA's Secret Surveillance Programs

We're tracking--and contextualizing--the ongoing news surrounding Edward Snowden and the NSA's secret surveillance of phone calls and Internet communications.

The National Security Agency (NSA) and America's other intelligence agencies suddenly lost control of their biggest open secret: The U.S. government is monitoring the Internet and telephone communications. A series of revelations spurred by leaker Edward Snowden forced the NSA to admit to a secret surveillance regime that includes the mass collection of phone and web metadata. In the latest disclosure, the European Union found substantial evidence that the NSA was spying on them.

Snowden is facing an unclear future as he lives in the transit zone of Sheremetyevo Airport, new leaks are revealing how the NSA spies on American citizens, and tech companies are in revolt for their own reasons. These are interesting times.

We're tracking--and explaining--news about this story as it unfolds.

5:05 p.m., 07/08/13

The Guardian Airs New, Month-Old Edward Snowden Interview

A new Ed Snowden interview came out this afternoon--Glenn Greenwald and documentary filmmaker Laura Poitras spoke with Snowden in Hong Kong... on June 6. Snowden discusses the U.S. government's monitoring of domestic and foreign internet traffic in the video.

So why did The Guardian release the interview more than a month after it was recorded? Pageviews. Releasing the news in controlled bursts guarantees site traffic, and maximizes the site's gains from the ongoing NSA scandal.

However, Buzzfeed's Jacob Fischler found that The Guardian cut key parts of the interview from the original tape:

The government will follow a simple playbook. I think they will try to destroy my credibility, they’ll attack me personally and they will try to make an example out of me in any way they can to discourage others from coming forward when they find other things they think the government is improperly classifying information. My primary fear is that the government is going to come after my family, they are going to exercise warrants against any location I’ve ever used an electronic device, every friend I’ve ever visited at home, my partner who’s travelled with me throughout the world. My mother, my father — anyone I have (inaudible) with they’ll attack them in lieu of me because they can’t reach me and I think that’s incredibly wrong. But I think they’ll do what they can do send a message that people shouldn’t do this unless they want repercussions.

The Guardian also has additional interview footage with Snowden that has not yet been released.

--Neal Ungerleider

5:00 p.m., 07/08/13

How The U.S. Government Snoops On The World's Fiber-Optic Cables

While everyone in the United States was celebrating the July 4 weekend, the Washington Post's Craig Timberg and Ellen Nakashimi wrote a must-see story detailing how the U.S. government spies on global communications. The article, which builds on the NSA revelations, gives previously unreleased details of America's surveillance regime:

The agreements, whose main purpose is to secure the U.S. telecommunications networks against foreign spying and other actions that could harm national security, do not authorize surveillance. But they ensure that when U.S. government agencies seek access to the massive amounts of data flowing through their networks, the companies have systems in place to provide it securely, say people familiar with the deals.
Negotiating leverage has come from a seemingly mundane government power: the authority of the Federal Communications Commission to approve cable licenses.

--Neal Ungerleider

9:15 am, 07/08/13

Snowden's Asylum Options: Venezuela, Nicaragua, Bolivia

Once Edward Snowden leaves the dubious charms of Moscow's Sheremetyevo Airport, he has multiple options for his next destination. Following an announcement by Venezuelan President Nicholas Maduro on Friday that his country would grant asylum to Snowden if requested, Nicaragua and Bolivia quickly filed suit. Of course, Bolivian President Evo Morales' plane was searched for Snowden last week by Austrian authorities--but the Where's Waldo-like whistleblower wasn't there.

The Guardian has the details on Snowden's improved prospects, but does not describe the diplomatic negotiations surrounding his transfer in depth. Despite the fact that Snowden began as an independent whistleblower of NSA surveillance programs, he has become a pawn (and a liability) for security services in the United States, China, and Russia. While many regimes around the world are happy to offer Snowden lip service because he exposed the perceived hypocrisy of the United States government, his presence also draws attention to the unseemly fact that those regimes also engage in illicit monitoring and surveillance of their citizens.

[Image: Akpool]

--Neal Ungerleider

8:00 am, 07/08/13

NSA Rejects Every FOIA Request From U.S. Citizens

A response sent by the NSA to a man who requested information on what data had been gathered on him, implies that the agency is routinely refusing all Freedom Of Information Act requests. The Tikkun Daily Blog published excerpts from the letter that Clayton Seymour of Ohio received, telling him his request had been turned down:

Any positive or negative response on a request-by-request basis would allow our adversaries to accumulate information and draw conclusions about NSA's technical capabilities, sources and methods. Our adversaries are likely to evaluate all public responses related to these programs.
[...]
Your request is denied because of the fact of the existence or non-existence of responsive records is a currently and properly classified matter in accordance with Executive Order 13526 as set forth in Subparagraph (c) of Section 1.4.

The NSA, notes Tikkun's David Harris-Gershon, "is classifying every single bit of data it receives from ordinary American citizens based on the premise that it has been gathered covertly."

--Addy Dugdale

9:25 am, 07/03/13

Cryptome Tweets PGP Messages To Edward Snowden, WikiLeaks

Granddaddy of all leak sites Cryptome tweeted a long series of PGP messages to Edward Snowden and several other parties last night in a highly unusual move. Hours after the PGP messages were tweeted, along with a link to a Pastebin page, Cryptome's 4,000 follower-strong Twitter feed was wiped clean. Metadata posted to Twitter clearly identified some recipients--according to Cryptocat's Nadim Kobeissi, they were sent to Edward Snowden, Birgitta Jonsdottir, Bradley Manning, and three unknown parties. Jonsdottir is an Icelandic parliamentarian with close ties to WikiLeaks.

The decision to send the messages via Twitter is highly unusual for Cryptome, which has a long history of surveillance by law enforcement and intelligence agencies. Posting the encrypted messages via Twitter, on a public feed followed by intelligence agencies, journalists, and a cypherpunk community that largely discusses things in open forums is puzzling to say the least.

So our question to readers--why did Cryptome suddenly turn into a full-on numbers station?

--Neal Ungerleider

8:00 am, 07/03/13

Bolivian President's Plane Reported As Now Flying Over Spain

According to live flight tracking data from website Flightradar24.com the diplomatic aircraft FAB-001 that's carrying the Bolivian president Evo Morales is now transiting Spanish airspace. If the website's data is accurate the plane also overflew a corner of Italy and France, and is seemingly set to travel through Portuguese airspace before it sets off on its trans-Atlantic journey.

France, Spain, Italy, and Portugal were all earlier said to have forbidden the aircraft overflight permission--presumably on the grounds that Edward Snowden is suspected of being aboard.

--Kit Eaton

5:45 am, 07/03/13

Bolivian President's Plane Possibly Denied Overflight Of France, Italy, Spain, Portugal

An official diplomatic aircraft carrying president Evo Morales is now confirmed as having left the airport in Vienna. But an international diplomatic scandal seems to have quickly blown up after Spain reportedly denied the aircraft the right to fly through its airspace. The ban seems to have arisen after Bolivian officials refused to allow Spanish authorities to inspect the plane--presumably to search for NSA whistleblower Edward Snowden, who it was thought may have been aboard to seek asylum in Bolivia.

But the exact flight plan situation is unclear, because although president Morales is said to have talked about the Spanish overflight ban, along with other national bans, the AP is reporting that French officials have not denied the vehicle the right to fly in French airspace and that Spain has also permitted a flight.

Considering Austria's land-locked position in Europe, a flight ban over several EU nations would severely complicate the president's travel plans. Any flight ban of a diplomatic plane will also stir controversy, and Ecuador's president Rafael Correa has tweeted his assertion that the moves are an affront to "our America" and called on all South American nations to respond.

Austrian officials have said that Snowden is not on the plane.

--Kit Eaton

7:00 pm, 07/02/13

Bolivian President Forced To Land In Austria

Bolivia's government confirms that a jet carrying President Evo Morales from Moscow was forced to land in Austria over fears that Edward Snowden was aboard. Both France and Portugal forbid Morales' crew from entering their airspace in an unprecedented move. Bolivian Foreign Minister David Choquehuanca told Russia Today that "we don’t know who invited this lie, but we want to denounce to the international community this injustice with the plane of President Evo Morales."

Choquehuanca denies Snowden is on the plane.

--Neal Ungerleider

1:30 pm, 07/02/13

Snowden Wasn't An Ordinary IT Worker. He Was A Cyberspy

An article in the Sunday New York Times quietly buried the revelation that Edward Snowden's work for Booz Allen Hamilton wasn't a simple IT position for the NSA. Instead, Scott Shane and David Sanger revealed that Snowden helped find network vulnerabilities in foreign systems for the agency:

His last job before leaking classified documents about N.S.A. surveillance, he told the news organization The Guardian, was actually “infrastructure analyst.”

It is a title that officials have carefully avoided mentioning, perhaps for fear of inviting questions about the agency’s aggressive tactics: an infrastructure analyst at the N.S.A., like a burglar casing an apartment building, looks for new ways to break into Internet and telephone traffic around the world.

That assignment helps explain how Mr. Snowden got hold of documents laying bare the top-secret capabilities of the nation’s largest intelligence agency, setting off a far-reaching political and diplomatic crisis for the Obama administration.

Our question, and it's painfully naive--and we know that--is this: What is a contractor doing conducting crucial offensive cyberwarfare work for the NSA? Contractors have completely different chains of accountability and separate hiring processes. When did their role change from lending support work for intelligence/military cyberwarfare to actually conducting the dirty work?

--Neal Ungerleider

11:20 am, 07/02/13

Hong Kong B-Movie Studio Releases Edward Snowden: The Movie

God bless the Internet and its rapid empowerment of do-it-yourself filmmakers. In an inevitable development, a low-budget Hong Kong studio made the first movie about Edward Snowden, a five minute short film called Verax. The Wall Street Journal spoke with the star, Hong Kong-based English teacher and part-time actor Andrew Cromeek--a mop-haired American who initially bore no resemblance to Snowden:

Mr. Cromeek, whose only previous acting experience was in a student film and a commercial, agreed to play the role. But with his mop of unruly hair, he needed a complete makeover.

Enter Mr. Tse, who took him to a local hair salon for a dirt-cheap 50-Hong Kong-dollar (US$6.41) haircut. Armed with a photo of Mr. Snowden, Mr. Cromeek plopped down in the barber’s chair and faced a skeptical hair stylist.

“The lady said ‘I can’t guarantee you will look like him,’ ” he says, but she worked quickly. “It took 10, 15 minutes max.”

After that, Mr. Cromeek donned eyeglasses, trimmed his beard, lightened his hair color, and had a mole applied to his neck.

“I learned a lot about makeup,” says Mr. Tse, whose girlfriend gave him a crash course in styling. “All you have to remember is concealer and foundation.”

The real Edward Snowden has at least one Hollywood fan. Oliver Stone has gone on record to offer the NSA whistleblower his support.

--Neal Ungerleider

8:45 am, 07/02/13

Brazil Turns Down Snowden Asylum Request

According to Reuters, Brazil has said, "No, thanks," to Edward Snowden's plea for asylum. A foreign ministry spokesman said that it would leave the request unanswered.

7:00 am, 07/02/13

George W. Bush Defends Prism Legacy

The previous incumbent of the Oval Office has revealed that he was behind the decision to start the PRISM program. Interviewed by CNN in Zambia, where he is helping to build a health clinic, the 43rd President of the United States talked about how Snowden's deeds had undermined the security of the country.

The former President also defended Obama, saying that his successor was right to say there was a balance between privacy rights and national security. "I think there needs to be a balance, and as the president explained, there is a proper balance," he said, adding that the PRISM monitoring program was started under his watch.

"I put that program in place to protect the country. One of the certainties was that civil liberties were guaranteed."

6:30 am, 07/02/13

Snowden Withdraws Application For Russian Visa, Where Next?

Edward Snowden's world just shrank in size. The NSA whistleblower has this morning pulled his visa application for Russia, following Vladimir Putin's comments that the American programmer needs to put a stop to the leaks.

"If he wants to go somewhere and someone will take him, go ahead. If he wants to stay here, there is one condition – he must stop his work aimed at bringing harm to our American partners, as strange as that sounds coming from my mouth."

Russia was actually just one of 21 countries considered by Snowden as his next destination, and they included Cuba, Ireland, Spain, China, Switzerland, Brazil, Germany, Poland and Venezuela.

In a twist, Ecuador, one of the original countries that said it would welcome Snowden with open arms, has done a volte-face, saying that its original comments were "a mistake." President of the South American country, Rafael Correa, said that the mole's travel pass was granted "without authorisation" and that it was up to Russia to give him travel documentation.

That faintly audible squeaking we can hear must be the sound of pressure being brought to bear on other countries by the U.S. State department and its various diplomatic missions worldwide.

--Addy Dugdale

7:10 pm, 07/01/13

U.S. Military Blocks Troops From Reading The Guardian

If a foreign newspaper has a potentially morale-sapping story, ban it. Well, that's the U.S. military's take on things at least. Or, well, they can say the newspapers are publishing classified information and use that as a rationale.

The Guardian's Spencer Ackerman reports that his paper has been blocked on military Internet networks in huge swaths of the world. Troops in Afghanistan, the Middle East, and "South Asia" (Pakistan? India? Sri Lanka?) are no longer able to access the British newspaper through military networks:

“US central command is among other DOD organizations that routinely take preventative measures to safeguard the chance of spillage of classified information on to unclassified computer networks, even if the source of the information is itself unclassified,” said US army Lt Col Steve Wollman, a spokesman for central command. “One of the purposes for preventing this spillage is to protect Centcom personnel from inadvertently amplifying disclosed but classified information.

“Additionally, classified information is not automatically declassified simply because of unauthorized disclosure,” Wollman continued.

“Classified information is prohibited from specific unclassified networks, even if the information has already been published in unclassified media that are available to the general public, such as online news organizations.”

Wollman confirmed that the block applies not only to troops in Afghanistan, but for those deployed anywhere in central command’s area of operations, which includes the Middle East, south Asia, and the command's headquarters in Florida.

