Posts

The 2009 Challenge to the Dragnet

Ken Dilanian has a story about someone who looks a lot like Chris Inglis raising questions about the phone dragnet in 2009.

A now-retired NSA senior executive, who was a longtime code-breaker who rose to top management, had just learned in 2009 about the top secret program that was created shortly after the Sept. 11, 2001, attacks. He says he argued to then-NSA Director Keith Alexander that storing the calling records of nearly every American fundamentally changed the character of the agency, which is supposed to eavesdrop on foreigners, not Americans.

Alexander politely disagreed, the former official told The Associated Press.

The former official, who spoke only on condition of anonymity because he didn’t have permission to discuss a classified matter, said he knows of no evidence the program was used for anything other than hunting for terrorism plots in the U.S. But he said he and others made the case that the collection of American records in bulk crossed a line that had been sacrosanct.

He said he also warned of a scandal if it should be disclosed that the NSA was storing records of private calls by Americans – to psychiatrists, lovers and suicide hotlines, among other contacts.

While interesting, it’s the kind of story — and it is accompanied by enough obvious errors and general lack of awareness about the program — that it raises questions about the further backstory (as for the errors, the most obvious include badly misstating how many people access the data, misstating where Basaaly Moalin is from, and accepting the source’s claim it has only been used to hunt terrorist plots rather than informants).

How do you write an intelligent story about anything having to do with the dragnet in 2009 and not mention the other issues going on with the dragnet, the 9 month process during which the ultimate structure leftover from Stellar Wind was cleaned up?

Indeed, the buried lede of this story is that someone this senior in the NSA would just be discovering the program, 8 years after it started and 3 years after it got put under FISC review. That’s consistent with what we saw from dragnet data, mind you — one reason the program was so screwed up in 2009 was that NSA’s regular coders hadn’t been overseeing its integration, even while the program appears to have gotten integrated into ICREACH in 2008.

But especially given the evidence that tech people committed the worst known violation and had access to commit far more serious ones, this part of the story should be the news.

It also raises questions about two other things going on that year. It is true that DOJ delayed quite some time from when Dianne Feinstein and Kit Bond first asked for language to resume the reauthorization program. Then, once they did start the process, DiFi was up boasting about how this (and presumably the PRTT program) were the most important investigations going on. Whether the government was honest about what they told SSCI about the program, it’s fairly clear that’s where the legislative push to retain it came from.

Then there’s the question I already raised: the change in FBI’s interpretation of Basaaly Moalin’s donations to Al-Shabaab, which earlier in 2009 they viewed as an effort to fight back against (US-backed) Ethiopian invaders. That is, did Moalin get prosecuted solely so they could have a dragnet win to justify all the other things they’re doing with the data?

Former Deputy DIRNSA Chris Inglis Goes to Private Equity Firm, Paladin

I’ve been tracking how former DIRNSA Keith Alexander has shacked up with shadow bank regulator Promontory Financial Group to scare banks into making him rich.

Today, we learned where his Deputy, Chris Inglis, will spend his sinecure: at Paladin private equity firm. In their release announcing the hire, Paladin’s Managing Director and former DIRNSA from the Clinton years, Kenneth Minihan, hailed Inglis’ role in cybersecurity.

“Having worked at the highest levels of the NSA, Chris has incredible insight and a great sense of the current and ever evolving cyber threat,” said Lt. General (Ret.) Kenneth Minihan, Managing Director at Paladin Capital Group.  “We are delighted to have Chris join as a Venture Partner, Chris will play a key role in further developing our cyber knowledge base.”

[snip]

“Chris brings almost 40 years of experience in the government to the Paladin team” said Mike Steed, Founder and Managing Partner at Paladin. “His broad experience in government and with cyber products and services will be a valuable asset to the company.”

Many of the companies in Paladin’s cyber portfolio are key partners with the government or big contractors like SAIC. So Inglis’ background will be very useful to Paladin indeed.

The Rationale for NSA’s Bottomless Pit of Data: Hackers

In his must-read report on the bottomless data pit containing the NSA is building in Utah, James Bamford described the public explanations NSA Deputy Director Chris Inglis made when he broke ground on the facility.

[NSA deputy director Chris Inglis] arrived in Bluffdale at the site of the future data center, a flat, unpaved runway on a little-used part of Camp Williams, a National Guard training site. There, in a white tent set up for the occasion, Inglis joined Harvey Davis, the agency’s associate director for installations and logistics, and Utah senator Orrin Hatch, along with a few generals and politicians in a surreal ceremony. Standing in an odd wooden sandbox and holding gold-painted shovels, they made awkward jabs at the sand and thus officially broke ground on what the local media had simply dubbed “the spy center.” Hoping for some details on what was about to be built, reporters turned to one of the invited guests, Lane Beattie of the Salt Lake Chamber of Commerce. Did he have any idea of the purpose behind the new facility in his backyard? “Absolutely not,” he said with a self-conscious half laugh. “Nor do I want them spying on me.”

For his part, Inglis simply engaged in a bit of double-talk, emphasizing the least threatening aspect of the center: “It’s a state-of-the-art facility designed to support the intelligence community in its mission to, in turn, enable and protect the nation’s cybersecurity.” While cybersecurity will certainly be among the areas focused on in Bluffdale, what is collected, how it’s collected, and what is done with the material are far more important issues. Battling hackers makes for a nice cover—it’s easy to explain, and who could be against it? [my emphasis]

Inglis used hackers as cover for a spying facility that would collect and decrypt “all forms of communication, including the complete contents of private emails, cell phone calls, and Google searches, as well as all sorts of personal data trails—parking receipts, travel itineraries, bookstore purchases, and other digital ‘pocket litter’.” That is, Inglis used the threat of hackers to cover up for the fact that the government was spying on everyone.

Mind you, this was back in January 2011–before Anonymous threatened to take the Toobz down at a time when a key Anonymous hacker was being run by the FBI. Indeed, Inglis used hackers as his excuse for collecting massive amounts of data on everyone in the thick of the WikiLeaks excitement.

Nevertheless, Bamford describes Inglis publicly misleading about the centrality of hackers in the purpose of the bottomless pit when in fact the purpose is far broader. Particularly given the FBI’s recently exposed role running hackers, Inglis’ “double-talk” raises real questions about all the fear-mongering about hackers.