The Rationale for NSA’s Bottomless Pit of Data: Hackers

In his must-read report on the bottomless data pit containing the NSA is building in Utah, James Bamford described the public explanations NSA Deputy Director Chris Inglis made when he broke ground on the facility.

[NSA deputy director Chris Inglis] arrived in Bluffdale at the site of the future data center, a flat, unpaved runway on a little-used part of Camp Williams, a National Guard training site. There, in a white tent set up for the occasion, Inglis joined Harvey Davis, the agency’s associate director for installations and logistics, and Utah senator Orrin Hatch, along with a few generals and politicians in a surreal ceremony. Standing in an odd wooden sandbox and holding gold-painted shovels, they made awkward jabs at the sand and thus officially broke ground on what the local media had simply dubbed “the spy center.” Hoping for some details on what was about to be built, reporters turned to one of the invited guests, Lane Beattie of the Salt Lake Chamber of Commerce. Did he have any idea of the purpose behind the new facility in his backyard? “Absolutely not,” he said with a self-conscious half laugh. “Nor do I want them spying on me.”

For his part, Inglis simply engaged in a bit of double-talk, emphasizing the least threatening aspect of the center: “It’s a state-of-the-art facility designed to support the intelligence community in its mission to, in turn, enable and protect the nation’s cybersecurity.” While cybersecurity will certainly be among the areas focused on in Bluffdale, what is collected, how it’s collected, and what is done with the material are far more important issues. Battling hackers makes for a nice cover—it’s easy to explain, and who could be against it? [my emphasis]

Inglis used hackers as cover for a spying facility that would collect and decrypt “all forms of communication, including the complete contents of private emails, cell phone calls, and Google searches, as well as all sorts of personal data trails—parking receipts, travel itineraries, bookstore purchases, and other digital ‘pocket litter’.” That is, Inglis used the threat of hackers to cover up for the fact that the government was spying on everyone.

Mind you, this was back in January 2011–before Anonymous threatened to take the Toobz down at a time when a key Anonymous hacker was being run by the FBI. Indeed, Inglis used hackers as his excuse for collecting massive amounts of data on everyone in the thick of the WikiLeaks excitement.

Nevertheless, Bamford describes Inglis publicly misleading about the centrality of hackers in the purpose of the bottomless pit when in fact the purpose is far broader. Particularly given the FBI’s recently exposed role running hackers, Inglis’ “double-talk” raises real questions about all the fear-mongering about hackers.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

26 replies
  1. sailmaker says:

    I seem to remember the Bush admin veiling their NSA spying by saying that they were going after porn, and “who would be against that?” 2006 Child Online Protection Act.

  2. MadDog says:

    I’ve got to say that James Bamford’s piece confirming stuff about NSA’s TIA-in-all-but-name surveillance beyond even the worst I’ve imagined just blew me away.

  3. bmaz says:

    Jeebus, that joint is even bigger than the ManTech facility in southern Arizona. Doing about the same work it seems…..

    Hell of an article by Bamford.

  4. emptywheel says:

    @MadDog: He reported on this facility a few times in the past, so we knew it was coming. The new bits are the decryption stuff (so to that extent it is about hackers, in part), and the dark data.

    But they had to be doing this–how else are they getting data on everyone buying acetone, for example?

  5. emptywheel says:

    @bmaz: Far, far bigger (and I think the San Antonio site is also bigger). Plus they are finally working through their translation issues in UT, I’m sure.

  6. bmaz says:

    @emptywheel: Yes, yes, but can they completely kill an entire riparian system by cravenly draining the water for cooling their systems, like ManTech/DOD has done to the San Pedro River?

  7. Bob Schacht says:

    This appears to be another chapter in the ongoing serial, “Be Afraid, Be Very Afraid…” wherein we trade our Constitutional Rights for some dubious assurances that low-probably threats will have a little lower probability.

    Bob in AZ

  8. geoschmidt says:

    @Bob Schacht:

    ” those whom that need some f’n security, then you don’t get it… ” (Bad quote!””)

    sorry, it’s too late in the day… bothe in the day, and metaphorically… the day… I am discusted. You know what… the time will come… we will come to a time… oh boy you wait… son’s of bitches will hang high!, or if not… well why not…? got’s to be some justice my pard…!

  9. MadDog says:

    @emptywheel: 2 things:

    1) To have the actual extent of NSA domestic surveillance confirmed was surprising to me. Yes, we’ve all conjectured this was happening, but having it confirmed is a whole other thing. And it hasn’t stopped.