--Neal Ungerleider

6:20 pm, 07/01/13

Snowden Issues Statement Through WikiLeaks

Edward Snowden has made a public statement through WikiLeaks; the statement is the first one from him since he left Hong Kong. The statement appears to make his alliance with WikiLeaks complete, and Snowden explicitly compared himself to Bradley Manning for the first time:

One week ago I left Hong Kong after it became clear that my freedom and safety were under threat for revealing the truth. My continued liberty has been owed to the efforts of friends new and old, family, and others who I have never met and probably never will. I trusted them with my life and they returned that trust with a faith in me for which I will always be thankful.

On Thursday, President Obama declared before the world that he would not permit any diplomatic "wheeling and dealing" over my case. Yet now it is being reported that after promising not to do so, the President ordered his Vice President to pressure the leaders of nations from which I have requested protection to deny my asylum petitions.

This kind of deception from a world leader is not justice, and neither is the extralegal penalty of exile. These are the old, bad tools of political aggression. Their purpose is to frighten, not me, but those who would come after me.

For decades the United States of America have been one of the strongest defenders of the human right to seek asylum. Sadly, this right, laid out and voted for by the U.S. in Article 14 of the Universal Declaration of Human Rights, is now being rejected by the current government of my country. The Obama administration has now adopted the strategy of using citizenship as a weapon. Although I am convicted of nothing, it has unilaterally revoked my passport, leaving me a stateless person. Without any judicial order, the administration now seeks to stop me exercising a basic right. A right that belongs to everybody. The right to seek asylum.

In the end the Obama administration is not afraid of whistleblowers like me, Bradley Manning or Thomas Drake. We are stateless, imprisoned, or powerless. No, the Obama administration is afraid of you. It is afraid of an informed, angry public demanding the constitutional government it was promised — and it should be.

I am unbowed in my convictions and impressed at the efforts taken by so many.

Edward Joseph Snowden

Monday 1st July 2013

Snowden's next move depends on the Russian government's inclinations as his whistleblowing case slowly turns into an international espionage scandal.

--Neal Ungerleider

2:00 pm, 07/01/13

Snowden Applies For Asylum In Russia

In a move that could backfire in unforeseen ways, Edward Snowden has requested asylum in Russia. Snowden's representative, Briton Sarah Harrison, handed over the request to a Russian Foreign Ministry official late Sunday night. The application was filed inside an office at Sheremetevo Airport's Terminal F.

[Image: Wikimedia user Victorgrigas]

--Neal Ungerleider

1:35 pm, 07/01/13

Blind Item: Who Is The NSA's Secret Corporate Partner In Signals Spying?

So... here's a fun blind item. Der Spiegel reports that the NSA had a crucial corporate partner in their surveillance of Internet and telephone traffic. Any guesses on who played footsie with Fort Meade?

According to the documents, a particularly valuable partner is a company active in the U.S. and has access to information that crisscrosses America. At the same time, this company, by virtue of its contacts, offers "unique access to other telecoms and (Internet service providers)." The company is "aggressively involved in shaping traffic to run signals of interest past our monitors," according to a secret NSA document. The cooperation has existed since 1985, the documents say.

Apparently, it's not an isolated case, either. A further document clearly demonstrates the compliance of a number of different companies. There are "alliances with over 80 major global corporations supporting both missions," according to a paper that is marked top secret. In NSA jargon, "both missions" refers to defending networks in the U.S., on the one hand, and monitoring networks abroad, on the other. The companies involved include telecommunications firms, producers of network infrastructure, software companies and security firms.

Such cooperation is an extremely delicate issue for the companies involved. Many have promised their customers data confidentiality in their terms and conditions. Furthermore, they are obliged to follow the laws of the countries in which they do business. As such, their cooperation deals with the NSA are top secret. Even in internal NSA documents, they are only referred to using code names.

[Image: Wikimedia user Fleshas]

11:30 am, 07/01/13

Putin Gives Snowden An Ultimatum

After President Obama made an official statement today saying the United States "has gone through regular law enforcement channels to get Edward Snowden extradited from Russia," Russian President Vladimir Putin made an ambiguous statement. He said Snowden "must stop his work aimed at harming our American partners." Furthermore, Putin stated that Snowden isn't a Russian agent, and should choose his final destination and travel there.

As things remain unsure for Snowden, one thing is certain: When you need to take sanctuary from Uncle Sam, Uncle Vlad might not be your best option.

--Neal Ungerleider

10:50 am, 07/01/13

NSA Does Damage Control On European Union Spying

Amid diplomatic fallout from the fact that the NSA, unsurprisingly, is engaged in surveillance of foreign powers, certain parties are trying to minimize the goings on. Secretary of State Kerry is currently doing damage control interference rounds on the news that NSA hackers monitored European Union bureaucratic computer systems.

"I will say that every country in the world that is engaged in international affairs and national security undertakes lots of activities to protect its national security and all kinds of information contributes to that. All I know is that it is not unusual for lots of nations," Kerry said at a news conference. Japan and South Korea were also allegedly targeted for computer system infiltration by the U.S. government.

--Neal Ungerleider

6:25 am, 07/01/13

U.S. Relationship With Europe Hit By Snowden Papers

The Guardian is busily getting on with the business of publishing some of the documents obtained by Edward Snowden, and they make uncomfortable reading for American diplomats in Europe--not to mention the State Department in Washington. Berlin has accused the U.S. of treating it "like a cold war enemy," after Der Spiegel reported seeing evidence indicating that American security agencies bugged the offices of the E.U. in Washington, and the U.N. in New York.

France, Greece, and Italy were all "targets" of the NSA, says The Guardian, which lists other allies of the U.S., including Mexico, Japan, India, South Korea, and Turkey.

The news report mentions a document that lists 38 embassies and missions as "targets," detailing espionage methods used against each one. Bugs in encrypted faxes, cable taps, transmissions with specialized antennae, all of these were used to gather information.

--Addy Dugdale

1:25 pm, 06/28/13

Snowden's Dad Appears On The Today Show

Edward Snowden's father, Lonnie Snowden, just appeared on the Today show. The elder Snowden, who has not spoken with his son since April, hinted Edward might return to the United States if several conditions are met--and that his son is not a traitor. Via NBC:

“At this point I don't feel that he's committed treason. He has in fact broken U.S. law, in a sense that he has released classified information,” Lonnie Snowden told NBC’s Michael Isikoff in an exclusive interview that aired on TODAY. “And if folks want to classify him as a traitor, in fact he has betrayed his government. But I don't believe that he's betrayed the people of the United States. “

Snowden said he has told Attorney General Eric Holder through his lawyer that his son will probably return home if the Justice Department promises not to detain him before a trial nor subject him to a gag order. He also wants his son to choose where a trial would take place.

--Neal Ungerleider

1:10 pm, 06/28/13

Evidence Points To Secret Verizon/AT&T Relationship With NSA

One of the documents The Guardian leaked yesterday strongly infers that both Verizon and AT&T have secret relationships with the NSA dating back to at least 2009. According to convincing evidence collected by CNET's Declan McCullagh, both providers allow the intelligence agency to tap into their fiberoptic cables, gateway switches, and data networks.

--Neal Ungerleider

7:15 am, 06/28/13

Army Restricts Internet Access To The Guardian

The Monterey County Herald is reporting that the U.S. Army is filtering access to The Guardian across the whole of the force. A spokesman for the Army Network Enterprise Technology Command, or NETCOM, told the paper in an email that "some access to press coverage and online content about the NSA leaks" was being denied.

The Department of Defense refers to this as "network hygiene", and it is a regular occurence, the spokesman, Gordon Van Vleet, wrote.

--Addy Dugdale

12:15 pm, 06/27/13

Acting AG Who Threatened To Quit Over Illegal Surveillance Stayed On Anyway

One more interesting Guardian disclosure...

You know that one friend who threatens to move to Canada if (insert favorite hated political candidate here) got elected? The government equivalent of them is James Comey, the incoming FBI chief. According to The Guardian, the 6'8" Comey threatened to quit his old post as acting attorney general in 2004 if the NSA continued warrantless surveillance of American citizens' internet records.

But, The Guardian continues, Comey never did. He stayed on board as the NSA continued their preexisting internet surveillance routine, which continued to operate--albeit under a different legal theory.

--Neal Ungerleider

11:30 am, 06/27/13

EvilOlive and ShellTrumpet: How The NSA Logs American Citizens' Emails

Well, the conspiracy theorists and paranoid civil liberties fringe types have won. A new scoop by Glenn Greenwald and Spencer Ackerman at The Guardian reveals a document dump with details on how the NSA harvests massive amounts of email metadata from American citizens. A series of top-secret programs with names such as EvilOlive and ShellTrumpet began under the Bush administration and were continued--and expanded--under the Obama administration. The two programs collect massive amount of Internet traffic metadata in bulk; the bulk metadata is then handled for unknown purposes (storage? pattern analysis?) by the Special Source Operations (SSO) directorate within the NSA.

In this case, it's appropriate to just let The Guardian article speak for itself:

This new system, SSO stated in December, enables vastly increased collection by the NSA of internet traffic. "The 1EF solution is allowing more than 75% of the traffic to pass through the filter," the SSO December document reads. "This milestone not only opened the aperture of the access but allowed the possibility for more traffic to be identified, selected and forwarded to NSA repositories."

It continued: "After the EvilOlive deployment, traffic has literally doubled."

The scale of the NSA's metadata collection is highlighted by references in the documents to another NSA program, codenamed ShellTrumpet.

On December 31, 2012, an SSO official wrote that ShellTrumpet had just "processed its One Trillionth metadata record".

It is not clear how much of this collection concerns foreigners' online records and how much concerns those of Americans. Also unclear is the claimed legal authority for this collection.

Explaining that the five-year old program "began as a near-real-time metadata analyzer … for a classic collection system", the SSO official noted: "In its five year history, numerous other systems from across the Agency have come to use ShellTrumpet's processing capabilities for performance monitoring" and other tasks, such as "direct email tip alerting."

--Neal Ungerleider

7:15 am, 06/27/13

Records Of Internet Chats By Edward Snowden Reveal He Thought Leakers Should Be Shot

In the balls, to be more specific. Ars Technica has unearthed records of the NSA whistleblower's chat history on the site's public Internet Relay Chat server. His conversations with others, under the username TheTrueHOOHA, reveal Snowden as a typical I.T. geek, young, fresh out of college, idealistic and cynical at the same time. But it also reveals some fascinating little snippets about the 30-year-old, currently "in transit" in a Moscow airport.

The 23-year-old Snowden began posting in 2007, when he was posted to Switzerland by the CIA. At first, he was not a fan of the country--but soon got to like the life in Europe, citing the girls and Switzerland's picture postcard looks, although he was, as Ars says, "critical of the Swiss... Snowden saw a country of overpaid racists."

He was a fan of shorting stocks and the gold standard, and thought that both the U.S. dollar and British Pound Sterling were about to go kaput in 2009. What Snowden didn't like, however, was Social Security, and the Muslims in East London, although he thought it was "nice they set up their own community."

During the 2009 elections, Snowden said that he could only support Presidential candidate Barack Obama if he joined forces with his then rival, John McCain. Hillary Clinton would be "a pox on the country."

The three-page post points out that, although Snowden showed strong Libertarian views on some things, he was a staunch supporter of the work and structure of the security agencies in the U.S. When the New York Times published a story on U.S. action in Iran that was based on leaked information, he wondered if the newspaper was trying to start a war. "You don't put that shit in the newspaper," he raged, before railing against the anonymous sources. "These people should be shot in the balls."

Snowden's last post on the Ars network was in 2010. He went public with his devastating knowledge of the NSA's Prism project just three years later.

--Addy Dugale

6:05 pm, 06/26/13

Glenn Greenwald Self-Discloses In Guardian

Journalist and commentator Glenn Greenwald, who played a major role in making the NSA surveillance leaks public, took to The Guardian's pages to self-disclose details from his past in response to inquiries he claims to have received from the New York Daily News and New York Times. In the newspaper, Greenwald admitted to participation in a company that was involved with adult film distribution, and issues with past tax debt. Greenwald said:

When I made the choice to report aggressively on top-secret NSA programs, I knew that I would inevitably be the target of all sorts of personal attacks and smears. You don't challenge the most powerful state on earth and expect to do so without being attacked. As a superb Guardian editorial noted today: "Those who leak official information will often be denounced, prosecuted or smeared. The more serious the leak, the fiercer the pursuit and the greater the punishment."

--Neal Ungerleider

5:40 pm, 06/26/13

NSA Withdraws FISA Fact Sheet Under Congressional Pressure

The NSA removed a fact sheet on the secretive FISA program from their website today after two senators accused the agency of misrepresenting key aspects of FISA. Due to the classified nature of the FISA program, which sends secret warrants to individuals which they are then forbidden from disclosing to loved ones or the general public, Senators Ron Wyden (D-OR) and Tom Udall (D-Co) did not disclose what exactly they believed the agency was misrepresenting.

In the letter, the senators said that it "portrays protections for Americans' privacy as being significantly stronger than they actually are."

Wyden and Udall also warned that knowing the full scope of the NSA's surveillance efforts within the United States would significantly erode citizen faith in the federal government:

When the NSA makes inaccurate statements about government surveillance and fails to correct the public record, it can decrease public confidence in the NSA's openness and its commitment to protecting Americans' constitutional rights.

Why was the fact sheet taken off the NSA's website? Here is what NSA spokesperson Judith Emell told the Huffington Post:

Given the intense interest from the media, the public, and Congress, we believe the precision of the source document (the statute) is the best possible representation of applicable authorities.

In other words, the NSA will not touch the basics of how they implement a complicated and bizarre spying program other than by making the complicated and bizarre source document available to the public. Both Senators Wyden and Udall have significant doubts about how FISA is actually used in real life which they are unable to share with the American public due to secrets laws.

The original NSA fact sheet which was taken offline is still available through Scribd.

--Neal Ungerleider

5:30 pm, 06/26/13

The Snowden Leaks: A Russian Perspective

Writing over at op-ed site Bloomberg View, Russian author Leonid Bershidsky has an interesting take on recent disclosures of the NSA's massive, semi-secret phone and Internet spying regime. According to Bershidsky, the NSA's program isn't effective at stopping terrorism. In fact, it's not even good for monitoring terrorists. What is it good for? Well... he doesn't say directly, but reading between the lines it seems like something that rhymes with packing the trublic. One interesting excerpt:

Even complete access to these servers brings U.S. authorities no closer to the core forums. These must be infiltrated by more traditional intelligence means, such as using agents posing as jihadists or by informants within terrorist organizations.

