Not Breaking: Keith Alexander to Be Allowed to Retire Unscathed; Breaking: NSA

We’ve actually known for some time that Keith Alexander was retiring shortly. So Reuters’ headline reporting it (and the departure of Alexander’s Deputy John Inglis) is not news.

Screen shot 2013-10-16 at 5.38.14 PM

But mega kudos to the person who dubbed Alexander the “eavesdropping agency chief.”

One important implication of this headline though is,

Alexander will not be fired, much less criminally charged, for serial lies to Congress

Not to mention the fact that James Clapper will, as far as we know, remain employed and free.

All that said, the overall point of Reuters’ story is important. This presents Obama with an opportunity to set a new direction for NSA.

While both men are leaving voluntarily, the dual vacancies give Obama an opportunity both to install new leadership following Snowden’s revelations and to decide whether the NSA and Cyber Command should have separate leaders.

Cyber Command, which has grown significantly in recent years, has the authority to engage in both defensive and offensive operations in cyberspace. Many NSA veterans argue that having the same person lead the spy agency and Cyber Command diminishes the emphasis on the NSA’s work and its unique capabilities.

I say go even bigger than this: break up this Frankenstein contraption and split NSA’s defensive function from its offensive ones entirely. And while we’re at it, let’s move it out of DOD.

Noah Shachtman wrote a piece describing how to do this so long ago he actually referred to “the agency that tapped AT&T switching stations (OK, OK, allegedly)” instead of “the agency FISC deemed in violation of the Fourth Amendment for collecting US person data at AT&T’s switches.”

NSA headquarters — the “Puzzle Palace” — in Fort Meade, Maryland, is actually home to two different agencies under one roof. There’s the signals-intelligence directorate, the Big Brothers who, it is said, can tap into any electronic communication. And there’s the information-assurance directorate, the cybersecurity nerds who make sure our government’s computers and telecommunications systems are hacker- and eavesdropper-free. In other words, there’s a locked-down spy division and a relatively open geek division. The problem is, their goals are often in opposition. One team wants to exploit software holes; the other wants to repair them.

[snip]

A broken-out bureau — call it the Cyber Security Agency, or CSA — that didn’t include the spooks would obviate this conflict. “A separate information-assurance agency,” says Michael Tanji, a 21-year veteran of intelligence services, including the NSA, “will have a greater level of acceptance across the government and the private sector.”

[snip]

An independent CSA would be trusted more widely than Fort Meade, improving collaboration among cybersecurity geniuses. It was private researchers and academics who led the effort to corral the ultrasophisticated Conficker worm. And the National Institute of Standards and Technology worked on federal desktop security. A well-run, independent CSA would be able to coordinate better with these outside entities.

The problem — both of NSA’s conflicting missions and of the lack of trust in it — has gotten far worse since Shachtman wrote this piece. The NYT reported that the NSA has been ensuring it has back doors in far more places than originally thought. In addition there are the concerns about its use of NIST to weaken encryption standards.

And we now know that NSA is keeping encrypted communications — including that of the white hats you need to cooperate on the cyberdefense project — indefinitely. That is, it is treating necessary partners are criminals.

Right now, the NSA wants to be able to copy and scan all the traffic in the US to be able to search for malware and other malicious code. Yet it has already been caught spying on Americans even while just (allegedly) hunting for terrorists. And it refuses to count how many Americans it has spied on in this way. This is not a trustworthy agency to conduct out whatever sorting that needs to be done (not to mention the fact it can’t be trusted to keep this goal separate from its offensive ones).

Even NSA’s apologists should embrace such a suggestion. Without it, their claims to want the best defense against cyberthreats ring hollow, because the existing NSA is one of the biggest cyberdangers out there.

image_print
14 replies
  1. peasantparty says:

    So, what are we going to do with the Enterprise Starfleet Command Center after he is gone?

    I know there is nobody on Capital Hill willing to bring charges against him or Clapper. If only there were somebody that would attempt to uphold the Constitution.

