Later On

A blog written for those whose interests more or less match mine.

NSA security flaw and difficulties with honesty

leave a comment »

NSA runs a loose ship, at least in some respects. See this story about how sysadmins at NSA have access to high-level users’ IDS and logins. You can practically see the thoughts that slowly scrolled through their minds when Snowden had material classified far above his grade: “He can’t possibly have those, because those are protected by a set of passwords, and the only person with access that that information is … wait a minute. I just had a thought,..” and so on. I suggest that NSA seriously consider changing their middle name.

And this article is interesting because, although NSA is perfectly willing to tell a direct lie (James Clapper telling Congress that the NSA does not have records for millions or hundreds of millions of Amercians when in fact it did at the time, as he knew perfectly well, or any number of lies from Keith Alexander), but clearly that would rather mislead people—to get the benefit of a lie without technically telling a lie.

In short: the NSA cannot be trusted. Not at all. That is why independent monitors, who report to Congress and not to the Executive Branch, are needed.

Trevor Timm gives in Salon an example of how carefully one must parse NSA statements:

The Wall Street Journal published an important investigation last week, reporting that the National Security Agency (NSA) has direct access to many key telecommunications switches around the country and “has the capacity to reach roughly 75% of all U.S. Internet traffic in the hunt for foreign intelligence, including a wide array of communications by foreigners and Americans.” Notably, NSA officials repeatedly refused to talk about this story on their conference call with reporters the next day. Instead, the Director of National Intelligence and the NSA released a statement about the story later that evening.

If you read the statement quickly, it seems like the NSA is disputing the WSJ story. But on careful reading, they actually do not deny any of it. As we’ve shown before, often you have to carefully parse NSA statements to root out deception and misinformation, and this statement is no different. They’ve tried to deflect an accurate story with their same old word games. Here’s a breakdown:

The NSA does not sift through and have unfettered access to 75% of United States online communications…The report leaves readers with the impression that the NSA is sifting through as much as 75% of the United States online communications, which is simply not true.

Of course, the Wall Street Journal never says the NSA “sifts through” 75 percent of U.S. communications. They reported the NSA’s system “has the capacity to reach roughly 75% of all U.S. Internet traffic.” The NSA’s new term “sift” is undefined, but regardless of what the NSA is doing or not doing to 75 percent of Americans’ emails, they do have the technical capacity to search through it for key words—which they do not deny.

In its foreign intelligence mission, and using all its authorities, NSA “touches” about 1.6%, and analysts look at 0.00004% of the world’s Internet traffic.

See what they did there? The Wall Street Journal was talking about US-only communications traffic, not the world’s total Internet traffic. The vast majority of the world’s Internet traffic is video—streaming and downloads. According to a study done by Cisco, video made up more than half of all web traffic in 2012—and that does not include peer-to-peer sharing. By 2017, they predict 90 percent of all Internet traffic will be video.

As Jeff Jarvis aptly documented, the NSA can vacuum up an extraordinary percentage of the world’s (and American) communications while only touching 1.6 percent of total Internet traffic.

Oh, and that 0.00004 percent? That math may be wrong too. The Atlantic Wire double-checked the NSA’s numbers when they first used that stat and determined the NSA’s math was off by an order of magnitude – it actually searches ten times more than they say they do.1

The assistance from the providers, which is compelled by the law, is the same activity that has been previously revealed as part of Section 702 collection and PRISM.

First, notice that they are conflating PRISM—which involves collection from Internet companies like Facebook—with the “upstream” collection the Wall Street Journal reports on: telecommunications companies like AT&T that give the NSA direct access to the fiber optic cables that all Internet traffic travels over. Here’s the NSA’s own leaked graphic explaining the difference: . . .

Continue reading.

Written by LeisureGuy

31 August 2013 at 9:47 am

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s