NSA’s PRISM and the Oddity of PalTalk

/18 Comments/in , /by

[graphic: GuardianUK (mod)]

[graphic: GuardianUK]

Remember this presentation slide on PRISM from last month’s blockbuster report by the Guardian-UK?

Remember the one outlier right smack in the middle of the slide — the company name most folks don’t recognize?

PalTalk.

Very few news outlets tackled PalTalk, explaining what the business is and asking why it was included in the program. There was little more than cursory digging; Foreign Policy looked into PalTalk’s background, while PCMag merely asked in a snarky piece why PalTalk instead of a myriad of other larger alternative social media platforms.

It’s still a good question, but the answer might be right in front of us with a little more analysis.

PalTalk is an “online video chat community,” according to its own description. This means it is in the same competitive space as AOL and Skype, as well as Microsoft’s Hotmail IM and Yahoo Messenger.

The slide we’ve seen doesn’t tell us if access to AOL, Microsoft, and Yahoo was limited to email only, however. We can’t be certain PRISM and the other programs referenced in this particular NSA presentation weren’t also permitted access to live chat environments hosted by these companies. Foreign Policy sidled up to the issue, mentioning Yahoo as well as PalTalk, but didn’t follow through. It’s been relatively easy to see how interest veered away from this question; many news outlets focused on email metadata, not chat.

Squirrel away the unasked, unanswered question(s) about chat someplace for future reference.

With regard to PalTalk, Foreign Policy noted the organization was singular among the companies cited in the NSA slide as it was not a Silicon Valley firm. PalTalk is based in New York. The line of inquiry here went no further.

Hello, New York? This small business is co-located in an AT&T facility in Manhattan, and in New Jersey according the firm’s CEO and founder Jeffrey Katz in a Forbes article dd. 2003 to which FP linked:

“…He rents space in two AT&T data centers, one in Manhattan, another in Secaucus, N.J., with $700,000 worth of computer equipment, including 80 lower-end servers from Dell Computer and five IBM Unix servers. …”

This should raise numerous questions at this point. Manhattan must be an extremely expensive place to run a data center, cheek-and-jowl with financial traffic demanding extremely high uptime. Because of the frequency with which New York was mentioned in published content about PalTalk, the New Jersey location is likely a redundant facility for the purposes of business continuity if the main facility is disrupted.

You’ll recall the last major disruptions to data traffic out of New York were due to Hurricane Sandy and 9/11.

Why would a tiny online video chat community need a data center likely to have world-class uptime and redundancy of a nature a company might need only twice a decade? Read more

The Shell Game: What is Microsoft Doing?

/32 Comments/in /by

[graphic: Google Finance]

[graphic: Google Finance]

What is this so-called tech company doing?

Microsoft sees itself as going head-to-head with Apple and Google. The 10-year chart above comparing Microsoft, Apple, and Google stock tells us this has been a delusional perception.

It also sees itself in competition with IBM. Yet IBM surpassed it in market value two years ago, even after nearly a decade of ubiquity across personal computers in the U.S. and in much of the world. (IBM is included in that chart above, too.)

One might expect a sea change to improve performance, but is the shell game shuffling of Microsoft executives really designed to deliver results to the bottom line?

Tech and business sector folks are asking as well what is going on in Redmond; even the executive assignments seemed off-kilter. One keen analysis by former Microsoft employee Ben Thompson picked apart the company’s reorganization announcement last Thursday — coincidentally the same day the Guardian published a report that Microsoft had “collaborated closely” with the National Security Agency — noting that the restructuring doesn’t make sense.

The new organization pulls everything related to Windows 8 under a single leader, from desktop to mobile devices using the same operating system, migrating to a functional structure from a divisional structure. There are several flaws in this strategy Thompson notes, but a key problem is accountability.

To tech industry analysts, the new functional structure makes it difficult to follow a trail of failure in design and implementation for any single product under this functional umbrella.

