Posts

Those Cable Landings Chelsea Manning Didn’t Leak

Oman Cable LandingsYesterday, The Register published what it claims is the story that led GCHQ to destroy the Guardian’s hard drives: the location of a key GCHQ base in the Middle East and its relationships with British Telecom and Vodaphone.

While the BT/Vodaphone details are worth clicking through to read, I’m particularly interested in the focus on the base in Oman. (See an interactive map of the cable landings here.)

The secret British spy base is part of a programme codenamed “CIRCUIT” and also referred to as Overseas Processing Centre 1 (OPC-1). It is located at Seeb, on the northern coast of Oman, where it taps in to various undersea cables passing through the Strait of Hormuz into the Persian/Arabian Gulf. Seeb is one of a three site GCHQ network in Oman, at locations codenamed “TIMPANI”, “GUITAR” and “CLARINET”. TIMPANI, near the Strait of Hormuz, can monitor Iraqi communications. CLARINET, in the south of Oman, is strategically close to Yemen.

British national telco BT, referred to within GCHQ and the American NSA under the ultra-classified codename “REMEDY”, and Vodafone Cable (which owns the former Cable & Wireless company, aka “GERONTIC”) are the two top earners of secret GCHQ payments running into tens of millions of pounds annually.

The Brits would have you believe — and I have no reason to doubt them — that this cable landing in Oman is one of the key points in their surveillance infrastructure.

I raise this because of a cable listing the globe’s critical infrastructure — and fearmongering surrounding it — that Chelsea Manning leaked to Wikileaks. As I noted at the time, while the cable lists a slew of cable landings as critical infrastructure sites — including the Hibernia Atlantic undersea cable landing in Dublin, which gets mentioned in the Register story — it does not list a single cable landing site in the Middle East.

NEAR/MIDDLE EAST

Djibouti:
Bab al-Mendeb: Shipping lane is a critical supply chain node

Egypt:
‘Ayn Sukhnah-SuMEd Receiving Import Terminal
‘Sidi Kurayr-SuMed Offloading Export Terminal
Suez Canal

Iran:
Strait of Hormuz
Khark (Kharg) Island Sea Island Export Terminal
Khark Island T-Jetty

Iraq:
Al-Basrah Oil Terminal

Israel:
Rafael Ordnance Systems Division, Haifa, Israel: Critical to Sensor Fused Weapons (SFW), Wind Corrected Munitions Dispensers (WCMD), Tail Kits, and batteries

Kuwait:
Mina’ al Ahmadi Export Terminal

Morocco:
Strait of Gibraltar
Maghreb-Europe (GME) gas pipeline, Morocco

Oman:
Strait of Hormuz

Qatar:
Ras Laffan Industrial Center: By 2012 Qatar will be the largest source of imported LNG to U.S.

Saudi Arabia:
Abqaiq Processing Center: Largest crude oil processing and stabilization plant in the world
Al Ju’aymah Export Terminal: Part of the Ras Tanura complex
As Saffaniyah Processing Center
Qatif Pipeline Junction
Ras at Tanaqib Processing Center
Ras Tanura Export Terminal
Shaybah Central Gas-oil Separation Plant

Tunisia:
Trans-Med Gas Pipeline

United Arab Emirates (UAE):
Das Island Export Terminal
Jabal Zannah Export Terminal
Strait of Hormuz

Yemen:
Bab al-Mendeb: Shipping lane is a critical supply chain node

Note, Bahamas’ telecom, which recent reporting has also noted is critical to NSA’s spying, also gets no mention.

That’s not surprising in the least. The cable (and the list) is classified Secret. NSA and GCHQ’s prime collection points are (as the Register notes) classified several levels above Top Secret.

And while the list provided some indication of what sites were significant by their absence, it’s likely that the sites that were listed were the relatively unimportant sites.

At trial, Manning’s lawyers repeatedly point out that she had chosen not to leak stuff from JWICS, which would be classified at a higher level. The stuff she leaked, which she got on SIPRNET, was by definition less sensitive stuff.

