Keith Alexander: “We Must Win, There Is No Substitute for Victory”

/30 Comments/in , , , , /by

I frankly have no problem with Keith Alexander giving the employees of the National Security Agency a pep talk as the truth of what they’re doing to us becomes public. They are not, after all, responsible for the serial disinformation Alexander and James Clapper have spread about their work. And the overwhelming majority of them are just trying to support the country.

I don’t find this part of Alexander’s speech even remotely accurate, mind you, but I’ve gotten used to dissembling from Alexander.

The issue is one that is partly fueled by the sensational nature of the leaks and the way their timing has been carefully orchestrated to inflame and embarrass. The challenge of these leaks is exacerbated by a lack of public understanding of the safeguards in place and little awareness of the outcomes that our authorities yield. Leadership, from the President and others in the Executive Branch to the Congress, is now engaged in a public dialogue to make sure the American public gets the rest of the story while not disclosing details that would further endanger our national security.

It’s hard to understand how leaks can be inflammatory and embarrassing but all the claims about safeguards and dialogue to also be true.

But it’s this passage I’m far more struck by:

Let me say again how proud I am to lead this exceptional workforce, uniformed and civilian, civil service and contract personnel. Your dedication is unsurpassed, your patriotism unquestioned, and your skills are the envy of the world. Together with your colleagues in US Cyber Command, you embody the true meaning of noble intent through your national service. In a 1962 speech to the Corps of Cadets on “duty, honor and country,” one of this nation’s military heroes, General Douglas MacArthur, said these words teach us “not to substitute words for action; not to seek the path of comfort, but to face the stress and spur of difficulty and challenge; to learn to stand up in the storm.” You have done all that and more. “Duty, Honor, Country” could easily be your motto, for you live these words every day. [my emphasis]

It’s not just that he calls out Cyber Command in the midst of a scandal that’s not supposed to be (but really is) about offensive war.

It’s not just that he chooses to cite one of the most powerful Generals ever, one who defied civilian command to try to extend a war that — it turns out — wasn’t existential.

But it’s also that he chose to cite a speech that invokes that moment of insubordination, a speech that encourages political inaction among the troops, a speech whose audience MacArthur defined as singularly military.

And through all this welter of change and development your mission remains fixed, determined, inviolable. It is to win our wars. Everything else in your professional career is but corollary to this vital dedication. All other public purpose, all other public projects, all other public needs, great or small, will find others for their accomplishments; but you are the ones who are trained to fight.

Yours is the profession of arms, the will to win, the sure knowledge that in war there is no substitute for victory, that if you lose, the Nation will be destroyed, that the very obsession of your public service must be Duty, Honor, Country.

Others will debate the controversial issues, national and international, which divide men’s minds. But serene, calm, aloof, you stand as the Nation’s war guardians, as its lifeguards from the raging tides of international conflict, as its gladiators in the arena of battle. For a century and a half you have defended, guarded and protected its hallowed traditions of liberty and freedom, of right and justice.

Let civilian voices argue the merits or demerits of our processes of government. Whether our strength is being sapped by deficit financing indulged in too long, by federal paternalism grown too mighty, by power groups grown too arrogant, by politics grown too corrupt, by crime grown too rampant, by morals grown too low, by taxes grown too high, by extremists grown too violent; whether our personal liberties are as firm and complete as they should be.

These great national problems are not for your professional participation or military solution. Your guidepost stands out like a tenfold beacon in the night: Duty, Honor, Country.

At a moment of crisis, at a moment when his own credibility is under strain, Keith Alexander has chosen to address the military, civilian, and contractor employees of the NSA as unthinking warriors, isolated from the critical issues swirling around them at the moment. He has chosen to frame NSA as a war machine, not as a defense machine.

The employees of NSA’s first duty is to the Constitution, not the secret battles Alexander wants to escalate and win at all costs. I do hope they don’t despair of that duty.

Share this entry

FISA Amendments Act Minimization: Preventing Serious Harm to Corporate Persons

/8 Comments/in , , /by

As I was working through some other things last night, I had an opportunity to compare the minimization standards for the FISA Amendments Act (see section h) with the standards under which the actual minimization procedures allow the retention of purely domestic communications (that is, between parties that are all within the United States). These procedures are in addition to procedures that affect foreign communications (with one of the participants a non-US person outside the US).