To business analysts, the lack of accountability means outcomes of successful products hide failed products under the functional umbrella, diluting overall traceability of financial performance.

But something altogether different might be happening beneath the umbrella of Windows 8.

There’s only one product now, regardless of device — one ring to rule them all. It’s reasonable to expect that every single desktop, netbook, tablet, cellphone running on Windows 8 will now substantially be the same software.

Which means going forward there’s only one application they need to allow the NSA to access for a multitude of devices.

We’ve already learned from a Microsoft spokesman that the company informs the NSA about bugs or holes in its applications BEFORE it notifies the public.

It’s been reported for years about numerous backdoors and holes built intentionally and unintentionally into Microsoft’s operating systems, from Windows 98 forward, used by the NSA and other law enforcement entities.

Now Skype has likewise been compromised after Microsoft’s acquisition of the communications application and infrastructure for the purposes of gathering content and eavesdropping by the NSA, included in the PRISM program.

Given these backdoors, holes, and bugs, Microsoft’s Patch Tuesday — in addition to its product registration methodology requiring online validation of equipment — certainly look very different when one considers each opportunity Microsoft uses to reach out and touch business and private computers for security enhancements and product key validations.

Why shouldn’t anyone believe that the true purpose of Microsoft’s reorganization is to serve the NSA’s needs?

Tech magazine The Verge noted with the promotion of Terry Myerson to lead Windows — it’s said Myerson “crumples under the spotlight and is ungenerous with the press” — Microsoft doesn’t appear eager to answer questions about Windows.

As ComputerworldUK’s Glyn Moody asked with regard to collaboration with the NSA, “How can any company ever trust Microsoft again?”

If a company can’t trust them, why should the public?

The capper, existing outside Microsoft’s Windows 8 product: Xbox One’s Kinect feature is always on, in order to sense possible commands in the area where Kinect is installed.

ACLU’s senior policy analyst Chris Sogohian tweeted last Thursday, “… who in their right mind would trust an always-on Microsoft-controlled Xbox camera in their living room?”

One might wonder how often the question of trust will be raised before serious change is made with regard to Microsoft’s relationship with the NSA. With political strategist Mark Penn handling marketing for the corporation and Steve Ballmer still at the helm as CEO, don’t hold your breath.

Negative Manning Decision and the Future of Investigative Journalism

/7 Comments/in , , , , , , , , , /by

imagesLittle more than few hours ago, a critical ruling was handed down by Judge Denise Lind in the Bradley Manning UCMJ prosecution ongoing at Fort Meade. The decision was on based on this motion by the defense seeking dismissal of the “Aiding the Enemy” charge, among others in the prosecution.

To make a long, even if sadly predictable, story short, the motion was denied by Judge Lind and the charge will proceed to determination on the merits. This is, to be sure, a nod to the prosecution (which is actually the standard in such motions for directed verdicts during trials; that is the facts are taken in the light most favorable to the non-moving party, the government). It is also, obviously, a blow to the defense, although undoubtedly an expected one for defense attorney David Coombs. There is a very outside chance of a silver lining I will discuss below.

Julie Tate at the Washington Post sets the table:

The motion to dismiss the charge was filed July 4 by Manning’s civilian defense attorney. He argued that the government had failed to show that Manning “had ‘actual knowledge’ that by giving information to WikiLeaks, he was giving information to an enemy of the United States.” He said the government did introduce evidence “which might establish that PFC Manning ‘inadvertently, accidentally, or negligently’ gave intelligence to the enemy,” but that this was not enough to prove the most serious charge against him, known as an Article 104 offense.

On two separate occasions, Lind, an Army colonel, had questioned military prosecutors about whether they would be pursuing the charge if the information had been leaked directly to The Washington Post or the New York Times. Each time, the prosecution said it would. That troubles advocates for whistleblowers, who fear that the leaking of national defense information that appears online, as it inevitably does, can be construed as assisting the enemy.