I don’t mean to suggest this reflects on the relative value of what either Edward Snowden or Chelsea Manning leaked. I think it is a good indication, though, of how unfounded a lot of the fear mongering surrounding this particular leaked cable was.

It Was Verizon, with the Fiber Cable, Under the Atlantic

Egads. Nate is right. The SZ report is old — from August. Folks were chatting about it, I think, in conjunction with the new attention on the 12333 collection overseas, which is why I pointed to it. Thanks for pointing it out.

Remember when former Verizon COO John Stratton accused the Internet companies of “grandstanding” for objecting to having their data stolen?

In a media briefing in Tokyo, Stratton, the former chief operating officer of Verizon Wireless, said the company is “compelled” to abide by the law in each country that it operates in, and accused companies such as Microsoft, Google, and Yahoo of playing up to their customers’ indignation at the information contained in the continuing Snowden leak saga.

Stratton said that he appreciated that “consumer-centric IT firms” such as Yahoo, Google, Microsoft needed to “grandstand a bit, and wave their arms and protest loudly so as not to offend the sensibility of their customers.”

“This is a more important issue than that which is generated in a press release. This is a matter of national security.”

Stratton said the larger issue that failed to be addressed in the actions of the companies is of keeping security and liberty in balance.

“There is another question that needs to be kept in the balance, which is a question of civil liberty and the rights of the individual citizen in the context of that broader set of protections that the government seeks to create in its society.”

Grandstand this, baby:

On Friday Germany’s Süddeutsche newspaper published the most highly sensitive aspect of this operation – the names of the commercial companies working secretly with GCHQ, and giving the agency access to their customers’ private communications. The paper said it had seen a copy of an internal GCHQ powerpoint presentation from 2009 discussing Tempora.

The document identified for the first time which telecoms companies are working with GCHQ’s “special source” team. It gives top secret codenames for each firm, with BT (“Remedy”), Verizon Business (“Dacron”), and Vodafone Cable (“Gerontic”). The other firms include Global Crossing (“Pinnage”), Level 3 (“Little”), Viatel (“Vitreous”) and Interoute (“Streetcar”). The companies refused to comment on any specifics relating to Tempora, but several noted they were obliged to comply with UK and EU law.

Not that we didn’t already know this. Mostly, I’m just surprised AT&T is not included in this list.

The “Voluntary” Cooperation that Comes from Coercion of Licensing Agreements?

The Guardian today describes how hard GCHQ worked to prevent its intercepts from being discoverable in trials. It did so for two reasons: to prevent a political firestorm about the extent of the collection.

A briefing memo prepared for the board of GCHQ shortly before the decision was made public revealed that one reason the agency was keen to quash the proposals was the fear that even passing references to its wide-reaching surveillance powers could start a “damaging” public debate.

 

Referring to the decision to publish the report on intercept as evidence without classification, it noted: “Our main concern is that references to agency practices (ie the scale of interception and deletion) could lead to damaging public debate which might lead to legal challenges against the current regime.”

And to protect the telecoms, some of whose cooperation (I’m guessing British Telecom and Vodaphone, based on other reporting, but that is a wildarsed guess) goes beyond the requirements of the law.

In an extended excerpt of “the classified version” of a review prepared for the Privy Council, a formal body of advisors made up of current and former cabinet ministers, the document sets out the real nature of the relationship between telecoms firms and the UK government.

“Under RIPA [the Regulation of Investigatory Powers Act 2000], CSPs in the UK may be required to provide, at public expense, an adequate interception capability on their networks,” it states. “In practice all significant providers do provide such a capability. But in many cases their assistance – while in conformity with the law – goes well beyond what it requires.

The story references back to its earlier coverage on Tempora, the UK collection off cables, largely to note how different this description of the telecoms’ cooperation is from what they claimed back in June.

But given this description of their extensive cooperation, this detail from the original Tempora story sure looks more interesting.

The papers seen by the Guardian suggest some companies have been paid for the cost of their co-operation and GCHQ went to great lengths to keep their names secret. They were assigned “sensitive relationship teams” and staff were urged in one internal guidance paper to disguise the origin of “special source” material in their reports for fear that the role of the companies as intercept partners would cause “high-level political fallout”.