Last night, I suggested there were 3 “normal” standards and one that doesn’t appear in the law pertaining to cybersecurity and encrypted communications. But that’s not entirely right. The last standard in the actual law reads,

(4) notwithstanding paragraphs (1), (2), and (3), with respect to any electronic surveillance approved pursuant to section 1802 (a) of this title, procedures that require that no contents of any communication to which a United States person is a party shall be disclosed, disseminated, or used for any purpose or retained for longer than 72 hours unless a court order under section 1805 of this title is obtained or unless the Attorney General determines that the information indicates a threat of death or serious bodily harm to any person.

That is, the actual law allows retention of information for up to 72 hours (presumably to process, which is moot anyway, since they’re actually keeping this data 5 years), unless the court or the Attorney General says it must be kept longer because it pertains to threat of death of serious bodily harm.

But in the minimization standards themselves, here’s how that reads.

A communication identified as a domestic communication will be promptly destroyed upon recognition unless the Director (or Acting Director) of NSA specifically determines, in writing, that:

the communication contains information pertaining to a threat of serious harm to life or property. [my emphasis]

In plain language, the law seems to be about saving human lives. But in paragraphs marked Secret, the government has redefined threat of death or “serious bodily harm to any person” as “serious harm to life or property.”

And while it’s just a guess here, I’m guessing that they switched this language, protecting property, not people, to protect corporate people.

In any case, spying on entirely domestic communications to protect against threats entirely to property, not life, sure seems like a giant loophole in a program that is supposed to be focused exclusively on foreign intelligence.

Share this entry

Keith Alexander’s Secret Lie: Retention and Distribution of Domestic Encrypted and Hacking Communications?

/19 Comments/in , , /by

As I noted in my last two posts, Keith Alexander has admitted that the classified lie Mark Udall and Ron Wyden accused him of telling “could have more precisely described the requirements of collection under FISA Amendments Act.”

He then goes onto repeat the many claims about Section 702, which are different forms of saying that it may not collect information on someone knowingly in the US.

Which leads me to suspect that the lie Udall and Wyden described is that the program can retain and distribute domestic communications, which are defined as “communications in which the sender and all intended recipients are reasonably believed to be located in the United States at the time of acquisition.”

The minimization procedures actually describe four kinds of domestic communications that can be distributed with written NSA Director determination. Three of those — significant foreign intelligence information, evidence of a crime imminently being committed, and threat of serious harm to life or property — were generally known. But there is a fourth which I think is probably huge collection:

Section 5(3)

The communication is reasonably believed to contain technical data base information, as defined in Section 2(i), or information necessary to understand or assess a communications security vulnerability. Such communication may be provided to the FBI and/or disseminated to other elements of the United States Government. Such communications may be returned for a period sufficient to allow a thorough exploitation and to permit access to data that are, or are reasonably believed likely to become, relevant to a current or future foreign intelligence requirement. Sufficient duration may vary with the nature of the exploitation.

a. In the context of a cryptanalytic effort, maintenance of technical data bases requires retention of all communications that are enciphered or reasonably believed to contain secret meaning, and sufficient duration may consist of any time period during which encrypted material is subject to, or of us in, cryptanalysis.

b. In the case of communications that are not enciphered or otherwise thought to contain secret meaning, sufficient duration is five years unless the Signal Intelligence Director, NSA, determines in writing that retention for a longer period is required to respond to authorized foreign intelligence or counterintelligence requirements,

Technical data base information, according to the definitions, “means information retained for cryptanalytic, traffic analytic, or signal exploitation purposes.”

In other words, hacking.

Encrypted communications and evidence of hacking have secretly been included in a law purportedly about foreign intelligence collection. And they can keep that information as long as it takes, exempting it from normal minimization requirements.

To be clear, the government still has to get the communication believing (according to its 51% rule) that it has one foreign component. But if Keith Alexander says so, NSA can keep it, forever, even after it finds out it is a domestic communication.

Update: Here’s the July 2012 letter to Clapper. Here’s Clapper’s August 2012 response — the good bits of which are all classified.

Share this entry

Aaron Swartz, Plea Leveraging & The Bordenkircher Problem

/64 Comments/in , , , , , /by

CryingJusticeAs Netroots Nation 2013 begins, I want to emphasize one of the best panels (If I do say so) of the event. It is titled: Beyond Aaron’s Law: Reining in Prosecutorial Overreach, and will be hosted by Marcy Wheeler. Joining Marcy will be Aaron Swartz’s attorney, Elliot R. Peters, of Keker & Van Nest LLP in San Francisco, Shayana Kadidal of the Center for Constitutional Rights in New York, and Professor Jonathan Simon of Boalt Hall at Berkeley. The panel goes off at 3:00 pm Saturday June 22.