Similarly, monitoring phone calls is hardly the way to catch terrorists. They’re generally not dumb enough to use Verizon. Granted, Russia’s special services managed to kill Chechen separatist leader Dzhokhar Dudayev with a missile that homed in on his satellite-phone signal. That was in 1996. Modern-day terrorists are generally more aware of the available technology.

At best, the recent revelations concerning Prism and telephone surveillance might deter potential recruits to terrorist causes from using the most visible parts of the Internet. Beyond that, the government’s efforts are much more dangerous to civil liberties than they are to al-Qaeda and other organizations like it.

--Neal Ungerleider

12:30 pm, 06/26/13

Typography That Plays With The NSA's Surveillance Tactics

Over at Co.Design, our Mark Wilson spoke with Sang Mun, a Korean-American artist who worked with U.S. troops and the NSA during his mandatory South Korean Army service at an unknown technology position. Mun is the creator of ZXX, a typeface designed to defeat optical character recognition technologies used by the NSA:

In its sans and bold forms, ZXX is completely legible (by humans and machines). But the free downloadable font comes with four illegible styles--Camo, False, Noise, and Xed--that Mun created with the eye of a designer and the acuity of an ex-NSA agent. Camo, for instance, looks like letters wearing camouflage--but there’s a good reason beyond the military overtones. That pattern also confuses the logic driving optical character recognition devices. In other words, something typed in Camo can’t be scanned and algorithmically converted to computer-comprehended text.

Of course, the NSA and other agencies can read ZXX even after it's been rendered illegible; it just requires a bit more work. It's important to note that the typeface has nothing to do with PRISM at all--metadata attached to messages and viewing emails in plain text gives access to content nonetheless. ZXX's value is primarily in use for scanned and printed documents. But as a piece of typography deliberately designed to raise awareness of surveilllance, it's well done.

--Neal Ungerleider

8:00 am, 06/26/13

Germany Calls British Mass Monitoring A Hollywood Nightmare

Germany has criticized the U.K.'s mass monitoring of phone and Internet traffic, calling it not conducive to free and democratic societies. Justice minister Sabine Leutheusser-Schnarrenberger has sent letters to her British counterpart, Chris Grayling, and the U.K.'s home secretary, Theresa May.

As well as stressing just how much discomfort the revelations that GCHQ's Project Tempora have caused in Germany, Ms. Leutheusser-Schnarrenberger asks how much German citizens have been targeted.

Germany has very strong views on personal privacy--as Google has found out in the past. In 2012, it signed up to the Verein Selbstregulierung Informationswirtschaft, along with Nokia and Microsoft and, under privacy proposals in 2010, it outlined plans to prevent bosses from checking out the Facebook profiles of potential employees.

Britain's Foreign Minister, William Hague, defended the surveillance programs in both the U.S. and the U.K. in a speech in California last night at the Ronald Reagan Presidential Library. He called the intelligence-sharing between the two countries "unique and indispensable," adding that it was done within a strong legal framework.

"We operate under the rule of law and are accountable for it. In some countries secret intelligence is used to control their people--in ours it only exists to protect their freedoms.

"We should always remember that terrorists plan to harm us in secret, criminal networks plan to steal from us in secret, foreign intelligence agencies plot to spy on us in secret and new weapons systems are devised in secret. We cannot protect the people of our countries without devising some of the response to those threats in secret."

7:15 am, 06/26/13

Ecuador Has Citizen Surveillance Programs Too

Here's a not-so-subtle message from Washington: You don't like the U.S. surveillance programs? Well, other countries--including Ecuador--are just as bad. That is the parse of a BuzzFeed post outlining all the monitoring and surveillance practices that President Rafael Correa's government has at its disposal for Ecuador's citizens.

The country spent $500,000 on an Israeli-built GSM interceptor, and was the first nation to implement a facial- and voice-recognition ID system. And SENAIN, the Ecuadorian intelligence agency, seems to want to get its hands on some drones, too. (Well, don't we all?)

7:05 am, 06/26/13

Jimmy Wales Breaks Wikipedia Rules In Hunt For Snowden

Wikipedia founder Jimmy Wales has been musing on whether Edward Snowden may have edited Wikipedia pages before turning to his current career of uber-mole and secret-service cracker. Examiner.com is reporting that Wales wrote a post on his "Talk" page asking if there is any evidence of Snowden's hand on Wikipedia's edit buttons.

I'm sure this has been discussed somewhere. In the media there have been reports of user accounts used on various tech discussion sites by Edward Snowden. He was apparently quite an active person online, particularly a few years back when he was younger. It seems highly likely to me that he would have edited Wikipedia--most people who fit his profile (tech savvy, Internet activist types) will have done so. Do we have any evidence of that, or suspicions about that?

As Examiner.com points out, however, Wikipedians can't find identities of other contributors in the secretive community. One editor, Fram, mentioned this to Wales, who gave him short shrift, accusing him of "harrassment."

6:05 am, 06/26/13

Tim Berners-Lee: Keep Corporations And Governments Away From Internet Control

British computer scientist Tim Berners-Lee, the daddy of the World Wide Web, has spoken about the importance of keeping "total control" of the Internet away from governments and large corporations.

The scientist was at a reception at Buckingham Palace yesterday to receive the inaugural Queen Elizabeth prize for engineering, where he was asked for his thoughts on the NSA scandal. This is what he said:

"The original design of the web of 24 years ago was for a universal space, we didn't have a particular computer in mind or browser, or language.

"When you make something universal … it can be used for good things or nasty things … we just have to make sure it's not undercut by any large companies or governments trying to use it and get total control."

--Addy Dugdale

4:05 pm, 06/25/13

Edward Snowden Has a Plan B

Well, it's official: Edward Snowden is crazy like a fox. In a long exclusive piece, The Daily Beast's Eli Lake details Snowden's Plan B if something happens to him: A massive cache of encrypted files, hidden on the Internet by his friends and allies in multiple locations, will be decrypted. These files contain a huge dump of NSA secrets of all sorts that apparently shed a great deal of information on the technical specifications of America's spy apparatus. Having access to them would be a field day for the intelligence service of any country in the world, and create significant hindrances for the NSA's legitimate foreign operations.

From the article:

Glenn Greenwald, the Guardian journalist who Snowden first contacted in February, told The Daily Beast on Tuesday that Snowden “has taken extreme precautions to make sure many different people around the world have these archives to insure the stories will inevitably be published.” Greenwald added that the people in possession of these files “cannot access them yet because they are highly encrypted and they do not have the passwords.” But, Greenwald said, “if anything happens at all to Edward Snowden, he told me he has arranged for them to get access to the full archives.”

[Image: Defense Department]

--Neal Ungerleider

4:00 pm, 06/25/13

How The NSA Searches For Data On Certain American Citizens

Those endless email and phone archives that the NSA has been accumulating so they can monitor the communications of non-citizens? Well, they also use them to keep tabs on citizens of interest too. The Emptywheel blog just uncovered some interesting NSA regulatory jujitsu:

The procedures make it clear that, with authorization from the NSA Director, even communications entirely between US persons may be retained (see section 5) if they are of significant intelligence value. Communications showing a communications security vulnerability may also be retained (this permission, related to cybersecurity, was not made public in the NSA handout).

--Neal Ungerleider

11:00 am, 06/25/13

Putin: Snowden Within Moscow Airport Transit Zone

In the latest installment of the John le Carre/Where In The World Is Carmen San Diego? mash-up that is Edward Snowden's path for sanctuary and asylum, the NSA whistleblower has been confirmed as being at the airport in Moscow. Russian President Vladimir Putin says Snowden is in the transit zone at Sheremetyevo Airport, which technically means he did not enter Russian soil yet.

However, the airport was flooded with journalists upon rumors that Snowden was transiting through Moscow on a flight to Havana--a flight, of course, that he never flew on. Snowden was not seen at the airport by any of these journalists.

Unfortunately for Snowden, Sheremetyevo's hotels are all on the outside of passport control. According to Russia Today, Putin said that any accusations of Russian involvement with Snowden are "ridiculous."

--Neal Ungerleider

5:30 am, 06/25/13

Russia Denies Snowden Ever Entered The Country As U.S. And China Trade Blows

At a press conference in Moscow, a Russian minister said Edward Snowden never entered the country. Foreign secretary Sergei Lavrov also told journalists that U.S. attempts to play the blame game with Russia were "groundless and unacceptable."

"We are in no way involved with either Mr. Snowden, his relations with U.S. justice, nor to his movements around the world." There is, of course, a possibility that, despite landing on Russian soil, Snowden remained airside--never entering the terminal building, never handing over his passport to be stamped by Russian Immigration, maybe never even leaving the aircraft he flew in on.

Yesterday, the White House criticized both China and Russia for their part in letting Snowden slip away. The decision by Hong Kong (or China, depending on how independent you feel the former British territory is from its mainland masters) to reject the U.S. extradition warrant on a technicality was, according White House spokesman Jay Carney, "A deliberate choice by the government to release a fugitive despite a valid arrest warrant, and that decision unquestionably has a negative impact on the U.S.-China relationship."

China has denied the accusations, saying the U.S. claims are "groundless and unacceptable."

Carney said Russia was asked to consider the extradition papers in order to expel the NSA whistleblower. But with Moscow's claims that Mr. Snowden never entered Russia, there is no potential extradition to speak of--despite the fact that the White House strongly believes that the mole is still in the country.

--Addy Dugdale

1:15 pm, 06/24/13

Snowden: I Took Booz Hamilton Job Specifically To Find Evidence Of NSA Surveillance

Well, for everyone wondering why Edward Snowden took a relatively low-paying job at Booz Allen Hamilton in Hawaii, we now know. In an interview with the South China Morning Post, Snowden said that he took the job so he could gather evidence of NSA surveillance:

For the first time, Snowden has admitted he sought a position at Booz Allen Hamilton so he could collect proof about the U.S. National Security Agency’s secret surveillance programmes ahead of planned leaks to the media.

“My position with Booz Allen Hamilton granted me access to lists of machines all over the world the NSA hacked,” he told the Post on June 12. “That is why I accepted that position about three months ago.”

During a global online chat last week, Snowden also stated he took pay cuts “in the course of pursuing specific work.”

Freelance spying on the NSA or taking a job specifically to do some whistleblowing? Interestingly, the Post's interview was conducted way back on June 12. We're now taking suggestions about why the Hong Kong-based newspaper sat on a scoop that big for so long.

--Neal Ungerleider

7:15 am, 06/24/13

Journalists Are On The Plane To Havana, Snowden Is Not

Snowden is reportedly a no-show for his flight from Moscow to Havana, which is packed to the brim with reporters chomping at the bit to speak with him. Gawker editor Max Reed tweeted: "A dozen journalists stuck on dry flight to Cuba watching the James Franco Oz movie." Now the question on every conspiracy theorist's lips is this: Did Snowden actually make it to Moscow, or is this one of the best post-Soviet intelligence ops we've seen in a long time? Stay tuned.

6:00 am, 06/24/13

Snowden Leaves Hong Kong For Ecuador, Via Moscow, Cuba

The NSA whistleblower is on the move. Edward Snowden left Hong Kong for Moscow on Sunday after the Chinese territory's authorities blocked an extradition effort by the U.S. Apparently the paperwork was fluffed--or, as a spokesman for the Hong Kong government said, "the documents provided by the U.S. government did not fully comply with the legal requirements under Hong Kong law."

The U.S., which has revoked its citizen mole's U.S. passport, called the decision "particularly troubling."

Now, Snowden is en route to Ecuador via Cuba and Venezuela for possible asylum. He was accompanied on his trip by Wikileaks' "own diplomats and legal advisors," said a spokesperson for the website. Moscow's airport last night was crawling with Russian secret agents and Ecuadorian diplomats who tried to talk with the whistleblower.

The Guardian, which has one of its journalists booked on the same Havana flight as Snowden, reports Russian airline Aeroflot is threatening to take passengers' phones away from them for the duration of the flight. And Russia's secret agents are changing terminals, says Reuters, who has also just spotted a VIP van drawing up next to the Cuba-bound plane--or could this be a massive decoy operation?

--Addy Dugdale

1:50 pm, 06/21/13

British Intelligence Has Secret Access To World's Communications

And The Guardian just published a massive scoop... The British government has a highly secret program which taps into transatlantic fiber cables and copies data equivalent to the entire British Library onto intelligence servers every eight minutes. This information was then shared with the NSA. From the newspaper:

One document described how there were 2 billion users of the Internet worldwide, how Facebook had more than 400 million regular users and how there had been a 600% growth in mobile Internet traffic the year before. "But we are starting to 'master' the Internet," the author claimed. "And our current capability is quite impressive."

The report said the UK now had the "biggest Internet access in Five Eyes" – the group of intelligence organisations from the US, UK, Canada, New Zealand and Australia. "We are in the golden age," the report added.

There were caveats. The paper warned that American Internet service providers were moving to Malaysia and India, and the NSA was "buying up real estate in these places". "We won't see this traffic crossing the UK. Oh dear," the author said. He suggested Britain should do the same and play the "US at [their] own game … and buy facilities overseas".

The Guardian also published a snippet from a training manual for UK intelligence's Internet monitors. Employees were told that "You are in an enviable position--Have fun and make the most of it."

1:45 pm, 06/21/13

Encrypting Your Email Draws Extra NSA Scrutiny

Buried in the newly leaked regulations for NSA monitoring of email and phone communications is the fact that the NSA stores all encrypted communications they encounter until a future time when computers powerful enough to decrypt them will be produced:

In the context of a cryptoanalytic effort, maintenance of technical data bases requires retention of all communications that are enciphered or reasonably believed to contain secret meaning, and sufficient duration may consist of any period of time during which encrypted material is subject to, or of use in, cryptanalysis.

In other words, no matter why you're encrypting your communications, the government is interested.

--Neal Ungerleider

7:00 am, 06/21/13

Secret NSA Documents And Rumored Private Jet For Snowden Asylum

The Guardian last night released two documents from the Prism project. One details the procedure process for "targeting" non-U.S. citizens. The Guardian claims this document shows no warrant is needed for U.S. data. The other minimizes data collection from U.S. persons. This, says The Guardian, allows government agencies to use data that has been inadvertently collected from individuals, as sanctioned by FISA court officials.