If convicted of aiding the enemy, Manning, an intelligence analyst who served in Iraq, could face life in prison.

That describes the motion and the stakes as to Manning. Julie’s article also gives more particulars on the denial this morning, and is worth a read. For a tick tock, please see the continuously good coverage by Kevin Gosztola of Firedoglake.

But as enormous as the stakes are for Bradley Manning, the enterprise of investigative journalism is also on trial, even if in an indirect manner.

Yet another journalist who has tirelessly, and superbly, covered the Manning prosecution, Alexis O’Brien, has written at the Daily Beast, the stakes for investigative journalism are also life and/or death in the face of the security/surveillance state. Citing the in court, and on the trial record, compelling testimony of Professor Yochai Benkler of Harvard Law School, Alexis related:

In a historic elocution in court last week, Prof. Yochai Benkler, co-director of the Berkman Center for Internet and Society at Harvard Law School, told Lind that “the cost of finding Pfc. Manning guilty of aiding the enemy would impose” too great a burden on the “willingness of people of good conscience but not infinite courage to come forward,” and “would severely undermine the way in which leak-based investigative journalism has worked in the tradition of [the] free press in the United States.”

“[I]f handing materials over to an organization that can be read by anyone with an internet connection, means that you are handing [it] over to the enemy—that essentially means that any leak to a media organization that can be read by any enemy anywhere in the world, becomes automatically aiding the enemy,” said Benkler. “[T]hat can’t possibly be the claim,” he added.

Benkler testified that WikiLeaks was a new mode of digital journalism that fit into a distributed model of emergent newsgathering and dissemination in the Internet age, what he termed the “networked Fourth Estate.” When asked by the prosecution if “mass document leaking is somewhat inconsistent with journalism,” Benkler responded that analysis of large data sets like the Iraq War Logs provides insight not found in one or two documents containing a “smoking gun.” The Iraq War Logs, he said, provided an alternative, independent count of casualties “based on formal documents that allowed for an analysis that was uncorrelated with the analysis that already came with an understanding of its political consequences.”

Those really are the stakes in the, now, not all that new age of digital journalism. When the prosecutors in the Manning trial, upon direct questioning by Judge Lind as to whether they would still prosecute Manning if his leaks had been delivered straight to the New York Times or Washington Post, it had to be a wake up call for traditional media. Or so you would think. But, really, the outrage has been far greater over the James Rosen/Fox subpoena that could, and arguably should, be considered relative peanuts.

But, Yochai Benkler is right as to the import of the consideration as to Wikileaks in the Manning case.

In closing, the one slim and thin ray of limited hope from today’s ruling by Denise Lind: If I were Lind and cared at all about the ultimate verdict on Pvt. Bradley Manning, I too would have made this ruling. Why, you ask? Well, because a dismissal on the motion would have been the equivalent of a directed verdict on the law and would be far easier to overturn on appeal than a decision on the merits that the government has not met its burden of proof. Is this possible; sure, it certainly is. Is this likely; no, I would not make any substantial bets on it.

Wherein Alexander the Great Conquers the World

/17 Comments/in , , , , /by

“Collect it all,” an anonymous source describes General Keith Alexander’s approach to data, in a bizarre WaPo profile this morning.

The article includes several anonymous condemnations of Alexander the Great’s approach.

  • “But even his defenders say Alexander’s aggressiveness has sometimes taken him to the outer edge of his legal authority.”
  • “Some in Congress complain that Alexander’s NSA is sometimes slow to inform the oversight committees of problems, particularly when the agency’s eavesdroppers inadvertently pick up communications that fall outside the NSA’s legal mandates.”
  • “Even close allies have fretted about the concentration of so much responsibility — not to mention influence — in a single individual.”

It also provides details of why he is so dangerous.

