Big Brother is Watching You. Yes, YOU.

(x-posted from TexasKAOS, where we're taking Texas back!)

CNet is reporting that some disturbing information about the NSA's data collection techniques was revealed at last Friday's "Search & Seizure in the Digital Age" symposium at Stanford.

Paul Ohm, a former employee of the Justice Department who worked in their Computer Crime and Intellectual Property division, explained how data-gathering has changed since the federal government abandoned it's Carnivore program a few years ago.  While Carnivore was set up to only collect data which matched certain filters, the full pipe technique (aka "the vacuum cleaner method") is highly invasive and puts our privacy rights at risk:

"What they're doing is even worse than Carnivore," said Kevin Bankston, a staff attorney at the Electronic Frontier Foundation who attended the Stanford event. "What they're doing is intercepting everyone and then choosing their targets."

Carnivore was actually part of a software suite called "DragonWare", which was composed of three programs.  Carnivore could "monitor all of a target user's Internet traffic", capture it, then store the data in raw packets.  A program called Packeteer processed the raw data, then a program called Cool Miner was used to "display and organize the intercepted data" (source).  When completed, the NSA could then duplicate exactly what a user was doing on the internet, from reading email to viewing web pages accessed by targets. 

Carnivore was basically a packet sniffer on steroids.  Packet sniffers have been around for ages; they're used by both IT professionals like myself and malicious hackers.  I suppose that like most tools, it can be used for good or evil. Here's a visual representation of how Carnivore works:

I am hesitant to speculate on exactly how the NSA is employing the vacuum cleaner technique, but I am going to anyway because I have a technical background and privacy is one of my main concerns.  I strongly suspect this is part of the illegal domestic wiretapping program reported in the New York Times in 2005.  As we all know, Bush signed an executive order allowing our spy agencies to ignore FISA and spy on Americans without a warrant. When the NYT broke the story, privacy advocates warned that innocent Americans would be caught up in the net.  The Bushies brushed off that concern and tried to reframe the scandal as a "terrorist surveillance program". With these latest revelations, we can be almost certain that innocent Americans are being targetted by the NSA's full pipe surveillance.

While I have no proof of this, I suspect that the NSA could be using it's ECHELON system to carry out this surveillance. That's pure speculation right there, admittedly.  However, if ECHELON is not being used, there is still solid evidence that indicates that the hardware neccessary to carry out this spying is already in place. 

This should explain why I suspect this is part of the illegal domestic spying program.  In April of 2006, a former AT&T employee stepped forward as a whistleblower.  Mark Klein provided internal AT&T documents establishing the existence of a secret surveillance room in the SBC building at 611 Folsom Street in San Francisco.  Klein provided all sorts of information, including network maps, build documents, and work orders related to the construction of the room.  Klein was mainly concerned that these documents provided evidence that the federal government was setting up their Total Information Awareness program.  They clearly showed that AT&T's network traffic was routed to a room containing a Narus STA 6400 (a real-time spying device). To the technically inclined such as myself, those documents were scary as hell.

According to evidence provided by Klein, by January of 2003 AT&T split all of their existing WorldNet circuits into the secret room.  In February of 2003, they split their peering partners' circuits into the room.  Those peering partners included ConXion, Verio, XO, Genuity, Qwest, PAIX, Allegiance, AboveNet, Global Crossing, C&W, UUNET, Level 3, Sprint, Telia, PSINet and MAE-West.  Put simply, almost all American public internet traffic travels over one of those networks.  Klein's documents also revealed that all new AT&T circuits were to be split through the surveillance room.

You'll notice a graphic representation of a peering point to the left.  The four clouds represent four separate networks, and the circle in the middle (the peering point) represents where the networks physically meet and pass traffic to each other. Basically, what AT&T did was stick a Narus right in the middle of that little circle.

While the federal government claims that TIA never got off the ground, Congress did not cut off all funding.  In fact, several components of TIA are still being funded, and many privacy advocates believe that these components are being used to install more surveillance rooms at internet backbone peering points across the nation.  The AT&T documents provided by Klein allude to installations at other facilities.