    2) I was thinking last night after a Google News search how strange it is that almost no MSM outlet reported on this blockbuster of a story (Forbes was the exception). Where are all the National Security reporters? Savage, Risen, Priest, Gorman, Miller, etc.?

  10. PeasantParty says:

    How much is this venture costing us? I mean, we are so broke we can’t honor Social Security or keep schools open. That seriously mean Deficit Monster is going to eat us up over things like Fire fighters too.

    Evidently that Monster is not as hungry as they make it out to be.

  11. MadDog says:

    @MadDog: Has the NSA ever responded to a story before, at least with something more than “No Comment”?

    It appears they’ve responded to Bramford’s Wired piece:

    “…The NSA sent a short statement to the Deseret News on Friday, but only after Wired Magazine compiled a voluminous story published the same day…

    …The NSA statement says only that “many allegations have been made about the planned activities of the Utah Data Center. What it will be is a state-of-the-art facility designed to support the intelligence community’s efforts to further strengthen and protect the nation. NSA is the executive agent for the Office of the Director of National Intelligence and will be the lead agency at the center…”

    …”We are not going to dissect any particular news story — especially one that relies in part on the speculation of former officials and several unnamed sources,” the NSA statement says. “Those of us who are privileged to be a part of this great institution, NSA, see firsthand that our nation is indeed becoming safer as a result of our hard work, dedication and the collaboration across the entire intelligence community.”

  12. emptywheel says:

    @bmaz: Dunno the area particularly well, but likely uranium mining already did that here.

    Plus, if you design the site for the computers, it is somewhat less of a water and electricity suck. Remember, one of the reasons they need a new business is they were sucking the power dry in Ft Meade.

  13. emptywheel says:

    @MadDog: There’s an underlying tension here. Binney–the quoted former official–was also quoted extensively in Jane Mayer’s piece on Thomas Drake. She noted that he’s quite sick from diabetes and was one of the people they tried to bust for the Risen stories.

    Binney, who is six feet three, is a bespectacled sixty-seven-year-old man with wisps of dark hair; he has the quiet, tense air of a preoccupied intellectual. Now retired and suffering gravely from diabetes, which has already claimed his left leg, he agreed recently to speak publicly for the first time about the Drake case. When we met, at a restaurant near N.S.A. headquarters, he leaned crutches against an extra chair. “This is too serious not to talk about,” he said.
    [snip]
    On July 26, 2007, at 9 A.M. Eastern Standard Time, armed federal agents simultaneously raided the houses of Binney, Wiebe, and Roark. (At Roark’s house, in Oregon, it was six o’clock.) Binney was in the shower when agents arrived, and recalls, “They went right upstairs to the bathroom and held guns on me and my wife, right between the eyes.” The agents took computer equipment, a copy of the Inspector General complaint and a copy of a commercial pitch that Binney had written with Wiebe, Loomis, and Roark. In 2001, the N.S.A. indicated to Binney that he could pursue commercial projects based on ThinThread. He and the others thought that aspects of the software could be used to help detect Medicare fraud.

    Binney professed his innocence, and he says that the agents told him, “We think you’re lying. You need to implicate someone. ” He believed that they were trying to get him to name Roark as the Times’ source.

    I’ve long thought Binney’s willingness to go on the record for the Drake story is one of the things that made Drake’s continued prosecution untenable (aside from the legal problems). And Binney is one of the people that Drake talks about that is still being harassed (in this case bc he tried to monetize ThinThread).

    So the govt tried, and failed, to prosecute Binney. Now he’s at a point, healthwise, where he has little to lose AND where the govt would lose even more credibility if they tried to prosecute him. So they’re stuck with Binney going on the record in this fashion.

    I hope that Binney escaping any punishment might reveal that there’s a fundamental problem with leak prosecutions and encourage others to speak up.

    In any case, I think the NSA realizes they’re particularly screwed bc Binney’s still wired into NSA but they really don’t want to go after him.

  14. Bustednuckles/Phil says:

    @MadDog:
    …”We are not going to dissect any particular news story — especially one that relies in part on the speculation of former officials and several unnamed sources,” the NSA statement says.

    But you fucking bloggers are another matter, he did not say.