  • “Alexander has argued for covert action authority, which is traditionally the domain of the CIA, individuals familiar with the matter say.”
  • “He has been credited as a key supporter of the development of Stuxnet, the computer worm that infected Iran’s main uranium enrichment facility in 2009 and 2010 and is the most aggressive known use to date of offensive cyberweaponry.”
  • “‘He is the only man in the land that can promote a problem by virtue of his intelligence hat and then promote a solution by virtue of his military hat,’ said one former Pentagon official,”
  • Private companies should give the government access to their networks so it could screen out the harmful software. The NSA chief was offering to serve as an all-knowing virus-protection service, but at the cost, industry officials felt, of an unprecedented intrusion into the financial institutions’ databases.”

But the entire article — which focuses far more closely on Alexander the Great’s cybersecurity and cyberwar activities than terrorism — pretends to be about terrorism.

For NSA chief, terrorist threat drives passion to ‘collect it all,’ observers say

In late 2005, as Iraqi roadside bombings were nearing an all-time peak, the National Security Agency’s newly appointed chief began pitching a radical plan for halting the attacks that then were killing or wounding a dozen Americans a day.

At the time, more than 100 teams of U.S. analysts were scouring Iraq for snippets of electronic data that might lead to the bomb-makers and their hidden factories. But the NSA director, Gen. Keith B. Alexander, wanted more than mere snippets. He wanted everything: Every Iraqi text message, phone call and e-mail that could be vacuumed up by the agency’s powerful computers.

“Rather than look for a single needle in the haystack, his approach was, ‘Let’s collect the whole haystack,’ ” said one former senior U.S. intelligence official who tracked the plan’s implementation. “Collect it all, tag it, store it. . . . And whatever it is you want, you go searching for it.”

The unprecedented data collection plan, dubbed Real Time Regional Gateway, would play a role in breaking up Iraqi insurgent networks and significantly reducing the monthly death toll from improvised explosive devices by late 2008. It also encapsulated Alexander’s controversial approach to safeguarding Americans from what he sees as a host of imminent threats, from terrorism to devastating cyberattacks.

This approach (which appears to be sheer regurgitation on the part of one of WaPo’s writers, perhaps not surprising given Joby Warrick’s contributions) replicates both David Petraeus’ false claims about the surge winning the war in Iraq (rather than bribes to delay the violence that is exploding again) and the very legal ploy I’ve described is built into FISA programs.

That is, every time NSA proposes some vast new expansion of its collection, it does so by pointing to the Terror Terror Terror threat (whether or not that’s the chief threat at hand). People within National Counterterrorism Center troll their files to build up the threat as urgently as possible, including using tortured evidence. And then they pull that together into a justification that probably looks just like the first paragraphs of this article as self-justification.

And remember, Alexander the Great was resuming comprehensive collection on Iraq after Jack Goldsmith had limited it to terrorists in 2004 (presumably after he and others discovered comprehensive collection includes eavesdropping on calls from servicemen calling home).

And by using the Terror Terror Terror threat, Alexander the Great can invoke the certainty of death to describe proposals that include camping on the most private bank websites to hunt for malware (to say nothing of offensively attacking other states).

“Everyone also understands,” he said, “that if we give up a capability that is critical to the defense of this nation, people will die.”

Once you get beyond the initial several paragraphs of propaganda, the story makes clear that a number of people — and not just Jeff Merkley, who is one of the named critics — are beginning to realize this is too much.

But by the time you get there, Alexander the Great has conquered the world.

“Collect it all.”

NSA Undermines Past Leaked Narrative about Edward Snowden with New Ones

/3 Comments/in , /by

The 21st paragraph of this 22 paragraph article on what Edward Snowden may have taken from the NSA reads.

But that also made it easier for systems administrators such as Snowden, whose job was to make sure the networks worked properly, to gain access to files.

WaPo’s sources apparently have a different understanding of what NSA/Booz paid Edward Snowden to do than the NYT, which says he was a hacker, not a systems administrator.