    Hopefully, the spying spies he hired and pushed to do evil will have his phone numbers, computer ID and ISP, and all his contacts!

  2. Kelly says:

    I say go even bigger than this: break up this Frankenstein contraption and split NSA’s defensive function from its offensive ones entirely.

    That is actually quite sound IT advice to my way of thinking.

    All this haystack building that they’re doing, means that at some point you get identical pieces of straw, but in different places in the stack. This ultimately creates problems.

    That being said, I bet they do use some sort of “conversation-thread-id” about the records they store, like most big companies do with their middleware applications, which isolate those seemingly identical straws into different piles.

  3. earlofhuntingdon says:

    As an aside, and purely selfishly, I hope that EW remains independent and does not join Mr. Greenwald’s valuable new journalism outlet. I wouldn’t be unhappy if I were wrong, just disappointed at having one less important site to read.

  4. bloodypitchfork says:

    Meanwhile, Holders degenerate multi-tiered Mockery of “Justice” prosecutes those powerless people who do nothing illegal under the law yet become prosecutorial fodder for up and coming U.S. scumbag Attorneys who couldn’t find Justice if it came up and yelled “HERE I AM ASSHOLE” in their fucking face. I won’t bother with links. There’s too many examples.

  5. Snoopdido says:

    More Snowden NSA news from the Washington Post – Documents reveal NSA’s extensive involvement in targeted killing program – http://www.washingtonpost.com/world/national-security/documents-reveal-nsas-extensive-involvement-in-targeted-killing-program/2013/10/16/29775278-3674-11e3-8a0e-4e2cf80831fc_print.html

    “It was an innocuous e-mail, one of millions sent every day by spouses with updates on the situation at home. But this one was of particular interest to the National Security Agency, and contained clues that put the sender’s husband in the cross hairs of a CIA drone.

    Days later, Hassan Ghul — an associate of Osama bin Laden who provided a critical piece of intelligence that helped the CIA find the al-Qaeda leader — was killed by a drone strike in Pakistan’s tribal belt.

    The U.S. government has never publicly acknowledged killing Ghul. But documents provided to The Washington Post by former NSA contractor Edward Snowden confirm his demise in October 2012 and reveal the agency’s extensive involvement in the targeted killing program that has served as a centerpiece of President Obama’s counterterrorism strategy.”

  6. bloodypitchfork says:

    peasantparty said:
    quote: “If only there were somebody that would attempt to uphold the Constitution.”unquote

    If only. Attempt. right. BWHAHAHAHAHAHA..HOHOHOHOH..HEHEHEHEHE..HAHAHAHAHAHAHA!

    please ..please..yer killen me.

    Uphold the Constitution. Dude, they don’t give a flying fuck about a stinkin constitution. The ONLY thing they care about is if 3mil armed and pissed off American’s surround WDC ready to drag these motherfuckers out of their granite palaces and BURN THEM ALIVE.

  7. TarheelDem says:

    I say go really big. Re-examine the assumptions and laws underlying the intelligence community that were put in place during the Truman administration. Why exactly do we have this cancer at the heart of a democratic republic?

    Now that would require DiFi to take on some other role than pom-pom girl for the intelligence community.

  8. C says:

    @Kelly: Kelly, I think that is unlikely. If (ha!) they are hoovering up the raw streams from the raw cables then they would have to be indexing things at the packet level, reconstructing those chains and slowly building things up. While this is doable, albeit noisy, it would still mean that they face a problem of having lots of sparse data of little value, i.e. broken straws, which may be indexed at some future date or may not. In this context it would be a nightmare to separate or index things clearly which is likely why they are so serious about fighting any legal requirement to keep things truly clean. They probably can’t do so.

  9. C says:

    I bet that they will pair his leaving with some cosmetic reforms, nothing that touches the presidential orders, in the expectation that we will all calm down and be happy.