This means the NSA can:

  • Keep data containing details of U.S. citizens for up to five years.
  • Retain and use "inadvertently acquired" domestic communications if containing useable evidence.
  • Preserve "foreign intelligence information" from attorney-client communications.
  • Access the content of U.S.-based devices or phone numbers to determine if targets are in the country, and whether further surveillance is needed.

The South China Morning Post is reporting that a businessman with links to WikiLeaks has readied a private jet to fly Edward Snowden from Hong Kong to Iceland. Olafur Sigurvinsson, who is the head of a partner firm of the whistleblower website, DataCell, said everything was ready to go, bar a nod from the Icelandic government.

WikiLeaks spokesperson, Julian Assange, currently sheltering in the Ecuadorian embassy in London, said he and Snowden's people had been in touch to discuss the possibility of asylum in the Scandinavian country.

--Addy Dugdale

9:25 am, 06/20/13

FBI Director Mueller: We Need More Internet Surveillance Power

In testimony to the Senate Judiciary Committee on Wednesday, FBI Director Robert Mueller asked lawmakers to give the FBI additional power to spy on the Internet:

The rapid pace of advances in mobile and other communication technologies continues to present a significant challenge for conducting court-approved electronic surveillance of criminals and terrorists [...] Because of this gap, law enforcement is increasingly unable to gain timely access to the information to which it is lawfully authorized and that it needs to protect public safety, bring criminals to justice and keep America safe.

Part of the problem with both mission creep on the FBI's part and unclear supervision of the NSA surveillance regimes is an inability to reconcile 20th century wiretap models with the 21st century. The Internet and digital communications are very different from landline telephones, but the law does not necessarily reflect that.

--Neal Ungerleider

9:15 am, 06/20/13

Skype's Secret "Project Chess" For Intelligence Agency Collaboration

The New York Times quietly dropped a major scoop today: Skype, which is used by dissidents around the world, has a secret program for collaboration with intelligence agencies and law enforcement called Project Chess:

Skype, the Internet-based calling service, began its own secret program, Project Chess, to explore the legal and technical issues in making Skype calls readily available to intelligence agencies and law enforcement officials, according to people briefed on the program who asked not to be named to avoid trouble with the intelligence agencies.

Project Chess, which has never been previously disclosed, was small, limited to fewer than a dozen people inside Skype, and was developed as the company had sometimes contentious talks with the government over legal issues, said one of the people briefed on the project. The project began about five years ago, before most of the company was sold by its parent, eBay, to outside investors in 2009. Microsoft acquired Skype in an $8.5 billion deal that was completed in October 2011.

A Skype executive denied last year in a blog post that recent changes in the way Skype operated were made at the behest of Microsoft to make snooping easier for law enforcement. It appears, however, that Skype figured out how to cooperate with the intelligence community before Microsoft took over the company, according to documents leaked by Edward J. Snowden, a former contractor for the N.S.A.

Microsoft officials declined to affirm previous comments made that Skype calls are not wiretapped. The use of Skype is commonplace among rebels in the Syrian Civil War and by anti-government protesters in Central Asia, just to name a few.

--Neal Ungerleider

9:05 am, 06/20/13

Congressional Intelligence Committees (Unsurprisingly) Receive Intelligence Contractor Donations

The House and Senate Committees on Intelligence are where the legislative branch are briefed on classified surveillance programs by the NSA and other intelligence agencies. Much of this surveillance work is carried out on the NSA and CIA's behalf by outside contractors, which has been a growing trend since the PATRIOT Act passed way back in 2001. Blogger Troy Jurimas just wrote an interesting post compiling contractor donations to the Inteligence Committees' members. Unsurprisingly, members are knee deep in contractor donations. Here is a small sample:

Peter King-New York (R) $13,500 Northrop Grumman/$13,000 General Dynamics/$11,000 Raytheon Co/$10,00 Boeing Co/$10,000 Honeywell International/$10,000 Lockheed Martin/$6,000 BAE Systems

Frank A. LoBiondo- New Jersey (R) $12,000 Northrop Grumman/$10,000 Boeing Co/$10,000 Honeywell International/$10,000 Raytheon Co/$9,000 General Dynamics/$8,000 BAE Systems/$8,000 Lockheed Martin

Devin Nunes- California (R) $8,000 Honeywell International/$7,500 Lockheed Martin/$7,000 Northrop Grumman

It is important to note that many representatives and senators received donations which had to do with contractors having officers or facilities in their jurisdiction or state.

--Neal Ungerleider

12:30 pm, 06/19/13

Google's Chief Legal Officer Pushes For Global Data-Gathering Rules

George Drummond, Google's Chief Legal Officer, had a live Q&A on The Guardian yesterday afternoon. In it, he vociferously denied that his firm was "in cahoots" with the NSA, as well as calling for the world's governments to get together and come up with some basic rules on gathering information in secret.

Remember that this is not just about the US government, but European and other governments too. It's really important that all of us give close scrutiny to any laws that give governments increased power to sift through user data.

The Prism scandal has had one unlikely winner: the DuckDuckGo search engine. The Philly-based website, which doesn't keep users' search information, has had a surge in traffic since the scandal broke earlier this month. It announced the news on Twitter.

--Addy Dugdale

12:30 pm, 06/19/13

Congressional Slips Of Tongue Indicate NSA Recording American's Phone Calls

Blogger and developer Jeff Lyon parsed on-the-record statements by members of Congress. Lyon found compelling evidence that the NSA is monitoring and recording the content of Americans' phone calls without a warrant... and not just the metadata:

So they’re storing the actual content of phone calls and emails in some NSA database somewhere. No big deal, and rest assured, they won’t look at it unless they really don’t like you. I guess that’s what Representative Loretta Sanchez meant when she said that Snowden’s leaks were just the “tip of the iceberg.”

This shouldn’t come as a shock, but look at it for what it is: to date, the government has only acknowledged that they receive (not “collect”) telephone records on millions of American citizens. They have not acknowledged that they also get the content from those phone calls. They’ve noted that the specific FISC order that Snowden leaked does not apply to content, but they’ve stopped short of denying that similar court orders exist that would apply to content. And really, they wish we’d stop asking them about it because it’s classified.

Meanwhile, security researcher Bruce Schneier gave speculation that is actually useful--and far from the usual conspiracy-mongering that crowds so much of this space.

I believe that, to the extent that the NSA is analyzing and storing conversations, they're doing speech-to-text as close to the source as possible and working with that. Even if you have to store the audio for conversations in foreign languages, or for snippets of conversations the conversion software is unsure of, it's a lot fewer bits to move around and deal with.

--Neal Ungerleider

11:30 am, 06/19/13

A Legal Scholar Explains America's Secret Email Surveillance Regime

Via Glenn Greenwald, here is the best explanation of the FISA surveillance regime that we've ever seen. According to Harvard Law School professor Jeff Balkin:

The Fisa Amendments Act of 2008, effectively gives the President - now President Obama - the authority to run surveillance programs similar in effect to the warrantless surveillance program [secretly implemented by George Bush in late 2001]. That is because New Fisa no longer requires individualized targets in all surveillance programs. Some programs may be 'vacuum cleaner' programs that listen to a great many different calls (and read a great many e-mails) with any requirement of a warrant directed at a particular person as long as no US person is directly targeted as the object of the program...

New Fisa authorizes the creation of surveillance programs directed against foreign persons (or rather, against persons believed to be outside the United States)--which require no individualized suspicion of anyone being a terrorist, or engaging in any criminal activity. These programs may inevitably include many phone calls involving Americans, who may have absolutely no connection to terrorism or to Al Qaeda.

--Neal Ungerleider

7:30 am, 06/19/13

NSA Contemplates A Change Of Procedure, Google Challenges FISA

Google has cited the First Amendment in an attempt to get the Foreign Intelligence Surveillance court, or FISA, to relax its gag orders on data requests. The search giant argues it has a constitutional right to speak about any data that it is forced to hand over to the government, in an attempt to "protect its reputation," reports the Washington Post.

General Keith Alexander, the NSA's director, was in front of Congress's Intelligence Committee yesterday, where he said the agency was contemplating a change to the way it handles sensitive information. Sensitive documents could only be saved on an external device using a "two-person" system--meaning that all those contracted operators like Edward Snowden, who was a Booz Allen employee, would need a second person, most likely from the Department of Defense, to make sure no unauthorized data was being collected.

This is the same system implemented in part by the U.S. military following Bradley Manning's passing of secret files to Wikileaks.

--Addy Dugdale

5:30 pm, 06/18/13

Who Is The FISA Secret Court Mole?

Did Ed Snowden have a mole feeding him information from the secret FISA court, whose investigation targets could not even tell their loved ones they were under federal investigation? Reading between the lines, Eli Lake over at the Daily Beast really, really hinted in that direction:

U.S. intelligence officials were careful to say investigators have not yet concluded there is a mole inside the FISA Court or that the secure databases that store the court warrants have been compromised, only that both prospects were under active investigation.

If the secret court has been breached, it would be one of the most significant intelligence failures in U.S. history, potentially giving America’s adversaries a road map to every suspected agent inside the United States currently being watched by the FBI, according to the officials. Unlike the Verizon order and other such sweeping collection demands that have been received by Internet and telecom companies, many FISA warrants identify a specific individual or entity being monitored by the U.S. government.

“If we have a human or electronic breach in this system it could be a counter-intelligence disaster. It would allow our adversaries to see what we are targeting and how,” said Joel Brenner, a former inspector general and senior counsel for the NSA who left the agency in 2010.

“If they got access into the database or mainframe that the warrants are housed in, this compromises our country’s most closely guarded ongoing investigations,” Hoekstra said. “This would be like Aldrich Ames,” referring to the CIA officer who told the Soviet Union about moles inside the USSR working for the United States for nearly a decade, with several of the operatives he outed arrested and executed by the Soviets. “This would be breathtaking.”

Stewart Baker, a former general counsel to the NSA, just said such a breach would be “very bad.”

Alternately, Lake hints that the leak could have come from compromised servers at the secret court. If either option is true it will constitute a major news story of its own.

--Neal Ungerleider

[Image: Mick E. Talbot/Wikimedia

5:10 pm, 06/18/13

NYPD Chief: NSA Surveillance Should Be Everywhere, And The Public Should Know It

I think the American public can accept the fact if you tell them that every time you pick up the phone it’s going to be recorded and it goes to the government [...] I think the public can understand that. I see no reason why that program was placed in the secret category.

-New York Police Commissioner Ray Kelly said this to the New York Post in today's paper. However, Kelly also has a vested political interest in attacking the federal goverment today. The Police Commissioner is in a very public quarrel with Attorney General Eric Holder over the NYPD's stop-and-frisk policy.

--Neal Ungerleider

5:00 pm, 06/18/13

Snowden Seeking Iceland Asylum Via Wikileaks

As expected, Ed Snowden is attempting to apply for asylum in Iceland. The NSA whistleblower is using an intermediary since international travel is slightly difficult for him at the moment. Wikileaks spokesperson and investigative journalist Kristinn Hrafnsson approached Iceland's government on behalf of Snowden; Hrafnsson was approached by an unnamed middleperson.

The Icelandic government confirmed they received Snowden's asylum request but did not provide any additional information.

[Image: Flickr user Poptech]

--Neal Ungerleider

1:45 pm, 06/18/13

All Internet/Phone NSA Surveillance Requests Rubber-Stamped

Well, civil libertarians and people concerned about reckless NSA oversight of Internet/phone surveillance programs just got one sweet, sweet metric. At a House Intelligence Committee hearing today, NSA head Keith Alexander said that the secret FISA court has never turned down a NSA surveillance request of a potential target. In the last two years, out of the approximately 4,000 requests the NSA made, not one has been turned down by a judge. The Electronic Frontier Foundation, which live-tweeted the hearing, had this to say:

"Is the FISA court a rubber stamp?" NSA chief says no, but in the last two years, they've approved ~4,000 orders, with zero rejections.

Shockingly, there is no court review of individual FISA queries by the NSA. All oversight is done within the Justice Department, by judges who are not accountable to the NSA and who do not report to Congress. These judges were chosen post-2001, primarily by the Bush administration, and are thought to be extremely friendly to increased government surveillance.

NSA chief Keith Alexander then told the FBI deputy director Sean Joyce "I owe (your boss) another beer," which was picked up by a nearby hot mike. Ben Doernberg of human rights organization Witness caught the exchange.

--Neal Ungerleider

7:00 am, 06/18/13

Obama Comments On NSA Surveillance And Snowden's Future

The President gave an interview to Charlie Rose on PBS, talking in detail about the Prism program. Obama explained that, in order for American citizens to enjoy extra security at home and abroad, there had to be a trade-off. (This point is equally relevant the other way around: Extra privacy could come at a cost to national security.) This does not mean that having one meant none of the other, just that compromises needed to be made, Obama said. The job of the president is to protect the American people and to protect the American way of life.

What I can say unequivocally is that if you are a U.S. person, the NSA cannot listen to your telephone calls, and the NSA cannot target your emails … and have not. They cannot and have not, by law and by rule, and unless they — and usually it wouldn’t be “they,” it’d be the FBI -- go to a court, and obtain a warrant, and seek probable cause, the same way it’s always been, the same way when we were growing up and we were watching movies, you want to go set up a wiretap, you got to go to a judge, show probable cause….

So point number one, if you’re a U.S. person, then NSA is not listening to your phone calls and it’s not targeting your emails unless it’s getting an individualized court order. That’s the existing rule. There are two programs that were revealed by Mr. Snowden, allegedly, since there’s a criminal investigation taking place, and they caused all the ruckus.

No content is available to the U.S. agencies without a court order from FISA, or the Foreign Intelligence Surveillance Court. Its dealings are "transparent," Obama said.

At the end of the interview, Charlie Rose asked the President whether a whistle-blower who had caused a national security issue should be prosecuted. Obama deftly passed the buck onto the Justice Department. "I’m not going to comment on prosecution... The case has been referred to the DOJ for criminal investigation… and possible extradition. I will leave it up to them to answer those questions."