Yet in spite of the effort to make Snowden seem like an innocuous systems administrator, WaPo reports that based on a review of what Snowden “was able to review within the agency’s systems,” the NSA is most worried that Snowden will reveal how we hack into other countries’ networks, especially those of the Chinese.

But the release of information on how the NSA has penetrated Chinese networks would be especially damaging. “It’s not in the interests of the United States for the Chinese to know exactly how we do it,” said a former intelligence official. “It’s sources and methods.”

U.S. officials also fear that some of the documents Snowden has turned over to journalists disclose NSA methods of hacking into overseas networks, and, if published, will lead targets in other countries — in the Middle East, Europe, East Asia and South Asia — to take new defensive actions.

And the article uses that word, hack, twice to refer to our actions (and once to refer to China’s).

The article notes that Snowden has said, “he has no desire to publicize information that describes the technical specifications or blueprints for how the NSA has constructed its eavesdropping network.” So it points to the files people like the Guardian (which it also notes refuses to publish everything it has because the materials are sensitive) to create the specter of a threat this will happen. (The story doesn’t mention WikiLeaks, perhaps having learned its lesson after Walter Pincus had to make extensive corrections to a story making unsupported allegations about WikiLeaks, but I would bet that is the unspoken worry.)

In other words, the story confirms Snowden did not take any collected intelligence, and that he knows what we suspect a paid NSA hacker would know, but has not yet publicly leaked that (aside from very sketchy details to the South China Morning Post), which is what the NSA most fears he might leak. He has instead focused on the surveillance of individuals.

But in spite of the fact that that is what the article reports, that is presented as reason to be terrified by Edward Snowden.

 

Happy Birthday, You Rebels!

/37 Comments/in , , /by

It’s that day again where we contemplate the great project a bunch of rebels set out on 237 years ago.

In recent years, I’ve focused on what those rebels said about the judicial abuses of King George — language about denying some of Trial by Jury.

But this year, particularly given the coup in Egypt, I want to contemplate this passage.

He has affected to render the Military independent of and superior to the Civil power.

He has combined with others to subject us to a jurisdiction foreign to our constitution, and unacknowledged by our laws; giving his Assent to their Acts of pretended Legislation:

For Quartering large bodies of armed troops among us:

We’re far from the militarized state that existed when the rebels threw off King George. Obama’s Administration is, reportedly, currently investigating two retired Generals for telling secrets the Administration didn’t want told. Most of the country barely contacts the 1% that fights our wars for us.

All that said, we are experiencing a sequester that has had the effect of cutting off funding from our most needy, while not affecting the funding of our military contractors.

We are learning that our military — the NSA — is collecting all of our calls and keeping the emails we try to encrypt.

Before we welcome immigrants, we’re going to make another attempt to wall off our southern border — another attempt for the profiteers to get wealthy while the poor suffer.

Mostly, though, I’m thinking of our foreign policy.

One key strategy of the Obama Administration is to pursue secret trade deals that subvert our sovereignty to the wishes of corporations (and to cut off other countries if they try to do something, offer asylum, that is well established under international law).

Then there’s our use of the military in relations with others. Some months ago, a top General argued the way to restore our relations with Pakistan is to forge even closer ties with its military; already the military has succeeded in vetoing civilian efforts to rein in drone strikes in that country. Similarly, while Egypt has been through two governments in the last several years, we continue to fund their military, and continue to expect and encourage it to broker power.

With Edward Snowden, we appear to have placed demands on NATO countries France, Italy, Spain, and Portugal to deny Evo Morales overflight. But Austria, not a NATO country, offered Morales a place to land. Did we secretly declare Snowden mutual defense threat against NATO, because he revealed how much the government spies on us all?

We don’t have soldiers sleeping in our homes. We’re a long way from that kind of militarization. But we are, increasingly, becoming a military empire at the expense of the Life, Liberty and the pursuit of Happiness of American liberty and — even more so — the liberty of people around the globe.

Happy Birthday, you rebels.