As a lead in to the panel discussion, I want to address a topic that struck me from the first moment of the tragic loss of Aaron Swartz, the pernicious effect of the late 70’s Supreme Court case of Bordenkircher v. Hayes.

Paul Hayes was a defendant on a rather minor (involved $88.30), but still felonious, bad check charge in Kentucky. But Hayes had a bad prior criminal history with two felony priors. The prosecutor offered Hayes a stipulated five year plea, but flat out threatened Hayes that if he didn’t accept the offer, the prosecution would charge and prosecute under Kentucky’s habitual criminal (three strike) law. Hayes balked, went to trial and was subsequently convicted and sentenced to life in prison under the habitual offender enhancement charge. It was a prosecutorial blackmail threat to coerce a plea, and the prosecutor delivered on his threat.

Hayes appealed to every court imaginable on the theory of “vindictive prosecution” with the prosecutorial blackmail as the underlying premise. Effectively, the argument was if overly harsh charging and punishment is the penalty for a defendant exercising his right to trial, then such constitutes prosecutorial vindictiveness and degrades, if not guts, the defendant’s constitutionally protected right to trial.

Every appellate court along the way declined Hayes’ appeal until the 6th Circuit. The 6th, however, came up with a surprising decision, granting Hayes relief, but under a slightly different theory. The 6th held that if the prosecutor had originally charged Hayes with the habitual offender charge, and then offered to drop it if Hayes pled guilty, that would have been perfectly acceptable; but using it like a bludgeon in plea negotiations once the case was charged was impermissibly vindictive, and therefore unconstitutional.

Then, from the 6th Circuit, the case finally made its way to the Supreme Court of the United States. By that time, Hayes had long been in prison and the prison warden, Bordenkircher, was the nominal appellee in the caption of the case. The Supreme Court, distinguishing another seminal vindictive prosecution case, Blackledge v. Perry, reversed the 6th Circuit and reinstated Hayes’ life sentence.

Blackledge v. Perry is a famous case known in criminal defense circles as the “upping the ante case”. Blackledge was convicted of a misdemeanor and appealed, which in North Carolina at the time meant he would get a new trial in a higher court. The state retaliated by filing the charge as a felony in the higher court, thus “upping the ante”. The Supreme Court in Blackledge held that to Read more

Share this entry

Government Spying: Why You Can’t ‘Just Trust Us’

/33 Comments/in , , , , , , , , /by

imagesOkay you Wheelhouse mopes, Marcy, Jim and I are all in San Jose at Netroots. Not sure the jail in this here town is big enough to hold us all. Marcy already put up two posts earlier today, but posting may be a bit spotty, we shall see. I have an important one that will probably go up tomorrow morning on the Aaron Swartz case.

At any rate, to give some extra fodder here, and because Ms. Wheeler is terminally lame at noticing our own blog when she writes articles elsewhere, I am hereby placing you on notice that she has a great article that went up late yesterday at The Nation titled:

Government Spying: Why You Can’t ‘Just Trust Us’

Go read it, you will be glad you did! Other than that, use this as an open thread for Trash Talk (GO SPURS!), and anything and everything else you want to yammer about.

Share this entry

Minimization in the Age of Cyberwar

/29 Comments/in , /by

I’d like to compare how the NSA talking point document released yesterday compares with a document Glenn Greenwald has or has seen, with respect to minimization under Section 702 (PRISM/FAA) collection. Remember PRISM allows the government to access Internet communications with little review of individual targeting decisions, and any American communications accessed with that foreign target communication is also viewed.

The NSA document says US person communications can only be disseminated (this includes getting shared with FBI) if it is necessary to understand the communication, and evidence of crime, or indicates a threat of death.

The dissemination of any information about U.S. persons is expressly prohibited unless it is necessary to understand foreign intelligence or assess its importance; is evidence of a crime; or indicates a threat of death or serious bodily harm.

The Guardian document (which they did not publish) says US person communications — and note, these are entirely domestic communications — can be disseminated in two slightly different cases and a third unrelated one. The unrelated one permits US person communications to be disseminated if it contains “information necessary to understand or assess a communications security vulnerability.”