  10. orionATL says:

    @C:

    i have worried about just this since greenwald’s june stories rained down.

    i was surprised the w’house didn’t fire alexander soon thereafter and declare “bad things happened that will never happen again under our new team”.

    then allow (and encourage) the rampant electronic spying to continue in all its forms, just as under alexander.

    that didn’t happen after june, but i suspect you are right that the w’house will try to apply that tactic sometime soon.

    if we were a lucky nation, we’d have a larry summers type argument over what form nsa should take and what background should the person have who leads it.

    on another tact:

    i’ve previously suggested nsa be broken into three parts, only one of which would be military:

    – a dod cyber command headed by a general/admiral limited strictly to meeting u.s. military forces needs. prohibited from operating for any reason outside those clearly set forth military needs for any military preparedness, campaign, or war.

    – a civilian run agency with the mission to support, protect, and enhance availability to americans of the internet. this agency would be required specifically to protect internet and software from spying or code manipulation.

    – a civilian run agency whose primary mission is to protect important components of the american society and economy from sabotage, e.g., electrical transmission and generation.

    as for the current clumsy, ineffective behemoth, virtually entire thrust is really mostly law enforcement related (including “terrorists”).

  11. C says:

    @orionATL: The three-part proposal makes sense. The NSA’s dual mission of protecting “our” communications and attacking others’ made more sense when they felt they could draw a clear line between “us” and “them” and when our international communications were fewer.

    Now that the NSA has shown that they cannot distinguish between “us” and “them” and do not, apparently, care to try the trust required to sustain that dual mission is gone. Indeed once it became clear that they used the industry collaborations as a vehicle to discover exploits it became clear that the security of America’s communications mandate had been destroyed.

    At this point I think your proposal is a minimum first step. It will of course be resisted at every turn. Bush tried to create a domestic security Czar and he faced such stiff resistance from Intel that Congress never even gave him an office to work in. But unless that happens the “NSA vs. US” problem will remain. After lying to congress, lying to other parts of the government (e.g. NIST) and probably lying to industry players such as Microsoft it’s not clear who is left to work with them or for that matter who they view as being on their side since even the U.S. Congress is treated as an adversary.

    As for the guardian link you sent yes his thoughts on this issue are well put.

  12. lefty665 says:

    “A fish rots from the head”. Alexander and Inglis were too intrusive even for Hayden, and that’s saying something. Reforms are possible with a change in command plus all the attention NSA has been getting.

    We will learn a lot from BO’s choice of replacements. Jockeying for position should be well underway, and at least nominally it is an admiral’s turn. Anybody got a tip sheet?

    The int and sec sides have long been closely related, and with movement between them. The skill sets to be good at either are similar. I’d argue that the issues are policy, not organization, and that breaking up the agency does not necessarily do much to solve them.

    The fundamental issue is turning NSA’s tools inward, and how it was done. Thin Thread, and presumably other technologies, that protected domestic US citizen comm were rejected in favor of far more intrusive methods. That was a policy decision. Splitting up the agency will not fix that as long as domestic surveillance is unfettered.

    The int side has resisted strong encryption for decades, and that will not change. Maintaining backdoors is a similar issue. Both make the int job infinitely easier, or in some cases possible at all. Again, it is a policy decision where the tradeoff between security and intelligence lies. Competing agencies could be chaos, and not in a good way.

    Alexander’s assertion that to keep us safe he has to have complete access to every bit, byte and syllable is profound. It is especially disturbing with the installation in Bluffdale that seems capable of storing it all.

    Given our boobus Americanus inability to keep much of anything secure it is almost possible to have some sympathy for Alexander’s position. BUT, tearing the Bill of Rights out of the Constitution makes for a cure worse than the problem. Once again a policy question of how to deploy technology to keep us safe without destroying privacy.

    It does not seem likely that BO/Congress will actively reform what is in place. Wish the solution was as simple as breaking NSA up.

Comments are closed.