Update: Meanwhile, the NSA wants you to know it’s okay if you go join a RestoreTheFourth protest today.

The Fourth of July reminds us as Americans of the freedoms and rights all citizens of our country are guaranteed by our Constitution. Among those is freedom of speech, often exercised in protests of various kinds. NSA does not object to any lawful, peaceful protest. NSA and its employees work diligently and lawfully every day, around the clock, to protect the nation and its people.

That’s big of the NSA.

Keith Alexander: “We Must Win, There Is No Substitute for Victory”

/30 Comments/in , , , , /by

I frankly have no problem with Keith Alexander giving the employees of the National Security Agency a pep talk as the truth of what they’re doing to us becomes public. They are not, after all, responsible for the serial disinformation Alexander and James Clapper have spread about their work. And the overwhelming majority of them are just trying to support the country.

I don’t find this part of Alexander’s speech even remotely accurate, mind you, but I’ve gotten used to dissembling from Alexander.

The issue is one that is partly fueled by the sensational nature of the leaks and the way their timing has been carefully orchestrated to inflame and embarrass. The challenge of these leaks is exacerbated by a lack of public understanding of the safeguards in place and little awareness of the outcomes that our authorities yield. Leadership, from the President and others in the Executive Branch to the Congress, is now engaged in a public dialogue to make sure the American public gets the rest of the story while not disclosing details that would further endanger our national security.

It’s hard to understand how leaks can be inflammatory and embarrassing but all the claims about safeguards and dialogue to also be true.

But it’s this passage I’m far more struck by:

Let me say again how proud I am to lead this exceptional workforce, uniformed and civilian, civil service and contract personnel. Your dedication is unsurpassed, your patriotism unquestioned, and your skills are the envy of the world. Together with your colleagues in US Cyber Command, you embody the true meaning of noble intent through your national service. In a 1962 speech to the Corps of Cadets on “duty, honor and country,” one of this nation’s military heroes, General Douglas MacArthur, said these words teach us “not to substitute words for action; not to seek the path of comfort, but to face the stress and spur of difficulty and challenge; to learn to stand up in the storm.” You have done all that and more. “Duty, Honor, Country” could easily be your motto, for you live these words every day. [my emphasis]

It’s not just that he calls out Cyber Command in the midst of a scandal that’s not supposed to be (but really is) about offensive war.

It’s not just that he chooses to cite one of the most powerful Generals ever, one who defied civilian command to try to extend a war that — it turns out — wasn’t existential.

But it’s also that he chose to cite a speech that invokes that moment of insubordination, a speech that encourages political inaction among the troops, a speech whose audience MacArthur defined as singularly military.

And through all this welter of change and development your mission remains fixed, determined, inviolable. It is to win our wars. Everything else in your professional career is but corollary to this vital dedication. All other public purpose, all other public projects, all other public needs, great or small, will find others for their accomplishments; but you are the ones who are trained to fight.

Yours is the profession of arms, the will to win, the sure knowledge that in war there is no substitute for victory, that if you lose, the Nation will be destroyed, that the very obsession of your public service must be Duty, Honor, Country.

Others will debate the controversial issues, national and international, which divide men’s minds. But serene, calm, aloof, you stand as the Nation’s war guardians, as its lifeguards from the raging tides of international conflict, as its gladiators in the arena of battle. For a century and a half you have defended, guarded and protected its hallowed traditions of liberty and freedom, of right and justice.

Let civilian voices argue the merits or demerits of our processes of government. Whether our strength is being sapped by deficit financing indulged in too long, by federal paternalism grown too mighty, by power groups grown too arrogant, by politics grown too corrupt, by crime grown too rampant, by morals grown too low, by taxes grown too high, by extremists grown too violent; whether our personal liberties are as firm and complete as they should be.

These great national problems are not for your professional participation or military solution. Your guidepost stands out like a tenfold beacon in the night: Duty, Honor, Country.