--Addy Dugdale

7:20 pm, 06/17/13

Roundup: The Difference Between Ellsberg And Snowden, And Snowden's Non-Denial Of Chinese Contacts' Denial

Two interesting commentaries on the NSA leak case from today. The Atlantic's Garance Franke-Ruta wrote about the difference between Edward Snowden and Daniel Ellsberg:

Ellsberg's actions came at a time when there was a robust social movement demanding change in the exact direction his revelations suggested U.S. policy go -- out of Vietnam. Without the anti-Vietnam War movement, it's arguable he would not have been as important a historical figure, or as daring.

There is no comparable movement to support Snowden, no major anti-surveillance marches on Washington or roiling college campuses, no public burning of Facebook logins and passwords. While there is a robust online libertarian movement concerned with surveillance and privacy issues, there is no force in American life at the present time arguing for change on this front with anything near the power and reach of the anti-Vietnam War movement.

Then, in left-leaning mag Mother Jones, Dana Liebelson wrote about Snowden's chat with The Guardian:

Snowden insists that he has not had any contact with the Chinese government. He adds, "I did not reveal any US operations against legitimate military targets. I pointed out where the NSA has hacked civilian infrastructure such as universities, hospitals, and private businesses because it is dangerous." He also says that "the US media has a knee-jerk 'RED CHINA!' reaction…If I were a Chinese spy, why wouldn't I have flown directly into Beijing? I could be living in a palace petting a phoenix by now." Snowden did not address the close relationship between the Chinese government and its military, business, and civilian institutions.

--Neal Ungerleider

12:15 pm, 06/17/13

Snowden: "Being Called A Traitor By Dick Cheney Is The Highest Honor You Can Give An American."

One more Snowden quote from today's Guardian web chat. This quote is in response to being accused of being a traitor by Dick Cheney:

Journalists should ask a specific question: since these programs began operation shortly after September 11th, how many terrorist attacks were prevented SOLELY by information derived from this suspicionless surveillance that could not be gained via any other source? Then ask how many individual communications were ingested to acheive that, and ask yourself if it was worth it. Bathtub falls and police officers kill more Americans than terrorism, yet we've been asked to sacrifice our most sacred rights for fear of falling victim to it.

Further, it's important to bear in mind I'm being called a traitor by men like former Vice President Dick Cheney. This is a man who gave us the warrantless wiretapping scheme as a kind of atrocity warm-up on the way to deceitfully engineering a conflict that has killed over 4,400 and maimed nearly 32,000 Americans, as well as leaving over 100,000 Iraqis dead. Being called a traitor by Dick Cheney is the highest honor you can give an American, and the more panicked talk we hear from people like him, Feinstein, and King, the better off we all are. If they had taught a class on how to be the kind of citizen Dick Cheney worries about, I would have finished high school.

11:35 am, 06/17/13

Snowden: NSA, FBI, CIA Have Almost Unlimited Access To Phone And Email Records

When asked by Circa's Anthony De Rosa on the Guardian web chat about what intelligence agency "direct access" to metadata and communications records meant, Snowden answered:

More detail on how direct NSA's accesses are is coming, but in general, the reality is this: if an NSA, FBI, CIA, DIA, etc analyst has access to query raw SIGINT databases, they can enter and get results for anything they want. Phone number, email, user id, cell phone handset id (IMEI), and so on--it's all the same. The restrictions against this are policy based, not technically based, and can change at any time. Additionally, audits are cursory, incomplete, and easily fooled by fake justifications. For at least GCHQ, the number of audited queries is only 5% of those performed.

11:10 am, 06/17/13

Snowden: "I Did Not Reveal Any U.S. Operations Against Legitimate Military Targets."

In Ed Snowden's Guardian webchat, the whistleblower claims he did not hand over any military secrets to the Chinese, but did give information of American cyberwar hacks against Chinese universities and public facilities:

Let's be clear: I did not reveal any US operations against legitimate military targets. I pointed out where the NSA has hacked civilian infrastructure such as universities, hospitals, and private businesses because it is dangerous. These nakedly, aggressively criminal acts are wrong no matter the target. Not only that, when NSA makes a technical mistake during an exploitation operation, critical systems crash. Congress hasn't declared war on the countries - the majority of them are our allies - but without asking for public permission, NSA is running network operations against them that affect millions of innocent people. And for what? So we can have secret access to a computer in a country we're not even fighting? So we can potentially reveal a potential terrorist with the potential to kill fewer Americans than our own Police? No, the public needs to know the kinds of things a government does in its name, or the "consent of the governed" is meaningless.

Snowden then declined to answer a question from Glenn Greenwald about how many copies of secret U.S. government documents Snowden made, and if he gave copies to anyone.

9:20 am, 06/17/13

Edward Snowden's Doing A Webchat

Glenn Greenwald and The Guardian just announced that Edward Snowden is conducting a web Q&A at 11 am Eastern on Monday, Reddit AMA-style. The decision, which is simultaneously gutsy, self-promoting, and a way of placating The Guardian after giving scoops to several Hong Kong publications, comes with the following caveat:

The live chat is subject to Snowden's security concerns and also his access to a secure Internet connection. It is possible that he will appear and disappear intermittently, so if it takes him a while to get through the questions, please be patient.

Users can also follow the live chat on Twitter via the #asksnowden hashtag. In other news, Beijing issued a denial that Snowden is a Chinese spy.

--Neal Ungerleider

4:10 pm, 06/14/13

Hadooping The Big Data In The Libertarian NSA

As the workweek winds down to a close, here are some interesting thoughts on the whole big data and government surveillance issue.

NSFWCorp/Pando Daily's Paul Carr and Salon's Andrew Leonard both make the same point: The NSA's reported surveillance of citizens is pretty similar to what Silicon Valley has been doing for a long time in terms of Big Data. In Salon, Leonard notes about the popular Hadoop platform:

“Revolution” is probably the most overused word in the chronicle of Internet history, but if anything, the Wall Street Journal undersold the real story. Hadoop’s importance to how we live our lives today is hard to overstate. By making it economically feasible to extract meaning from the massive streams of data that increasingly define our online existence, Hadoop effectively enabled the surveillance state.

And not just in the narrowest, Big Brother, government-is-watching-everyone-all-the-time sense of that term. Hadoop is equally critical to private sector corporate surveillance. Facebook, Twitter, Yahoo, Amazon, Netflix--just about every big player that gathers the trillions of data “events” generated by our everyday online actions employs Hadoop as a part of their arsenal of Big Data-crunching tools. Hadoop is everywhere--as one programmer told me, “it’s taken over the world.”

Meanwhile, here's Carr on why Silicon Valley and the CIA both love data to death:

Big data is a nerd’s dream: turning human behavior into measurable, understandable graphs, in the same way the big data experts at Netflix claim they can tell viewers who enjoyed “Sneakers” whether they’ll also enjoy “Enemy of the State.” And who has access to more big data than the federal government? Can you really blame the folks at Palantir or Cloudera or Prism Skylabs from getting wet around the lips at the idea of getting into America’s phone records or every instant message we’ve ever sent. Think of all the patterns! Imagine the possibilities! And also: ka-ching!

And therein lies the truth, and the hypocrisy, of Silicon Valley’s outrage over government snooping: The only people who love big data more, and who care about our privacy less, than the NSA are the outraged Libertarians of Silicon Valley.

1:10 pm, 06/14/13

Dell Really, Really Doesn't Like If You Ask If Ed Snowden Worked There

So here's an interesting tidbit: A Dell publicist apparently lost their temper when an ABC News team asked if Edward Snowden worked for the tech giant, which has a history of subcontractor work for intelligence agencies.

Snowden's professional career also included a stint in Japan, with the Texas-based computer giant Dell.

A Dell spokesman has angrily refused to verify Snowden's employment there, at first saying the company had been advised by the Department of Justice not to respond to questions. When a Justice Department official refuted that, the Dell official revised his reasons for remaining silent.

"That request came from our customer," the company spokesman said, without identifying that customer.

--Neal Ungerleider

11:15 am, 06/14/13

U.K. Politicians: You're Not Spying On Us Enough!

The omnipresence of CCTV cameras in the United Kingdom is a pretty good indication that the British take on surveillance is a little different from that of the United States. Let's face it... American law enforcement has to be jealous of London's endless security cameras. Now, senior politicians from the U.K.'s three major political parties have united to demand intelligence services be given further Internet monitoring powers. You know... for counterterrorism. The BBC's Allegra Stratton reports:

But in the letter the Conservative, Labour and Liberal Democrat grandees say: "Far from being a 'snoopers' charter', as critics allege, the draft bill, seeks to match our crime fighting capabilities to the advances in technologies.

"The proposed Communications Data Bill does not want access to the content of our communications but does want to ensure that enough data is available in the aftermath of an attack to help investigators establish 'who, where and when' were involved in planning or supporting it."

Its important to note that the request for increased monitoring powers is as much a C.Y.A. effort resulting from the recent London soldier beheading than a impassioned plea for an emboldened security state.

[Image: Flickr user Kai Hendry]

--Neal Ungerleider

11:00 am, 06/14/13

100,000+ Sign Anti-NSA Snooping Petition

Can slacktivism change things? The Mozilla-backed Stop Watching Us campaign, which demands the U.S. Congress reveal the "full extent of the NSA's spying programs," announced yesterday that over 100,000 Internet users signed their disclosure petition.

Stop Watching Us is backed by a who's who of civil libertarian activists and left-skewing tech firms. But while plenty of Redditors may be happy to sign a petition, it's going to take a lot of cash to hire lobbyists on Capitol Hill and lawyers to take on America's intelligence establishment. Petitions, of course, can only go so far.

--Neal Ungerleider

10:50 am, 06/14/13

Wired's NSA Guy Does Reddit AMA

James Bamford, the Wired national security writer whose stories on the NSA data collection center in Utah and NSA Chief Keith Alexander are things you should read right now, did a Reddit AMA yesterday. Our favorite exchange:

JimBamford 379 points 1 day ago
I think it's mysterious, this cooperation between the NSA and ISPs, and the only thing I can compare it to is the deal with AT&T - where all data flows into their computers filled with software that does deep-pocket inspection, looking for target information and target names and so forth. Whether the NSA created some sort of lock box or portal in cyber space where they can do this, I don't know. But what you have is the NSA saying they have direct access to their servers. And what the tech giants are saying is that they don't give them direct access to their services. What we have then is something in between - is it semantics or truth or both? But eventually it will come out through investigative reporting or congressional hearings or something. I think Snowden is very courageous. He's doing something other people wouldn't do. He's not making any money on it, and he's facing serious repercussions. Last year, in my WIRED cover story on the NSA data-center in Utah, I interviewed a number of former senior officials, including Bill Binney, and they told me very similar things about getting data records from everyone at Verizon and so forth. But the NSA was able to largely brush off those accusations, and the mainstream media just believed them because General Alexander said it. This might have been one of the reasons why Snowden felt this information could only be taken seriously if the public actually got to see the documents. This way, there is no way to brush it under the rug, say these people are lying or exaggerating. A number of whistleblowers have said very similar things. The media and the public only believe it's real, despite the denials, when confronted with actual documents.

--Neal Ungerleider

10:30 am, 06/14/13

How To Comply With A Secret Court Order

When Yahoo received a secret FISA (Foreign Intelligence Surveillance Act) letter requiring them to hand over data to the federal government on foreign users--they had to comply. Because the FISA letters are secret, the Yahoo executives who received them couldn't tell anyone else beyond their lawyers... not even other Yahoo executives could be notified in anything but coded language that didn't include express confirmations or denials. Fighting the FISA letters or asking for a modification would be impossible in real-life terms, putting Yahoo in an awkward Catch-22.

Over at the New York Times, Claire Cain Miller examines what happens when the secret court contacts tech firms:

Like almost all the actions of the secret court, which operates under the Foreign Intelligence Surveillance Act, the details of its disagreement with Yahoo were never made public beyond a heavily redacted court order, one of the few public documents ever to emerge from the court. The name of the company had not been revealed until now. Yahoo’s involvement was confirmed by two people with knowledge of the proceedings. Yahoo declined to comment.

But the decision has had lasting repercussions for the dozens of companies that store troves of their users’ personal information and receive these national security requests--it puts them on notice that they need not even try to test their legality.

[Image: Openclipart user j4p4n]

--Neal Ungerleider

10:15 am, 06/14/13

Microsoft Gives Secret Backdoors To The Government. Now What?

In the post below, we detailed Bloomberg's findings that Microsoft collaborates with the federal government by giving them advance notice of security flaws in MSFT software. In the short period of time before Microsoft patches the security flaws, the FBI, military, and intelligence agencies can presumably use them for all sorts of purposes. These purposes are generally believed to include surveillance on organized crime and terrorist groups in the United States, and espionage actions against America's enemies and rivals abroad.

Fast Company wrote about this before. Back in May, we wrote about the booming zero-day exploit market, where (reportedly) intelligence agencies, corporate rivals, and organized crime buy "exploits" in new software releases discovered by security researchers. This has been an open secret for quite some time--one commonly gossiped about at industry conferences, Hacker News, Slashdot, Twitter, and elsewhere--but it's slowly becoming better known as an aftereffect of the NSA surveillance scandal.

A few quick thoughts:
1) How will civil libertarians in the United States react to the news that huge tech corporations let intelligence agencies use their software for presumed foreign espionage purposes?
2) In more immediate and quantifiable concerns, how will this damage sales by Microsoft and others to foreign customers? In China, Russia, Brazil, India, Indonesia, Malaysia, and other markets, this is sure to encourage purchases of software by homegrown vendors with less chance of giving backdoors to U.S. intelligence. And how can open source operating systems capitalize on this?
3) Microsoft isn't the only firm giving information to the federal government regarding cybersecurity. What about the other ones--what are they sharing?

--Neal Ungerleider

6:00 am, 06/14/13

Government Agencies Swap Data With Thousands Of Firms

Bloomberg is reporting that U.S. agencies regularly swap data with other firms, known as trusted partners.

"Thousands of technology, finance and manufacturing companies are working closely with U.S. national security agencies, providing sensitive information and in return receiving benefits that include access to classified intelligence," it says, citing four anonymous sources.