One typical example is a document submitted by the NSA in July 2009. In its first paragraph, it purports to set forth “minimization procedures” that “apply to the acquisition, retention, use, and dissemination of non-publicly available information concerning unconsenting United States persons that is acquired by targeting non-United States persons reasonably believed to be located outside the United States in accordance with section 702 of the Foreign Intelligence Surveillance Act of 1978, as amended.”

That document provides that “communications of or concerning United States persons that may be related to the authorized purpose of the acquisition may be forwarded to analytic personnel responsible for producing intelligence information from the collected data.” It also states that “such communications or information” – those from US citizens – “may be retained and disseminated” if it meets the guidelines set forth in the NSA’s procedures.

Those guidelines specifically address what the NSA does with what it calls “domestic communications”, defined as “communications in which the sender and all intended recipients are reasonably believed to be located in the United States at the time of acquisition”. The NSA expressly claims the right to store and even disseminate such domestic communication if: (1) “it is reasonably believed to contain significant foreign intelligence information”; (2) “the communication does not contain foreign intelligence information but is reasonably believed to contain evidence of a crime that has been, is being, or is about to be committed”; or (3) “the communication is reasonably believed to contain technical data base information, as defined in Section 2(i), or information necessary to understand or assess a communications security vulnerability.” [my emphasis]

Now, this is not an apple to apple comparison. Indeed, this could very well be an apples to small rubber child’s ball comparison.

The NSA document purports to describe minimization as it occurs today. The Guardian one dates to July 2009, so may be out of date, for starters.

And by design, the NSA timeline focuses on terrorism examples because TERROR TERROR TERROR is very convincing to people who don’t want to think. Based on the mention of a “communications security vulnerability,” the Guardian one seems to be a 702 order describing minimization for a cybersecurity order.

If that’s true, though, it suggests two things. First, that hacking has been equated to terrorism as a crime adequate to disseminate US person communications with no warrant.

And this is where the difference in the standard on foreign intelligence gets interesting: the NSA document claims that only communications necessary to understand foreign intelligence merits dissemination. The Guardian document only need be “reasonably believed to contain significant foreign intelligence information” (though admittedly, that may be the language used in the first instance).

But again, this minimization order is 4 years old. The other day the WaPo suggested that the NSA has changed how they collect Internet metadata (which may be what that other clause “technical data base information, as defined in Section 2(i)” in the minimization order refers to. It may be they’re conducting their cybersecurity dragnet via other means, perhaps even as a way to maintain this lower standard of minimization.

The government is clearly planning to engage in far more intrusive collection in the name of cyberwar than described in discussions about Section 702 (and at the end of the hearing yesterday, Mike Rogers alluded to keeping the programs in place, with their permissive standards, for other reasons, which I took to mean cybersecurity). And that is bound to treat far more Americans as targets of foreign-type collection.

Share this entry

Terrorist Hobgoblins Bite the Intelligence Community in Its Efficacy Ass

/36 Comments/in , , , /by

I just finished watching the House Intelligence Committee hearing on the NSA programs revealed by Edward Snowden. I’ll have a lot more to say about the content of the revelations in the next few days. But first, a general observation.

Since the initial Snowden revelations, the Intelligence Community and other Administration surrogates have been trying to minimize our understanding of the scope of their surveillance and use traditional fearmongering to justify the programs by focusing on the importance of the Section 702 collection to stopping terrorism. While James Clapper’s office has made it clear that Section 702 goes beyond counterterrorism by revealing that its  successes include counterproliferation and cybersecurity successes, as well as counterterrorism ones, the focus has nevertheless been on TERROR TERROR TERROR.

Today’s hearing was really the culmination of that process, when Keith Alexander boasted up upwards of 50 terrorist plots — about 40 of which were overseas — that Section 702 has prevented.

Of the four plots the government has revealed — David Headley, Najibullah Zazi, as well as these two today

Mr. Joyce described a plot to blow up the New York Stock Exchange by a Kansas City man, whom the agency was able to identify because he was in contact with “an extremist” in Yemen who was under surveillance. Mr. Joyce also talked about a San Diego man who planned to send financial support to a terrorist group in Somalia, and who was identified because the N.S.A. flagged his phone number as suspicious through its database of all domestic phone call logs, which was brought to light by Mr. Snowden’s disclosures.

… the government has either overblown the importance of these programs and their success or are fairly minor plots.

None of the four may be as uniquely worthwhile as the cyberattack described by Clapper’s office a week ago, which it has not, however, fleshed out.

Communications collected under Section 702 have provided significant and unique intelligence regarding potential cyber threats to the United States, including specific potential network computer attacks. This insight has led to successful efforts to mitigate these threats.