It seems to me that the evidence provided by Klein indicates that the hardware for TIA did indeed get funded and deployed.  And Ohm's statement in Stanford indicates that the federal government is sweeping up all sorts of communications, including email, voice traffic, voice over IP, ftp, and http (web browsing). This is exactly what the Narus device is intended to do: sweep everything up like a vacuum cleaner.  And the idea of "sweep first, filter later" does not provide for the appropriate protections guaranteed by the 4th Amendment.

It will be interesting to see how our spy agencies and the federal government react to Ohm's statement over the next few days. 

Let me be clear: data mining and surveillance are good things in some cases.  But since we have the technology to zero in on suspected surveillance targets, I see no reason to capture and store the data on regular, everyday, non-suspect internet users.  And seeing as this program is being controlled at the behest of the Bush Administration - who've already shown a great disregard for the US Constitution - I strongly suspect that the program is being abused. Unless Congress is willing to exercise some oversight in this case, we may have to wait for the next Mark Klein to step forward before we know the full extent of the damage.

note: eyeball image courtesy of eyeball online

Tags: AT&T, Big Brother, Carnivore, CNet, Echelon, Mark Klein, Narus, NSA, privacy, wiretapping (all tags)



hopefully this is useful stuff

yea yea, i know it's not horse race related, but i thought there would be enough privacy advocates here that this would be of interest. =)

by annatopia 2007-01-30 12:34PM | 0 recs
Re: hopefully this is useful stuff

I get bored with the horserace -- it's consistently content-free, even when done well.  This is great.

by jsw 2007-01-30 02:11PM | 0 recs
Re: hopefully this is useful stuff

does anyone remember the TIA pyramid diagram?

by heyAnita 2007-01-31 05:32AM | 0 recs
Re: Big Brother is Watching You. Yes, YOU.
this loose file -on -everyone thingy skates across my list of fears and fails to land hard enough to disable me.  i think activists are allowed to function until they need to be spanked and scared off.  
   how would a legal banishing of this assure anyone that the data gathering had actually ceased?  no one could realistically believe this stuff would stop because laws forbade it or because it is wrong.  
   we have accepted that our government spies on its citizens and resigned ourselves that there is no way to stop it.  if we did not accept it, we would erode away from paranoia.  
by truettspeak 2007-01-30 02:55PM | 0 recs

well, i would say that most DBAs i know say it's hard to get rid of something once it's in storage.  in my work environment, i've found that is true - the only stuff we really keep is the stuff in our databases.

but that's not to say that one can't get rid of data.  it's easy to destroy if you have the right tools.  the question then becomes one of getting access to where it's stored.  

by annatopia 2007-01-30 04:31PM | 0 recs
Re: Big Brother is Watching You. Yes, YOU.

A while back when this was first coming out, whenever I spoke with my father via long distance and there was noise on the line I'd say, "Dad, by the way, John Ashcroft is an asshole." Dad, in his eighties and a 20 plus year veteran still gets a chuckle out of it.

by Michael Bersin 2007-01-31 03:33AM | 0 recs
Re: Big Brother is Watching You. Yes, YOU.

I would get a chuckle out of it if you could do a trap on the ani/ picc identifiers out of the voltage bounce on the line.

Where can we get hardware that guarantees no-one is intercepting our call? It has to be easy to do, esp. if you have voip - right?

BTW as a researcher I would wager that the noise you'd get on voip would be charlie-browning since the packets would fall out of sequence a bit and it would likely be timing.

what do you think?

by heyAnita 2007-01-31 05:35AM | 0 recs
Re: Big Brother is Watching You. Yes, YOU.

Yes, but I think Stravinsky's earlier works are much more accessible to the general public.

by Michael Bersin 2007-01-31 07:37AM | 0 recs

voip isn't safe.  in fact klein's docs specifically referred to AT&T's voip lines being cut into the NSA room.

and BTW, i failed to make clear that klein's docs specifically say the room was built at the behest of the federal government, and that only the federal government technicians are allowed in the room.  AT&T's employees can't even get in there.

by annatopia 2007-01-31 10:59AM | 0 recs
Re: actually

Okay, now you're both scaring me...

by Michael Bersin 2007-01-31 02:33PM | 0 recs
Re: actually

yea, it's pretty scary stuff. the whistleblower link in my post leads to a summary report written by klein.  the documents themselves are there, too, if you care to scan them, although i warn you, if you aren't technical some of it will make your eyes gloss over.

by annatopia 2007-01-31 06:42PM | 0 recs


Advertise Blogads