The information is not just used to protect the United States but also to "help infiltrate computers of its adversaries," something that Edward Snowden alluded to in an interview with the South China Morning Post earlier this week. For example, Microsoft provides the intelligence sector with information about software bugs before it issues a fix to the public.

Wired carries a long profile of Keith Alexander, the head of the NSA, in which it says that the four-star general has beefed up NSA operations and equipped a secret cyber army with the ability to infiltrate, sabotage, and cause mayhem. "Now," says the intro, "it's ready to unleash hell."

--Addy Dugdale

7:10 pm, 06/13/13

NSA: We'll Release Details Of Attacks Prevented By Metadata, Internet Surveillance

Gen. Keith Alexander, head of the NSA (left), told Sen. Dianne Feinstein (D-CA) that the NSA would release details of terrorist attacks thwarted by bulk surveillance of Americans' communication metadata and the use of secretive Internet dropboxes as early as Monday. According to The Guardian's Spencer Ackerman, the upcoming NSA disclosures were announced to Feinstein following an afternoon briefing.

[Image: Defense Department/Glenn Fawcett]

--Neal Ungerleider

6:45 pm, 06/13/13

The NSA Was Defeated By... A USB Stick

Even the mighty NSA can be taken down by a modest USB stick. When Edward Snowden stole proprietary documents from his IT job at Booz Allen Hamilton, he did it with an ordinary USB stick. Officials speaking anonymously with the Los Angeles Times confirmed that Snowden stole those infamous NSA phone- and Internet-monitoring documents the (relatively) old-fashioned way.

While thumb drive use is banned for most NSA employees and contractors working with them, the source said, IT employees are frequently granted exceptions. “There are people who need to use a thumb drive and they have special permission. But when you use one, people always look at you funny," the source said.

But what we're curious about is what kind of poor secrets keeping the NSA was using that would give Snowden--a relatively low-level employee--access to top government secrets. It has shades of the Bradley Manning case; Manning, who also had relatively low rank in the Army, also had access to secrets far beyond his rank.

[Image: Wikimedia user TEL0000]

--Neal Ungerleider

1:30 pm, 06/13/13

NSA Whistleblower Snowden Was A Prolific Ars Technica Commenter

Using the username "TheTrueHooHA," Edward Snowden appears to have prolifically posted on tech news site Ars Technica for nearly 10 years. Snowden's prolific Ars Technica postings were part of a larger (and somewhat endearing) habit of posting on Internet message boards, giving us a more unfiltered look at the NSA whistleblower. Circa's Anthony DeRosa has the scoop, including one revealing comment Snowden made about Cisco wiretap surveillance:

It really concerns me how little this sort of corporate behavior bothers those outside of technology circles. Society really seems to have developed an unquestioning obedience towards spooky types.

I wonder, how well would envelopes that became transparent under magical federal candlelight have sold in 1750? 1800? 1850? 1900? 1950? Did we get to where we are today via a slippery slope that was entirely within our control to stop, or was it an relatively instantaneous sea change that sneaked in undetected because of pervasive government secrecy?

And then the rest, as they say, was history.

--Neal Ungerleider

12:30 pm, 06/13/13

Experts: The NSA Can Track Email, ISP Metadata

At yesterday's contentious U.S. Senate hearing, NSA head Keith Alexander dropped a hint that the intelligence agency may be acquiring IP address visitation and email metadata logs from Internet service providers.

Says CNet's Declan McCullagh:

During a U.S. Senate hearing, NSA director Keith Alexander was asked specifically about whether "e-mail contacts" are ingested under the Obama administration's secret interpretation of the Patriot Act's surveillance powers.

"I don't want to make a mistake" and reveal too much, Alexander said, adding that disclosing details about such surveillance would cause "our country to lose some sort of protection." It would be appropriate, he said, to discuss e-mail and other metadata surveillance in a "classified session" that senators are scheduled to attend Thursday.

Among the small circle of outsiders who closely follow the NSA, the agency's close, long-standing relationship with AT&T, Verizon, and other telecommunications providers is an open secret -- so it would come as little surprise to find they're serving up exabytes of daily e-mail and Web-browsing logs as well.

--Neal Ungerleider

5:00 am, 06/13/13

U.S. Has Been Hacking China For Years, Says Snowden

The South China Morning Post has published more details from Snowden about the NSA's surveillance tactics. Snowden claims the U.S. has been hacking China for years. He believes that the NSA has undertaken over 61,000 hacking operations globally, hundreds of those being aimed at Chinese interests.

"We hack network backbones--like huge Internet routers, basically--that give us access to the communications of hundreds of thousands of computers without having to hack every single one," he said, adding that his revelations were to demonstrate "the hypocrisy of the U.S. government, when it claims that it does not target civilian infrastructure, unlike its adversaries."

The NSA has also been doing some media firefighting of its own. Its head man, General Keith Alexander, appeared before the Senate Appropriations Committee to defend the agency's actions.

“The perspective is that we’re trying to hide something because we did something wrong. We’re not,” Alexander said. “We want to tell you what we’re doing, and tell you that it’s right and let the American people see this.”

The programs operate under the aegis of the Foreign Intelligence Surveillance Court and Congress and have helped stop "dozens of terrorist events."

--Addy Dugdale

1:45 pm, 06/12/13

Redesigning The Wretched NSA #PRISM Powerpoint

Over at Co.Design, our own Sammy Medina examines how French graphic designer Emiland De Cubber recreated the infamous leaked PowerPoint with details of NSA surveillance of Facebook, Google, Skype, and more. In De Cubber's remake, omnipresent state surveillance gains some aesthetics:

--Neal Ungerleider

11:50 am, 06/12/13

Did Anonymous Force Nsa.gov Offline?

As of 11:45 am, the National Security Agency's website, nsa.gov, has been offline for more than two hours. Various Anonymous-affiliated Twitter feeds including @wikicrew and @youranonnews claim members of the activist collective took the NSA's public web presence offline.

--Neal Ungerleider

10:50 am, 06/12/13

How The NSA Uses Big Data

OpenStack, Rackspace's open-source cloud computing platform, is used alongside Hadoop by huge enterprise clients around the world. One of those clients is the NSA.

The NSA's penchant for secrecy lies alongside a serious problem... America's intelligence agencies need top notch tech minds, but the salaries Fort Meade and Langley offer pale in comparison to those in the private sector. So, for recruitment purposes, the NSA has been pretty open about their non-classified and unclassified big data platforms in an attempt to help recruitment.

Check out the video above, where the NSA's Nathanael Burton explains how the NSA uses cloud computing and OpenStack... and don't deny that it is pretty cool. From the Rackspace blog:

Much of the specifics of Burton’s presentation such as computational use cases, installation size, number of users and other juicy details had to be redacted, Burton explained. But he did describe the need for OpenStack, the path to implementation and the benefits the NSA gleaned from the project.

Burton explained that computer scientists within the NSA had to go through a rigorous and time-consuming process of planning projects, specifying their hardware needs and getting requisite approvals. Developers were frustrated. “The problem we were trying to solve was that it took too much time from idea to capability to develop and deploy in our development,” Burton said.

Also, Burton's purple hair and handlebar mustache are the best dress code-stretching things we've ever seen out of any government agency. Well done.

--Neal Ungerleider

10:40 am, 06/12/13

Snowden Giving Further Leaks To Hong Kong Newspaper

Well, Glenn Greenwald can't be happy about this. The South China Morning Post, Hong Kong's main English-language newspaper, just announced they obtained an exclusive interview with Edward Snowden. The newspaper just ran a teaser and promised to reveal additional American surveillance state secrets later today. Here's an excerpt:

“People who think I made a mistake in picking HK as a location misunderstand my intentions. I am not here to hide from justice; I am here to reveal criminality,” Snowden told the Post earlier today.

He vowed to fight any extradition attempt by the US government, saying: “My intention is to ask the courts and people of Hong Kong to decide my fate. I have been given no reason to doubt your system.’’

--Neal Ungerleider

10:30 am, 06/12/13

Snowden Reportedly Seeking Legal Assistance In Hong Kong

The Oriental Daily News, a Chinese-language Hong Kong newspaper, is reporting Edward Snowden reached out to several Hong Kong lawyers (Chinese) in past days, seeking legal assistance in his whistleblowing case.

According to a Google translation of the newspaper article, Snowden and his girlfriend visited Hong Kong in 2012 as well. Unidentified sources who spoke with the Oriental Daily claim Snowden has been in contact with Hong Kong-based human rights lawyers.

--Neal Ungerleider

10:00 am, 06/12/2013

Ed Snowden, Civil Liberties, And Republican Party Rivalries

Members of Congress cannot talk about their interactions with the NSA and other intelligence agencies about possible surveillance of American citizens... but they do hear from intelligence agencies officials from time to time. Some politicians are angered and scared by what they find out, but others take it in stride.

The Ed Snowden disclosures are also creating fissures in the Republican Party. Over at the American Conservative, W. James Antle III has a must-read on the war between the Republican Party's libertarian and security state factions over tech and citizen surveillance, as embodied in Lindsey Graham:

Give Graham credit for consistency: unlike other Republican opportunists, he wants Barack Obama to exercise the same untrammeled executive powers he believes belonged to George W. Bush. No matter who the commander-in-chief is, he says America is a battlefield.

That’s why the ascendancy of Rand Paul--who would be as quick to criticize warrantless surveillance under President Romney, Ryan or Rubio--tears open a real debate within the Republican Party.

[Image: United States Congress]

--Neal Ungerleider

7:30 pm, 06/11/2013

Google Uses SFTP To Communicate With NSA

Kim Zetter of Wired just spoke with Google spokesperson Chris Gaither, who said something very interesting... when handing over information relating to top-secret FISA orders, Google hands over information via secure FTP... or by hand:

“When required to comply with these requests, we deliver that information to the US government--generally through secure FTP transfers and in person,” Google spokesman Chris Gaither told Wired. “The US government does not have the ability to pull that data directly from our servers or network.”

Secure FTP, or SFTP, is a standard utility on Unix and Linux system for transferring files over an encrypted channel.

6:30 pm, 06/11/2013

Roundup: It's Like Daniel Ellsberg Using Reddit

Here are a few takes from today's commentary on the ongoing NSA disclosures that Fast Company believes are of interest:

Nabeel Qureshi of GoCardless has some thoughts on smearing of Edward Snowden and compares it to the Daniel Ellsberg/Pentagon Papers case.

The sad thing is, this stuff works. A lot of my friends are incredibly smart people, but when you ask most of them about Julian Assange, I hear comments like “oh, he’s a bit creepy” or “he seems really narcissistic”. People largely stopped talking about what Wikileaks revealed years ago, & now discussion of Assange is dominated by the usual cliches about him being arrogant, a rapist, etc. That’s when you know the character assassination has worked: when even smart people have forgotten about the real point. As Assange himself said to CNN: “Do you want to talk about deaths of 104,000 people or my personal life?”

Wired's Quinn Norton wrote in ProPublica about practicing safer communications in very down-to-Earth language.

A warning: Computer scientists are terrible at naming things, and trying to get them to explain how things they make work is a world of Lovecraftian horrors. Nowhere is this worse than in crypto, which is full of unintuitive names and nonsensical metaphors. Fortunately you don’t really need to know how cryptography works to use it, though if you want to, there’s a video series that explains the concepts in some detail for a general audience.

And finally, friend of Fast Company danah boyd wrote a blog post trying to cut holes in the argument that NSA surveillance is okay if you have "nothing to hide":

It’s not just one’s own actions that can be used against one’s likeness. Guilt-through-association is a popular American pastime. Remember how the media used Billy Carter to embarrass Jimmy Carter? Of course, it doesn’t take the media or require an election cycle for these connections to be made. Throughout school, my little brother had to bear the brunt of teachers who despised me because I was a rather rebellious students. So when the Boston marathon bombing occurred, it didn’t surprise me that the media went hogwild looking for any connection to the suspects. Over and over again, I watched as the media took friendships and song lyrics out of context to try to cast the suspects as devils. By all accounts, it looks as though the brothers are guilty of what they are accused of, but that doesn’t make their friends and other siblings evil or justify the media’s decision to portray the whole lot in such a negative light.

6:15 pm, 06/11/2013

FISA Tech Revolt Continues With Microsoft Statement

On the heels of Google's open letter to the federal government about super-secret FISA requests (see below), Microsoft issued a statement via email throwing their hat in with Google:

Permitting greater transparency on the aggregate volume and scope of national security requests, including FISA (Foreign Intelligence Surveillance Act) orders, would help the community understand and debate these important issues.

Following Microsoft's email, Google snarkily tweeted "Breaking news. For the first time ever. @Microsoft agrees with Google."

4:50 pm, 06/11/2013

Google To U.S. Government: Let Us Publish More National Security Request Data

David Drummond, Google's Chief Legal Officer, published an open letter to Attorney General Eric Holder and FBI Director Robert Mueller today in Google's official blog. In the letter, Drummond requests that Google be allowed to post more information about national security requests which give intelligence agencies access to proprietary Google user information, including emails and web surfing history:

Assertions in the press that our compliance with these requests gives the U.S. government unfettered access to our users’ data are simply untrue. However, government nondisclosure obligations regarding the number of FISA national security requests that Google receives, as well as the number of accounts covered by those requests, fuel that speculation.

We therefore ask you to help make it possible for Google to publish in our Transparency Report aggregate numbers of national security requests, including FISA disclosures—in terms of both the number we receive and their scope. Google’s numbers would clearly show that our compliance with these requests falls far short of the claims being made. Google has nothing to hide.

Google cannot legally discuss even receiving FISA letters. As the Electronic Frontier Foundation notes, they come with strict gag orders.

4:35 pm, 06/11/2013

Mark Zuckerberg On NSA's Indirect Access To Facebook: "Anyone Can Go To facebook.com"

This morning, Facebook held their annual shareholder meeting in California. At the meeting, shareholders have the opportunity to ask Mark Zuckerberg questions. One of the questions, unsurprisingly, involved NSA surveillance of Facebook.

Los Angeles Times reporter Jessica Guynn, who live-tweeted the investor meeting, reports that Zuckerberg said the NSA can't gain direct access to Facebook. As for indirect access, Zuckerberg said, "Anyone can go to facebook.com."