That is, the government might–might!–be able to make a far better case for the value of these programs in discussing their role in preventing cyberattacks rather than preventing terrorist plots.

And yet it hasn’t done so, even as it pushes one after another attempt to legislate internet access in the name of protecting Intellectual Property and critical infrastructure.

Given the increasing focus on cybersecurity — and the already dishonest claims people like Mike Rogers have made about the means to accomplish that focus — this is the discussion we need to be having, rather than digging up terror plots first developed in 2004 that never happened. But in the same way the government shied away from conducting an honest discussion with us in 2001 and again in 2006 about these programs, it is refusing to conduct an honest discussion about cybersecurity today.

And, ironically, that refusal is preventing them from describing the value of a program that surely contributes more to countering cyberattacks than terror attacks at this point.

Share this entry

The Truth: The NSA Has Been Working on Domestic Spying for Ten-Plus Years

/15 Comments/in , /by

[graphic: Electronic Frontier Foundation via Flickr]

[graphic: Electronic Frontier Foundation via Flickr]

The yapping of national security conservatives, whether self-identified as Republicans or Democrats, obscures the truth when they denigrate Edward Snowden’s flight to Hong Kong and subsequent attempts at whistleblowing.

The truth is this:

•  Others before Snowden tried to go through so-called chain of command or proper channels to complain about the National Security Agency’s domestic spying, or to refuse the NSA’s efforts to co-opt them or their business. These efforts did not work.

•  They were obstructed, harassed, or punished for their efforts. It did not matter whether they were insiders or outsiders, whistleblowers or plaintiffs, the results were the same for:

•  William Binney,
•  Thomas Drake,
•  Mark Klein,
•  Thomas Tamm,
•  Russell Tice,
•  and J. Kirk Wiebe,
•  as well as Joseph Nacchio.

•  The effort to spy on Americans, violating their privacy and taking their communications content, has been underway since before the Bush administration. (Yes, you read that right: BEFORE the Bush administration.)

•  Three presidents have either failed to stop it or encouraged it (Yes, including Bill Clinton with regard to ECHELON).

•  The program has been growing in physical size for more than a decade.

One document in particular [PDF] described the challenge of the NSA , from which this excerpt is drawn: Read more

Share this entry

Seeing Through the Blizzard to Utah: How Much Space Does Metadata Need

/17 Comments/in , , /by

In the blizzard of half-truths, dissembling, and prevarications about the nature of the National Security Agency’s surveillance programs, it’s easy to lose sight of the obvious. In this case, the obvious is about one million square feet in size.

First, a few other large scale objects for comparison:

[photo: DeveloperTutorials.com]

[photo: DeveloperTutorials.com]

Here’s Google’s data center in The Dalles, Oregon; note the size of cars in proportion to the size of the buildings on this campus. You’ll find cars are the best tool for estimating approximate physical scale of this and the following examples.

[photo: DataCenterKnowledge.com]

[photo: DataCenterKnowledge.com]

This is Apple’s data center in Maiden, North Carolina. Again, compare the automobiles against the building in the photo for scale.

[photo: DataCenterKnowledge.com]

[photo: DataCenterKnowledge.com]

Microsoft has a data center in Dublin, Ireland. It’s a little harder to estimate physical size in this photo. A key difference is the height of the facility, as if development was limited in footprint.  Read more

Share this entry

DOD, in 2015, after Next Big Leak: No More Removable Media

/21 Comments/in /by

In 2008, DOD’s computers in Iraq were infected with malware introduced via a thumb drive.

The order went out: no more removable media.

In 2009-10, Bradley Manning downloaded entire databased onto a Lady Gaga CD.

The order went out: no more removable media.

And now this:

Former National Security Agency contract employee Edward Snowden used a computer thumb drive to smuggle highly classified documents out of an NSA facility in Hawaii, using a portable digital device supposedly barred inside the cyber spying agency, U.S. officials said.

Investigators “know how many documents he downloaded and what server he took them from,” said one official who would not be named while speaking about the ongoing investigation.

Snowden worked as a system administrator, a technical job that gave him wide access to NSA computer networks and presumably a keen understanding of how those networks are monitored for unauthorized downloads.

“Of course, there are always exceptions” to the thumb drive ban, a former NSA official said, particularly for network administrators. “There are people who need to use a thumb drive and they have special permission. But when you use one, people always look at you funny.”

There are always exceptions to the removable media ban, it seems.

Share this entry