    I quit looking at my sitemeter a long time ago, those fuckers at the government level are all over our asses.
    .Mil, .Gov. city, state government offices, Major universities,the Sargent of arms of the US Senate, Dept. of housing, WAPO,
    I have fucking forgotten just how many government agencies swing by my joint and I am just a D list Blogger.
    Fuckin’ Marcy must be on speed dial for the No Such Agency, the FBI, CIA, The local cops and dog catcher too. More than likely, The Library of Congress is wanting to know if they have missed something lately.
    We first heard about this spying bullshit when that no name office in San Francisco got ratted out for duplicating all the internet connections way back in 08, or was it 07?

    Best of all, Google got caught with their dicks in their hands supplying it all and have gone ahead and doubled down on it.
    They are trying to go to a cashless monetary system because even Safeway will tell them how much beer you buy every month.

    You have no privacy, get used to it.

  15. MadDog says:

    @emptywheel: The low population density ratio to water availability is probably a factor. Google Map shows Bluffdale (and Camp Williams) about 5 miles north of Utah Lake and 6-7 miles south of the Great Salt Lake (and Kennecott Tailings Ponds 1 & 2).

    And I don’t know about “if you design the site for the computers, it is somewhat less of a water and electricity suck”. Less than what? Bamford’s article says that the site has been designed to use:

    “…fuel tanks large enough to power the backup generators for three days in an emergency, water storage with the capability of pumping 1.7 million gallons of liquid per day, as well as a sewage system and massive air-conditioning system to keep all those servers cool. Electricity will come from the center’s own substation built by Rocky Mountain Power to satisfy the 65-megawatt power demand. Such a mammoth amount of energy comes with a mammoth price tag—about $40 million a year, according to one estimate…”

    My impression is that computer sites generally make a big demand on water and electricity.

  16. Frank33 says:

    Who are the greatest cyber criminals? They are Bill Gates and the software engineers at Microsoft. “Back doors”, allowing remote control of “botted” machines, have been a standard feature of all the Microsoft operating systems. The fact that “Zbot/Zeus” has infected millions of machines is further proof.

    According to Trusteer a security company, “Zeus is the #1 botnet, with 3.6 million PCs infected in the US alone (i.e. approximately 1% of the PCs in the US)

    Real criminals are very familiar with these tools to steal real money. Zbot can also be used to steal National Security classified information. But there are many others in the One Percent who use computers to violate the law. Corporations such as Sony installed “rootkits” secretly. HB Gary sold rootkits. And the US Government Dept of Justice broke the law, again. Holder’s flunkies illegally took millions of dollars from Kim Dotcom of MegaUpload. This also suggests their case against MegaUpload is bogus.

    A judge in New Zealand, where the 38-year-old Dotcom is a citizen, ruled on Friday that U.S. authorities did not obtain the proper court order before sending local police to seize his property, according to The New Zealand Herald.

    That means New Zealand police went on an unlawful manhunt and illegally invaded Dotcom’s home, taking his vehicles, electronics, jewelry and all other financial assets, without a valid court order to back them up.

  17. MadDog says:

    @emptywheel: I thought the name Binney rang a bell, but I sure didn’t put it together with Drake (try using the innertoobz MD. Doh!), so ta for stitching it together.

    So given Binney’s credentials, history and health state, the credibility of his tale is likely right up there at the top of the scale.

    Which makes the MSM silence all the more deafening.

  18. MadDog says:

    @Bustednuckles/Phil: Yeah, who needs to respond in the media when they’ve got everyone by the digital short hairs?

    Your checking account has a negative balance? And it used to have thousands in a positive balance? Oh dear me. Computers never make mistakes, so you must have overdrawn your account. We’ll be foreclosing on your home now. Have a nice day!

  19. MadDog says:

    OT, but in for a penny, in for a pound – Jack Goldsmith has this piece up over at the Foreign Policy blog:

    Fire When Ready

    “Obama’s targeted drone strikes — even on Americans — aren’t illegal. In fact, there’s a solid legal foundation and a number of checks and balances upholding his right to take out terrorists…”

    A pixie-dusted AUMF and everything becomes legal.

  20. greg brown says:

    “In his must-read report on the bottomless data pit containing the NSA is building in Utah,”

    i’m sorry this clause makes no sense to me :-(

  21. William Ockham says:

    Wow, great article from Bamford. I am a bit skeptical about some of the encryption stuff. I doubt they are trying to brute force AES encryption. It is much more likely that they are looking for holes in specific implementations. There are lots of ways to screw up the implementation of crypto code and programmers make mistakes. Finding the right kind of error would open up encrypted communications to immediate decryption which is really the only kind that would have a lot of value to the NSA.