Zuckerberg went on to hedge bets about NSA monitoring of Facebook, saying that Facebook doesn't work directly with the NSA and doesn't "proactively" give info. The wording leaves the possibility that the NSA obtains information from Facebook through either private data brokers or intelligence contractors with informal backdoor access to Facebook.

3:15 pm, 06/11/2013

Snowden Had A GED And No College Degree. So What?

Edward Snowden, the NSA whistleblower/leaker currently at the center of an international government surveillance scandal, didn't have a conventional academic background. Government intelligence agencies and Booz Allen Hamilton hired him despite the fact that he left community college and only had a GED. Fast Company's own Anya Kamenetz explained how, despite the shock by people like the New York Times' David Brooks that he didn't have formal academic training, more and more companies are hiring technical employees from non-traditional backgrounds:

One of the biggest and fastest-growing non-college STEM jobs, which comes pretty darn close to describing Snowden's former position, is computer systems analyst, a position that earns an average of over $82,000 a year and is growing 22% over this decade. The Department of Labor notes that a bachelor's degree is "not always a requirement" for this job, as long as you "know how to write computer programs."

11:00 am, 06/11/2013

Booz Allen Fires Edward Snowden

Booz Allen Hamilton Holding Corp, a government consulting firm and employer of NSA whistleblower Edward Snowden, confirmed today that it had fired Snowden yesterday for violating its ethics and policies. Snowden had been paid at a rate of $122,000.

Snowden is now said to have left his Hong Kong hotel and his whereabouts are unknown as of the time of writing.

7:00 am, 06/11/2013

Russia "Considers" Offering Snowden Asylum, White House Stays Silent

Russia said this morning that it would consider offering asylum to Edward Snowden. One of its politicians, Alexey Pushkov, a critic of the U.S. and the head of the Duma's international affairs committee, said on Twitter that the move would cause "hysterics" in Washington. “Listening to telephones and tracking the Internet, the US special services broke the laws of their country," he continued. "In this case, Snowden, like [Wikileaks founder Julian] Assange, is a human rights activist.”

The Obama administration is coming under pressure over the affair. Opinion is split over whether Snowden is a traitor to the U.S. or whether the government's surveillance tactics have gone too far. All the White House would say so far is that the whistleblower's actions have sparked an "appropriate debate" and that perhaps the Patriot Act of 2001 needs to be revised.

Meanwhile Peter Boukaert, emergency director of Human Rights Watch, has warned Snowden of the dangers of staying in Hong Kong. The Chinese territory, he tweeted, helped the CIA and MI6 render a Gaddafi opponent back to Libya.

7:00 pm, 06/10/2013

How The NSA Surveillance Story Broke

Activist filmmaker Laura Poitras gave an exclusive interview to Salon's Irin Carmon about her initial contacts with NSA whistleblower Edward Snowden. Here is an excerpt:

So how did this all begin?

I was originally contacted in January, anonymously.

By Edward Snowden?

Well, I didn’t know who it was.

What was the format?

Via email. It said, I want to get your encryption key and let’s get on a secure channel.

And he didn’t say what it was about?

He just said--that was the first, and the second was, I have some information in the intelligence community. and it won’t be a waste of your time.

6:30 pm, 06/10/2013

56% Of Americans Back NSA Monitoring Their Phone Calls, 45% Of Americans Back NSA Monitoring Their Email

The Pew Research Center surveyed 1,004 Americans this weekend on how okay they are with government surveillance of their communications. In collaboration with the Washington Post, Pew found that most Americans are okay with their communication records being aggregated by intelligence agencies as long as the investigations help combat terrorism.

Statistics on the percentages of Americans who value civil liberties over the fight against terrorism remain largely constant with other post-9/11 opinion surveys; 62% of Americans believe it's more important to investigate terrorist threats, and 34% believe it's more important not to intrude on privacy.

10:30 am, 06/10/2013

NSA's Massive Utah Data Center Won't Employ Analysts

It's old news by now that the NSA is building a semi-secret data center in Utah, which will store data of an unknown sort on a near infinite scale. According to public materials, the Utah data center will be able to store up to 1 trillion terabytes of data. With that said, NPR's Howard Berkes discovered something interesting... even though the NSA is storing all that data in Utah, they're not employing any analysts at the facility:

"When [an] analyst sits in front of their computer and does their work, they don't particularly care from whence the data came," (NSA Director of Installation and Logistics Harvey) Davis says. "As long as the data finds its way into the network, people who do the analytical work do not have to be geographically in the same place."

So the Utah center will employ about 100 technicians to keep the power and water flowing and the computers and other equipment humming. The NSA and the University of Utah have developed a certificate program to train data farm technicians.

For readers curious about the purpose and goals of the Utah data center, which is generally believed to be storing electronic communications on a massive scale, a good place to start is James Bamford's must-read Wired piece and Kashmir Hill's post about a visit to the installation for Forbes.

8:00 pm, 06/09/2013

ODNI Makes Official Edward Snowden (Non) Statement

The Office of the Director of National Intelligence (ODNI) just made their first official statement on Edward Snowden's public admission in The Guardian that he is responsible for the NSA leaks. Snowden was not mentioned by name in the short statement, attributed to Public Affairs Director Shawn Turner:

We have seen the latest report from The Guardian that identifies an individual claiming to have disclosed information about highly classified intelligence programs in recent days. Because the matter has been referred to the Department of Justice, we refer you to the Department of Justice for comment on any further specifics of the unauthorized disclosure of classified information by a person with authorized access. The Intelligence Community is currently reviewing the damage that has been done by these recent disclosures. Any person who has a security clearance knows that he or she has an obligation to protect classified information and abide by the law.

7:30 pm, 06/09/2013

NSA In Declassified Memo: Time To "Rethink" The Fourth Amendment

In a classified memo published before the September 11 attacks, the NSA argued that it was time to "rethink" the Fourth Amendment prohibiting unreasonable search and seizure because new electronic surveillance methods call for new rules. The December 2000 memo, now declassified and archived at George Washington University, makes an unambiguous case in support of the omnipresent data-mining of BLARNEY and PRISM. Politco's Philip Ewing writes:

In one key paragraph, NSA wrote that its new phase meant the U.S. must reevaluate its approach toward signals intelligence, or “SIGINT,” and the Constitution’s Fourth Amendment protections against unreasonable search and seizure.

“The Fourth Amendment is as applicable to eSIGINT as it is to the SIGINT of yesterday and today,” it wrote. “The Information Age will however cause us to rethink and reapply the procedures, policies and authorities born in an earlier electronic surveillance environment.”

6:20 pm, 06/09/2013

Booz Allen's Unusual Hawaii Information Security Job Listing

Security researcher Mikko Hypponen of F-Secure found a highly unusual Booz Allen Hamilton job listing from their Hawaii office which was posted on May 22, 2013. According to The Guardian, NSA whistleblower Edward Snowden fled to Hong Kong three weeks ago during the week of May 19. Here is the job description ad:

Key Role:

Support a client's information assurance (IA) program manager to provide effective IA development, implementation, operation, maintenance, and modification to meet DoD and DON IA requirements in support of major communication systems. Assist IAM to research, analyze, implement, accredit, manage risk, and maintain detailed IA policies, plans, and programs. Work with the IT system owners to coordinate with command security requirements and provide systems engineering to support the certification and accreditation (C&A) manager. Develop and review documentation and artifacts for Defense Information Assurance Certification and Accreditation Process (DIACAP) packages for the command and subordinate commands. Conduct C&A validation testing, document results, and recommend steps for the remediation and mitigation of vulnerabilities. Coordinate with representatives of the Certifying Authority (CA) and Designated Approving Authority (DAA) to attain Authority to Operate (ATO) for systems and networks. This position is located in Honolulu, HI.

Qualifications

Basic Qualifications:
-4+ years of experience with network engineering or Information Assurance
-3+ years of experience with DIACAP or DITSCAP certification and accreditation within the last 5 years
-Top Secret clearance required
-IAM Level II 8570.01 M Certification (i.e. CAP, GSLC, CISM or CISSP)

Additional Qualifications:
-Experience with Navy IA and C&A processes
-Experience with computer network defense
-Experience with host-based security systems (HBSS)
-BA or BS degree preferred
-Fully Qualified Navy Validator Certification

Clearance:
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Top Secret clearance is required.

To say the least, the timing of the job posting is unusual. Either way... for those with the proper security clearance, there's a prime job opportunity in Honolulu right now.

5:55 pm, 06/09/2013

Booz Allen Confirms Edward Snowden Employment, Washes Hands Of NSA Whistleblower

In a not-entirely unexpected development, Booz Allen Hamilton--NSA whistleblower Edward Snowden's former employer--is trying to minimize their ties to him. The global consulting giant just released a statement. It says, in full:

Booz Allen can confirm that Edward Snowden, 29, has been an employee of our firm for less than 3 months, assigned to a team in Hawaii. News reports that this individual has claimed to have leaked classified information are shocking, and if accurate, this action represents a grave violation of the code of conduct and core values of our firm. We will work closely with our clients and authorities in their investigation of this matter.

According to The Guardian, Snowden was a former CIA technical assistant who allegedly joined the global consulting giant in 2013. Snowden, who also worked with Dell for a period, did not apparently last very long at Booz Allen.

3:15 pm, 06/09/2013

Edward Snowden: NSA Whistleblower Comes Forward

Edward Snowden

We now know the identity of the whistleblower who revealed the existence of PRISM and NSA American mobile phone surveillance to The Guardian. Meet Edward Snowden:

The individual responsible for one of the most significant leaks in US political history is Edward Snowden, a 29-year-old former technical assistant for the CIA and current employee of the defence contractor Booz Allen Hamilton. Snowden has been working at the National Security Agency for the last four years as an employee of various outside contractors, including Booz Allen and Dell.

The Guardian, after several days of interviews, is revealing his identity at his request. From the moment he decided to disclose numerous top-secret documents to the public, he was determined not to opt for the protection of anonymity. "I have no intention of hiding who I am because I know I have done nothing wrong," he said.

Snowden is currently in Hong Kong; President Obama met with Chinese leader Xi Jinping this week at approximately the same time the NSA leaks became public.

10:15 am, 06/09/2013

PRISM And Tor

Mike Perry of The Tor Project (which Fast Company has covered before) just wrote a very interesting blog post explaining some of the technical aspects of PRISM (as we now understand it), and Tor's advantages and disadvantages in the face of NSA surveillance. Some of the finer-grained tech points are fascinating, and the post is well worth a read:

The core Tor software's job is to conceal your identity from your recipient, and to conceal your recipient and your content from observers on your end. By itself, Tor does not protect the actual communications content once it leaves the Tor network. This can make it useful against some forms of metadata analysis, but this also means Tor is best used in combination with other tools.

Through the use of HTTPS-Everywhere in Tor Browser, in many cases we can protect your communications content where parts of the Tor network and/or your recipients' infrastructure are compromised or under surveillance. The EFF has created an excellent interactive graphic to help illustrate and clarify these combined properties.

Through the use of combinations of additional software like TorBirdy and Enigmail, OTR, and Diaspora, Tor can also protect your communications content in cases where the communications infrastructure (Google/Facebook) is compromised.

However, the real interesting use cases for Tor in the face of dragnet surveillance like this is not that Tor can protect your gmail/facebook accounts from analysis (in fact, Tor could never really protect account usage metadata), but that Tor and hidden services are actually a key building block to build systems where it is no longer possible to go to a single party and obtain the full metadata, communications frequency, *or* contents. Tor hidden services are arbitrary communications endpoints that are resistant to both metadata analysis and surveillance.

10:05 am, 06/09/2013

NSA Requesting Criminal Probe Into Guardian, Washington Post Leaks

The NSA officially requested a criminal probe into the leak of documents exposing a wide-ranging surveillance project that involved datamining American tech firms. After leaked documents appeared in the Guardian and Washington Post late last week, the story began to dominate the global news cycle--overtaking ongoing protests in Turkey, the war in Syria, and meetings between the leaders of China and the United States.

Reuters' Timothy Gardner and Mark Hosenball report:

It was not known how broad a leaks investigation was requested by the super-secret NSA, but Shawn Turner, a spokesman for (Director of National Intelligence) Clapper's office, said a "crimes report has been filed." The report goes to the Justice Department, which has established procedures for determining whether an investigation is warranted.

10:00 am, 06/09/2013

The Government's PRISM Infosheet Is Here

On Saturday, the Director of National Intelligence released an official information sheet on PRISM. The document, titled "Facts on the Collection of Intelligence Pursuant to Section 702 of the Foreign Intelligence Surveillance Act," describes NSA datamining of millions of telephone calls and emails being justified by Section 702.

Section 702 facilitates the targeted acquisition of foreign intelligence information concerning foreign targets located outside the United States under court oversight. Service providers supply information to the Government when they are lawfully required to do so.

Intriguingly, Section 702 cannot be used to intentionally target any U.S. citizens. But communications from U.S. citizens that get (intentionally or unintentionally) caught up in the NSA's secret drop boxes or datamining schemes? Those can be used by the NSA.

9:45 am, 06/09/2013

The Semantics And Semiotics Of PRISM Denials

Bouncing back to an earlier discussion of those strangely worded tech company comments on PRISM, which discuss possible compliance with the NSA's secretive cyberspying program in heavily lawyered-up language, Yahoo's statement gives something of interest. On Saturday afternoon, Yahoo chief counsel Ron Bell posted on Tumblr to discuss any possible communications his company had with the NSA:

We want to set the record straight about stories that Yahoo! has joined a program called PRISM through which we purportedly volunteer information about our users to the U.S. government and give federal agencies access to our user databases. These claims are false.

Yahoo! has not joined any program in which we volunteer to share user data with the U.S. government. We do not voluntarily disclose user information. The only disclosures that occur are in response to specific demands. And, when the government does request user data from Yahoo!, we protect our users. We demand that such requests be made through lawful means and for lawful purposes. We fight any requests that we deem unclear, improper, overbroad, or unlawful. We carefully scrutinize each request, respond only when required to do so, and provide the least amount of data possible consistent with the law.