At a moment of crisis, at a moment when his own credibility is under strain, Keith Alexander has chosen to address the military, civilian, and contractor employees of the NSA as unthinking warriors, isolated from the critical issues swirling around them at the moment. He has chosen to frame NSA as a war machine, not as a defense machine.

The employees of NSA’s first duty is to the Constitution, not the secret battles Alexander wants to escalate and win at all costs. I do hope they don’t despair of that duty.

FISA Amendments Act Minimization: Preventing Serious Harm to Corporate Persons

/8 Comments/in , , /by

As I was working through some other things last night, I had an opportunity to compare the minimization standards for the FISA Amendments Act (see section h) with the standards under which the actual minimization procedures allow the retention of purely domestic communications (that is, between parties that are all within the United States). These procedures are in addition to procedures that affect foreign communications (with one of the participants a non-US person outside the US).

Last night, I suggested there were 3 “normal” standards and one that doesn’t appear in the law pertaining to cybersecurity and encrypted communications. But that’s not entirely right. The last standard in the actual law reads,

(4) notwithstanding paragraphs (1), (2), and (3), with respect to any electronic surveillance approved pursuant to section 1802 (a) of this title, procedures that require that no contents of any communication to which a United States person is a party shall be disclosed, disseminated, or used for any purpose or retained for longer than 72 hours unless a court order under section 1805 of this title is obtained or unless the Attorney General determines that the information indicates a threat of death or serious bodily harm to any person.

That is, the actual law allows retention of information for up to 72 hours (presumably to process, which is moot anyway, since they’re actually keeping this data 5 years), unless the court or the Attorney General says it must be kept longer because it pertains to threat of death of serious bodily harm.

But in the minimization standards themselves, here’s how that reads.

A communication identified as a domestic communication will be promptly destroyed upon recognition unless the Director (or Acting Director) of NSA specifically determines, in writing, that:

the communication contains information pertaining to a threat of serious harm to life or property. [my emphasis]

In plain language, the law seems to be about saving human lives. But in paragraphs marked Secret, the government has redefined threat of death or “serious bodily harm to any person” as “serious harm to life or property.”

And while it’s just a guess here, I’m guessing that they switched this language, protecting property, not people, to protect corporate people.

In any case, spying on entirely domestic communications to protect against threats entirely to property, not life, sure seems like a giant loophole in a program that is supposed to be focused exclusively on foreign intelligence.

Keith Alexander’s Secret Lie: Retention and Distribution of Domestic Encrypted and Hacking Communications?

/19 Comments/in , , /by

As I noted in my last two posts, Keith Alexander has admitted that the classified lie Mark Udall and Ron Wyden accused him of telling “could have more precisely described the requirements of collection under FISA Amendments Act.”

He then goes onto repeat the many claims about Section 702, which are different forms of saying that it may not collect information on someone knowingly in the US.

Which leads me to suspect that the lie Udall and Wyden described is that the program can retain and distribute domestic communications, which are defined as “communications in which the sender and all intended recipients are reasonably believed to be located in the United States at the time of acquisition.”

The minimization procedures actually describe four kinds of domestic communications that can be distributed with written NSA Director determination. Three of those — significant foreign intelligence information, evidence of a crime imminently being committed, and threat of serious harm to life or property — were generally known. But there is a fourth which I think is probably huge collection:

Section 5(3)

The communication is reasonably believed to contain technical data base information, as defined in Section 2(i), or information necessary to understand or assess a communications security vulnerability. Such communication may be provided to the FBI and/or disseminated to other elements of the United States Government. Such communications may be returned for a period sufficient to allow a thorough exploitation and to permit access to data that are, or are reasonably believed likely to become, relevant to a current or future foreign intelligence requirement. Sufficient duration may vary with the nature of the exploitation.

a. In the context of a cryptanalytic effort, maintenance of technical data bases requires retention of all communications that are enciphered or reasonably believed to contain secret meaning, and sufficient duration may consist of any time period during which encrypted material is subject to, or of us in, cryptanalysis.

b. In the case of communications that are not enciphered or otherwise thought to contain secret meaning, sufficient duration is five years unless the Signal Intelligence Director, NSA, determines in writing that retention for a longer period is required to respond to authorized foreign intelligence or counterintelligence requirements,

Technical data base information, according to the definitions, “means information retained for cryptanalytic, traffic analytic, or signal exploitation purposes.”