    The reality is that most of what they are looking for isn’t encrypted in the first place. What I suspect they are working on are new ways to do real-time pattern analysis on the stream of connection information that flows through their system. Even these new systems can’t hope to store all the content that flows through the grid. What they really want to do is to be able to store just a tiny fraction of the content that in turn contains the even tinier fraction that they are interested in.

    Of course there is no real evidence that any of this massively expensive computing infrastructure does us any good (unless you are one of the contractors building and maintaining it).

  22. Bob Schacht says:

    @MadDog: True Conservatives would be howling mad about this. But they have become Statist, and probably fascist. It is alarming to me that a Democratic president would be doing this.

    I blame it all on the damned AUMF. With that still in place, Constitutional concerns just don’t even come up any more.

    Bob in AZ

  23. jerryy says:

    @William Ockham: “…What I suspect they are working on are new ways to do real-time pattern analysis on the stream of connection information that flows through their system.”

    That sounds about right.

    ” Even these new systems can’t hope to store all the content that flows through the grid. What they really want to do is to be able to store just a tiny fraction of the content that in turn contains the even tinier fraction that they are interested in.”

    I am not convinced about this thought. Storage device makers have been working hard on this problem. Seagate has announced technology that will give us 60TB harddrives for our desktop computers (yeah it is of course in the near future) — not 60Terrabit, but the full TerraByte(*1), so that you can put the usual two drives in your desktop computer to get 120TB. This is commercial to the public stuff, so as always, the bleeding dripping edge stuff is being tested in places like the Utah facility.

    *1 http://www.jamesshuggins.com/h/tek1/how_big.htm (this link gives you some ideas about how big this is, notice where the amount of printed material in the US Library of Congress comes in).

    Closer to the main topic: Our government has opposed encryption on the internet since its humble beginnings. At one time the government almost made a very fatal mistake and tried to ban its use and development. People around the country began to protest, some wearing t-shirts with encryption algorithms written on them, etc. The Europeans were eating our lunch, breakfast and dinner in this area. The commercial side of the internet was rearing its head and sop the government relented. Now you can use your credit card on the ‘net to buy stuff and commercial entities can send info ‘reasonably safely’ to other commercial entities in miliseconds. We sould live in a vastly different country if the government had managed to forbid US citizens the ability to use encryption on the internet.

    But that does not stop the gov spooks from trying to stop us anyway.

  24. lefty665 says:

    @jerryy:

    “…the bleeding dripping edge stuff is being tested in places like the Utah facility.”

    We don’t know what current capabilities are, but… we do know they stay 5-10 years ahead. Moore’s law is doubling in 18 months. 4x=a generation in 3 years. A 3 generation spread is historically reasonable.

    The technology the rest of us are using today could be roughly what they were driving a decade ago. Extrapolate the past change we can see forward a decade to get a sense of where they are today.

    Their first terrabyte storage (late 60’s??) was a closet sized tape cartridge rack, and in the museum along with their Cray 1. Today the rest of us can get 2tb drives for a hundred bucks. Anyone really want to bet that for the last 50 years cubic money has not bought/engineered resources to hold it all?

    @William Ockham:

    “store just a tiny fraction of the content that in turn contains the even tinier fraction they are interested in.”

    Expect you are right about an emphasis on real time analysis as a new capability, but that’s as much petaflops as terraytes. Who can know when seemingly useless data will become interesting? For encrypted stuff, when they break a system, all the traffic in it is accessible if they’ve hung onto it. Historically that is what they have done. Is there any evidence that they’ve changed their spots or been so overrun by volume they’ve dumped anything? Looks like Ft. Meade’s 60+ year run as the largest computer installation in the world is about over. Too funny it could be in part due to Pepco’s inability to provide enough KWs.

    Traffic analysis and unencrypted data can be as revealing in hindsight as in real time. Pretty good way to identify cohorts when someone is fingered. Too bad for the rest of us if we bought a pizza at the same place a bad guy did 5 years ago, or with the same toppings, or or… Go ask Winston, he can tell you.

  25. earlofhuntingdon says:

    @William Ockham: Pattern detection and forecasting software does seem to be a new holy grail for intel types. I understand MIT is in the running to provide it.

Comments are closed.