The source with knowledge of intelligence said on Friday the companies were obliged to co-operate in this operation. They are forbidden from revealing the existence of warrants compelling them to allow GCHQ access to the cables.

“There’s an overarching condition of the licensing of the companies that they have to co-operate in this. Should they decline, we can compel them to do so. They have no choice.”

Back in June, an anonymous source said the telecoms cooperate because their licensing depends on it. Now we learn that the government considers their cooperation voluntary, some of it beyond what is required.

I don’t know whether telecom law operates in the UK like in the US, but if the government premises licensing based on cooperation, it might get to the question I raised here, when I noted how the government reserved getting Department of Commerce involved in cases where companies didn’t provide the “voluntary” cooperation with cyberdefense the government demanded.

I think it’s quite possible the government (possibly both the US and UK) is/are demanding “voluntary” cooperation from the companies they license (on threat of losing their licenses). But remember, on a lot of this stuff, the government has held that companies can “voluntarily” turn over data (especially stuff facetiously called “foreign” based on false claims about the transit of data) without process if they want to.

So coerce the telecoms (and possibly, broadband) to cooperate under threat of licensing problems, then claim that this “voluntary” cooperation permits data sharing that otherwise would require legal process.

And in doing so, conduct a dragnet so vast that no judge would ever approve it.

Is that how it works?

Are the Brits Trying to Protect British Telecom?

In addition to her latest stories describing the generalized spying the NSA and GCHQ engage in, Laura Poitras today also tells her side of the David Miranda story. In it, she reveals the hard drives destroyed at the Guardian included details on Tempora.

Included on those drives were documents detailing GCHQ’s massive domestic spying program called “Tempora.”

This program deploys NSA’s XKeyscore “DeepDive” internet buffer technology which slows down the internet to allow GCHQ to spy on global communications, including those of UK citizens. Tempora relies on the “corporate partnership” of UK telecoms, including British Telecommunications and Vodafone. Revealing the secret partnerships between spy agencies and telecoms entrusted with the private communications of citizens is journalism, not terrorism.

It seems she’s trying to suggest that the Brits are trying to protect this program, specifically. Which would protect not just a spying technique (collecting data off the switches), but also the involvement of BT and Vodafone.

Remember, that weird Independent story from last week (which Snowden made clear did not come from him) also included details about BT and Vodaphone’s roles in this spying.

The Government also demanded that the paper not publish details of how UK telecoms firms, including BT and Vodafone, were secretly collaborating with GCHQ to intercept the vast majority of all internet traffic entering the country. The paper had details of the highly controversial and secret programme for over a month. But it only published information on the scheme – which involved paying the companies to tap into fibre-optic cables entering Britain – after the allegations appeared in the German newspaper Süddeutsche Zeitung.

It makes sense. Even in the US, even in the materials released so far, both the Guardian and Washington Post have protected the role that AT&T and Verizon play in this process.

The Independent story also mentioned a secret British spying base in the Middle East that played a role in Tempora.

One of the areas of concern in Whitehall is that details of the Middle East spying base which could identify its location could enter the public domain.

The data-gathering operation is part of a £1bn internet project still being assembled by GCHQ. It is part of the surveillance and monitoring system, code-named “Tempora”, whose wider aim is the global interception of digital communications, such as emails and text messages.

[snip]

The Middle East station was set up under a warrant signed by the then Foreign Secretary David Miliband, authorising GCHQ to monitor and store for analysis data passing through the network of fibre-optic cables that link up the internet around the world.

That part of the story made me remember Reprieve’s claims from earlier this year that British Telecom played a role in drone targeting in Djibouti.

BT’s slogan used to be ‘it’s good to talk’, but when it comes to contracts with the US military ‘it’s best to keep your mouth shut’ might be more appropriate.

Earlier this year Reprieve obtained evidence that BT had been awarded a contract worth over $23 million by the US Defense Information Systems Agency to provide communications infrastructure connecting US-run RAF Croughton in Northamptonshire with the secretive Camp Lemonnier in Djibouti.

Read more