In other words, hacking.

Encrypted communications and evidence of hacking have secretly been included in a law purportedly about foreign intelligence collection. And they can keep that information as long as it takes, exempting it from normal minimization requirements.

To be clear, the government still has to get the communication believing (according to its 51% rule) that it has one foreign component. But if Keith Alexander says so, NSA can keep it, forever, even after it finds out it is a domestic communication.

Update: Here’s the July 2012 letter to Clapper. Here’s Clapper’s August 2012 response — the good bits of which are all classified.

Aaron Swartz, Plea Leveraging & The Bordenkircher Problem

/64 Comments/in , , , , , /by

CryingJusticeAs Netroots Nation 2013 begins, I want to emphasize one of the best panels (If I do say so) of the event. It is titled: Beyond Aaron’s Law: Reining in Prosecutorial Overreach, and will be hosted by Marcy Wheeler. Joining Marcy will be Aaron Swartz’s attorney, Elliot R. Peters, of Keker & Van Nest LLP in San Francisco, Shayana Kadidal of the Center for Constitutional Rights in New York, and Professor Jonathan Simon of Boalt Hall at Berkeley. The panel goes off at 3:00 pm Saturday June 22.

As a lead in to the panel discussion, I want to address a topic that struck me from the first moment of the tragic loss of Aaron Swartz, the pernicious effect of the late 70’s Supreme Court case of Bordenkircher v. Hayes.

Paul Hayes was a defendant on a rather minor (involved $88.30), but still felonious, bad check charge in Kentucky. But Hayes had a bad prior criminal history with two felony priors. The prosecutor offered Hayes a stipulated five year plea, but flat out threatened Hayes that if he didn’t accept the offer, the prosecution would charge and prosecute under Kentucky’s habitual criminal (three strike) law. Hayes balked, went to trial and was subsequently convicted and sentenced to life in prison under the habitual offender enhancement charge. It was a prosecutorial blackmail threat to coerce a plea, and the prosecutor delivered on his threat.

Hayes appealed to every court imaginable on the theory of “vindictive prosecution” with the prosecutorial blackmail as the underlying premise. Effectively, the argument was if overly harsh charging and punishment is the penalty for a defendant exercising his right to trial, then such constitutes prosecutorial vindictiveness and degrades, if not guts, the defendant’s constitutionally protected right to trial.

Every appellate court along the way declined Hayes’ appeal until the 6th Circuit. The 6th, however, came up with a surprising decision, granting Hayes relief, but under a slightly different theory. The 6th held that if the prosecutor had originally charged Hayes with the habitual offender charge, and then offered to drop it if Hayes pled guilty, that would have been perfectly acceptable; but using it like a bludgeon in plea negotiations once the case was charged was impermissibly vindictive, and therefore unconstitutional.

Then, from the 6th Circuit, the case finally made its way to the Supreme Court of the United States. By that time, Hayes had long been in prison and the prison warden, Bordenkircher, was the nominal appellee in the caption of the case. The Supreme Court, distinguishing another seminal vindictive prosecution case, Blackledge v. Perry, reversed the 6th Circuit and reinstated Hayes’ life sentence.

Blackledge v. Perry is a famous case known in criminal defense circles as the “upping the ante case”. Blackledge was convicted of a misdemeanor and appealed, which in North Carolina at the time meant he would get a new trial in a higher court. The state retaliated by filing the charge as a felony in the higher court, thus “upping the ante”. The Supreme Court in Blackledge held that to Read more