However, Chris Soghoian of the ACLU--a well known analyst on all matters related to technology, privacy, and the law--deconstructed Yahoo's statement and found that Yahoo might be more associated with PRISM than they let on. A small excerpt:

No one has claimed that the PRISM program is voluntary. As the Director of National Intelligence has confirmed, the PRISM program involves court orders granted using Section 702 of the Foreign Intelligence Surveillance Act.

By falsely describing PRISM as a voluntary scheme, Yahoo's general counsel is then able to deny involvement outright. Very sneaky.

7:16 pm, 06/08/2013

The Guardian Reveals Global Surveillance Tool, "Boundless Informant"

The Guardian's Glenn Greenwald and Ewen MacAskill report today on one tool in the NSA's spying arsenal:

The Guardian has acquired top-secret documents about the NSA datamining tool, called Boundless Informant, that details and even maps by country the voluminous amount of information it collects from computer and telephone networks. The focus of the internal NSA tool is on counting and categorizing the records of communications, known as metadata, rather than the content of an email or instant message. The Boundless Informant documents show the agency collecting almost 3 billion pieces of intelligence from US computer networks over a 30-day period ending in March 2013.

Today's latest revelation by the Guardian suggests that the NSA may have been less than forthright to Congress when it comes to the scope of its digital surveillance programs:

The disclosure of the internal Boundless Informant system comes amid a struggle between the NSA and its overseers in the Senate over whether it can track the intelligence it collects on American communications. The NSA's position is that it is not technologically feasible to do so. At a hearing of the Senate intelligence committee In March this year, Democratic senator Ron Wyden asked James Clapper, the director of national intelligence: "Does the NSA collect any type of data at all on millions or hundreds of millions of Americans?" "No sir," replied Clapper. Judith Emmel, an NSA spokeswoman, told the Guardian in a response to the latest disclosures: "NSA has consistently reported – including to Congress – that we do not have the ability to determine with certainty the identity or location of all communicants within a given communication. That remains the case." Other documents seen by the Guardian further demonstrate that the NSA does in fact break down its surveillance intercepts which could allow the agency to determine how many of them are from the US. The level of detail includes individual IP addresses.

Looking through Boundless Informant's (unclassified) FAQ, it's important to note that the FAQ describes Boundless Informant as a "a GAO prototype tool for a self-documenting SIGINT system. The purpose of the tool is to fundamentally shift the manner in which the GAO describes its collection posture." (GAO is the Government Accountability Office; SIGINT is shorthand for signals intelligence).

Additionally, according to the FAQ, "the tool does not contain ECI or FISA data." FISA data is at the center of this week's accusations that top tech companies have cooperated with the NSA by either offering direct access to their servers or by creating drop box access to private user data.

4:44 pm, 06/08/2013

Did They Or Didn't They? Companies Deny "Direct Access"--But Is It All Just Semantics At This Point?

After revelations about alleged NSA secret surveillance came to light, many industry bigs came forward to deny giving the government "direct access" to company servers, as the Guardian claimed they had done.

But according to a New York Times report, many tech companies:

...opened discussions with national security officials about developing technical methods to more efficiently and securely share the personal data of foreign users in response to lawful government requests. And in some cases, they changed their computer systems to do so.

...

The companies that negotiated with the government include Google, which owns YouTube; Microsoft, which owns Hotmail and Skype; Yahoo; Facebook; AOL; Apple; and Paltalk, according to one of the people briefed on the discussions. The companies were legally required to share the data under the Foreign Intelligence Surveillance Act.

(Intel was also named in the Times report.)

The Times sources were referring to tech companies cooperating with the government when it came to non-American users' data, under the Foreign Intelligence Surveillance Act (FISA). However, the sources went on to discuss the possibility of virtual drop boxes being built between tech companies and the U.S. government:

In at least two cases, at Google and Facebook, one of the plans discussed was to build separate, secure portals, like a digital version of the secure physical rooms that have long existed for classified information, in some instances on company servers. Through these online rooms, the government would request data, companies would deposit it and the government would retrieve it, people briefed on the discussions said.

According to the Times' sources, Facebook went as far as to build this kind of drop box system.

So how could Facebook's Mark Zuckerberg righteously claim that "Facebook is not and has never been part of any program to give the U.S. or any other government direct access to our servers"? How about Google's Larry Page's statement that "we have not joined any program that would give the U.S. government--or any other government--direct access to our servers"? Or similar statements denying "direct access" from Apple, Paltalk, and Yahoo?

Well, if the drop box allegations in the Times report are accurate, then it's technically true that these companies didn't give the government "direct access" to their servers--but at what point do we decide this is just a public relations game of semantics and technicalities? Direct access, back doors, lock boxes, drop boxes--whatever the exact nature of the processes by which it happened, the revelations make it seem there is a pretty high chance that a lot of data collected by private tech companies has been made available to the government in a fairly streamlined fashion, one way or another. As the Times notes, what is transmitted through a drop box as part of a FISA request could potentially be very broad:

FISA orders can range from inquiries about specific people to a broad sweep for intelligence, like logs of certain search terms, lawyers who work with the orders said.

6:07 p.m, 06/07/2013

Mark Zuckerberg: "We hadn't even heard of PRISM before yesterday."

Facebook's chief geek has vehemently denied, via his profile page, that his company gives the feds direct access to Facebook servers:

I want to respond personally to the outrageous press reports about PRISM:

Facebook is not and has never been part of any program to give the U.S. or any other government direct access to our servers. We have never received a blanket request or court order from any government agency asking for information or metadata in bulk, like the one Verizon reportedly received. And if we did, we would fight it aggressively. We hadn't even heard of PRISM before yesterday.

When governments ask Facebook for data, we review each request carefully to make sure they always follow the correct processes and all applicable laws, and then only provide the information if it is required by law. We will continue fighting aggressively to keep your information safe and secure.

We strongly encourage all governments to be much more transparent about all programs aimed at keeping the public safe. It's the only way to protect everyone's civil liberties and create the safe and free society we all want over the long term.

3:45 pm, 06/07/2013

The NSA's Whistleblower Problem

An interesting story from the Calgary Herald's Kris Kotarski reveals something very interesting: Whistleblowers are dissatisfied with the NSA engaging in recreational spying. Going back to 2008, Kotarski has this to say:

Another linguist, 31-year-old Adrienne Kinne, told ABC that the NSA would listen to calls made by military officers, journalists and aid workers from organizations such as the International Red Cross and Doctors Without Borders, listening to “personal, private things with Americans who are not in any way, shape or form associated with anything to do with terrorism.” “We knew they were working for these aid organizations. They were identified in our systems as ‘belongs to the International Red Cross’ and all these other organizations,” Kinne told ABC News. “And yet, instead of blocking these phone numbers, we continued to collect on them.”

3:00 pm, 06/07/2013

Anonymous Leaks PRISM Docs

This morning, activist collective Anonymous leaked a number of classified documents about PRISM. On Pastebin, Anonymous members wrote that:

Anonymous has obtained some documents that "they" do not want you to see, and much to "their" chagrin, we have found them, and are giving them to you.
These documents prove that the NSA is spying on you, and not just Americans. They are spying on the citizens of over 35 different countries. These documents contain information on the companies involved in GiG, and Prism. Whats GiG you might ask? well (sic)... The GIG will enable the secure, agile, robust, dependable, interoperable data sharing environment for the Department where warfighter, business, and intelligence users share knowledge on a global network that facilitates information superiority, accelerates decision-making, effective operations, and Net-Centric transformation.

The documents Anonymous posted are a mix of PDFs and PowerPoint documents. Potential muckrakers, be warned: They are written in dry, dry bureaucratese.

A couple of quick thoughts:

1. How long have whistleblowers had these docs for? The documents posted come mostly from 2008-2010.
2. Did the docs come from the same whistleblower who tipped off Glenn Greenwald, or did hackers use the Guardian breadcrumbs to find these?
3. Just what will happen to this whistleblower, if it is the same person, if or when they are caught?

2:45 pm, 06/07/2013

Google, Facebook, Skype... And Paltalk?

When news of the PRISM program leaked out, most of the world's major communication services (save Twitter and Sina Weibo) were implicated in giving the NSA access to their databases. Among the companies cooperating with the NSA is Paltalk--a relatively obscure video chat service. But what is Paltalk, and why are the NSA tracking them?

Uri Friedman at Foreign Policy has the scoop:

The Washington Post mentions that PalTalk has received substantial traffic during the Arab Spring and Syrian civil war, but people have also raised concerns for years now about terrorists using its chat rooms (in 2012, for instance, the British press reported that four men plotting to bomb the London Stock Exchange had made contact with each other through the service). In 2009, the year PalTalk reportedly began participating in the NSA's program, a U.N. report on the "Use of the Internet for Terrorist Purposes" expressed concern about al Qaeda propaganda spreading in "debate groups such as Yahoo and PalTalk."

That is to say it appears that Paltalk was targeted because of its use by non-U.S. citizens of interest to the NSA.

2:30 pm, 06/07/2013

How To Beat The NSA To The Punch... The World Of Self-Surveillance

Shortly before the PRISM and NSA Verizon spying stories broke, Fast Company ran two stories by Sarah Kessler about a New York University graduate student who decided to benefit financially from the massive amount of online metadata he generated. Frederico Zannier began selling his personal Internet activity for $2 a day on Kickstarter as a thought experiment. Basically, Zannier figured he should benefit financially from the aggregate web data that the massive online advertising industry parses on a daily basis.

"The project, his thesis at NYU’s Interactive Telecommunication Program, was at first simply intended to be a way to bring online tracking into his daily consciousness. He planned to publish the data he harvested, along with these awesome data visualizations, because, he says, “I love data visualizations." The idea to sell the data via Kickstarter came later," Kessler wrote.

1:50 pm, 06/07/2013

How The NSA Can Read Your Gmail

The Washington Post has confirmed the existence of a secret program called PRISM, which gives the NSA a backdoor into Internet communications from all major service providers besides (as of writing) Twitter.

As Fast Company's Kit Eaton writes, "PRISM allows the NSA to directly get its hands on many different kinds of data concerning the Internet habits of individuals, from email contents to user-specific information. After initial claims were made that firms such as Microsoft, Yahoo, Google, Apple, Facebook, Skype and others were willingly handing over data, most of the companies involved denied they were actively participating and some said they had no knowledge of the program."

1:45 pm, 06/07/2013

How The NSA Tracks America's Phone Calls

As The Guardian reported, the NSA is collecting metadata related to phone call activity on Verizon (and likely other) carriers. So how does this work?

Yesterday, Fast Company discussed just what telecom metadata is. The information the NSA was collecting included the phone numbers that Verizon customers dialed, the phone numbers of the people who called them, the duration of the call, and identifying information about the Verizon customer. However, as far as we know, the contents of the call were not accessible to the NSA.

1:30 pm, 06/07/2013

Public Perception: Are You Okay With The NSA Having A Data Dump Of Your Emails?

The Pew Research Center has released a civil liberties poll package of their recent opinion polling on government surveillance. In a nutshell, Americans are largely opposed to the government having access to private communications.

According to Pew's 10th-anniversary-of-9/11 polling, only 29% of Americans favor "the U.S. government monitoring personal telephone calls and emails" as part of a broad-based anti-terrorism program. Of course, this turns out to be exactly the case--as Glenn Greenwald's scoop proves, the NSA has been vacuuming up any data they can get their hands on.

[Image: Flickr user Jonathan McIntosh]

Add New Comment

17 Comments

  • Isabel Herron

    like Juan explained I'm blown away that some one can profit $8820 in one month on the internet. did you read this page w­w­w.K­E­P­2.c­o­m

  • Luke Forney

    Regarding the journalist that featured De Cubber's overhauls of the original data.. Why???? so it can look cooler? This trivializes the importance of the matter at hand. Not to mention De Cubber's "overhauls" greatly water down the original content. What an incredible display of nihilism.

  • Bill Van Eron

    Sure it's uncomfortable and poses a risk. BUT keeping our country safe has priority.Soldiers give their lives for us. We can help. Abuse and hackers appear as primary risk. I'd like to see the government tighten up on hackers, spammers and anyone abusing our privacy in return. So balance is important.   

  • Smjhunt

    The biggest problem I see is the simplistic nature of articles like these.  Let's take the Pew poll for example.  The article doesn't state what the exact questions were.  Without that the results are meaningless.  Let's assume though that the question stated was the one actually asked: "Are you in favor of the U.S. government monitoring personal calls and emails". That question is highly ambiguous.  It could mean anything from the government collecting a record of the phone activity of a person who has already been identified as in touch with Al Qaeda, to a guy sitting in a back room smirking as they listen to a private conversation between a couple who are not suspected of anything.   There's a big difference!  If you leave it to their imagination they may very well think it's the later and there's no evidence that that is the case. The devil is in the details.   Pro-active attempts to stop terrorism such as intelligence gathering, are, in my opinion, as far more sane way to deal with these types of problems than the reactive approach (after the act) of sending people to kill and be killed in some foreign land.

       

  • Frank

    They don't need to tell anybody they just tap it at a higher level in the routes of the internets, whoever has the highest level can decrypt anything below it.  ISPs can see what you do on their network and just like that the main routers of the internet can see everything that passes through.

  • Mark Jaquith

    Not if it's encrypted. All your Facebook browsing is over SSL, so it's not expected that anyone would be able to see what was going on, even if they intercepted the traffic.

  • Guest

    Somehow my message linked me to Isabel (see above) who follows the NSA issue. I have no interest in those kinds of subjects whatsoever. 2013 3rd July.

  • Isabel Herron

    what Joyce responded I am alarmed that any one able to profit $6789 in four weeks on the internet. did you look at this link w­w­w.K­E­P­2.c­o­m

  • Gordon Hervey

    I posted a comment to Isabel by mistake when referring to another link. I have no idea about the NSA issue, I strictly specialise in geoscience and energy futures.

  • Christopher Neese

    Who cares...  Anyone who thinks that the govt really gives a shit about what a regular jackoff is talking about is paranoid...  And anyone who expects any privacy out of any type of communication is just stupid...  Therefore it appears as if there are many paranoid stupid people out there... That is a volatile combination...

  • Guest

    Or it's just an enormous waste of taxpayer money to fund this ever-increasing, senseless NSA spying machine, but whatever.

  • Jl12

    hilarious responses from all those internet companies... "what, us? no." fairness: fact is, the highest levels in the company don't know