Big Brother is Watching You. Yes, YOU.
CNet is reporting that some disturbing information about the NSA’s data collection techniques was revealed at last Friday’s “Search & Seizure in the Digital Age” symposium at Stanford. Paul Ohm, a former employee of the Justice Department who worked in their Computer Crime and Intellectual Property division, explained how data-gathering has changed since the federal government abandoned it’s Carnivore program a few years ago.
While Carnivore was set up to only collect data which matched certain filters, the full pipe technique (aka “the vacuum cleaner method”) is highly invasive and puts our privacy rights at risk:
“What they’re doing is even worse than Carnivore,” said Kevin Bankston, a staff attorney at the Electronic Frontier Foundation who attended the Stanford event. “What they’re doing is intercepting everyone and then choosing their targets.”
Carnivore was actually part of a software suite called “DragonWare”, which was composed of three programs. Carnivore could “monitor all of a target user’s Internet traffic”, capture it, then store the data in raw packets. A program called Packeteer processed the raw data, then a program called Cool Miner was used to “display and organize the intercepted data” (source). When completed, the NSA could then duplicate exactly what a user was doing on the internet, from reading email to viewing web pages accessed by targets.
Carnivore was basically a packet sniffer on steroids. Packet sniffers have been around for ages; they’re used by both IT professionals like myself and malicious hackers. I suppose that like most tools, it can be used for good or evil. Here’s a visual representation of how Carnivore works:
I am hesitant to speculate on exactly how the NSA is employing the vacuum cleaner technique, but I am going to anyway because I have a technical background and privacy is one of my main concerns. I strongly suspect this is part of the illegal domestic wiretapping program reported in the New York Times in 2005. As we all know, Bush signed an executive order allowing our spy agencies to ignore FISA and spy on Americans without a warrant. When the NYT broke the story, privacy advocates warned that innocent Americans would be caught up in the net. The Bushies brushed off that concern and tried to reframe the scandal as a “terrorist surveillance program”. With these latest revelations, we can be almost certain that innocent Americans are being targetted by the NSA’s full pipe surveillance.
While I have no proof of this, I suspect that the NSA could be using it’s ECHELON system to carry out this surveillance. That’s pure speculation right there, admittedly. However, if ECHELON is not being used, there is still solid evidence that indicates that the hardware neccessary to carry out this spying is already in place.
This should explain why I suspect this is part of the illegal domestic spying program. In April of 2006, a former AT&T employee stepped forward as a whistleblower. Mark Klein provided internal AT&T documents establishing the existence of a secret surveillance room in the SBC building at 611 Folsom Street in San Francisco. Klein provided all sorts of information, including network maps, build documents, and work orders related to the construction of the room. Klein was mainly concerned that these documents provided evidence that the federal government was setting up their Total Information Awareness program. They clearly showed that AT&T’s network traffic was routed to a room containing a Narus STA 6400 (a real-time spying device). To the technically inclined such as myself, those documents
According to evidence provided by Klein, by January of 2003 AT&T split all of their existing WorldNet circuits into the secret room. In February of 2003, they split their peering partners’ circuits into the room. Those peering partners included ConXion, Verio, XO, Genuity, Qwest, PAIX, Allegiance, AboveNet, Global Crossing, C&W, UUNET, Level 3, Sprint, Telia, PSINet and MAE-West. Put simply, almost all American public internet traffic travels over one of those networks. Klein’s documents also revealed that all new AT&T circuits were to be split through the surveillance room.
You’ll notice a graphic representation of a peering point to the left. The four clouds represent four separate networks, and the circle in the middle (the peering point) represents where the networks physically meet and pass traffic to each other. Basically, what AT&T did was stick a Narus right in the middle of that little circle.
While the federal government claims that TIA never got off the ground, Congress did not cut off all funding. In fact, several components of TIA are still being funded, and many privacy advocates believe that these components are being used to install more surveillance rooms at internet backbone peering points across the nation. The AT&T documents provided by Klein allude to installations at other facilities.
It seems to me that the evidence provided by Klein indicates that the hardware for TIA did indeed get funded and deployed. And Ohm’s statement in Stanford indicates that the federal government is sweeping up all sorts of communications, including email, voice traffic, voice over IP, ftp, and http (web browsing). This is exactly what the Narus device is intended to do: sweep everything up like a vacuum cleaner. And the idea of “sweep first, filter later” does not provide for the appropriate protections guaranteed by the 4th Amendment.
It will be interesting to see how our spy agencies and the federal government react to Ohm’s statement over the next few days.
Let me be clear: data mining and surveillance are good things in some cases. But since we have the technology to zero in on suspected surveillance targets, I see no reason to capture and store the data on regular, everyday, non-suspect internet users. And seeing as this program is being controlled at the behest of the Bush Administration - who’ve already shown a great disregard for the US Constitution - I strongly suspect that the program is being abused. Unless Congress is willing to exercise some oversight in this case, we may have to wait for the next Mark Klein to step forward before we know the full extent of the damage.
Reads: 29686 | Today: 5 | Last: 07.10.2008 - 07:18
February 23rd, 2007 at 11:49 am
[…] the Justice Department who worked in their Computer Crime and Intellectual Property division…read more | digg […]
February 23rd, 2007 at 12:23 pm
[…] big brother ramblings Interesting read… Stay private! » Big Brother is Watching You. Yes, YOU. __________________ "People should not be afraid of their governments. Governments should be […]
February 23rd, 2007 at 1:18 pm
Can you give any specific examples of normal Americans that have been personally effected by this?
February 23rd, 2007 at 2:45 pm
This isn’t anything new. At least 10 years ago, and back before any Bushes were president, every single telephone line in the united states was monitored and recorded for processing. YES every SINGLE ONE. Back then it was whispered about as “Echelon” and it could record all telephone, and was beginning to record the internet by getting traffic from backbones. When MCI Worldcom was around, I had access to the facility in Ohio, which had a “G Room”, meaning aka this is government property. It was funny because it was OUR building, but that room was “rented out” to the US Government, and was staffed by government employees and not MCI.
I don’t know why everyone is suprised, back around Pearl Harbor attacks, all mail was re-routed to Hawaii first, before coming to you, and ALL of IT WAS READ.
February 23rd, 2007 at 4:27 pm
So pretty much what you are saying is that because this is being done under the Bush administration, you suspect the program is being abused. Is there any evidence at all that you can give to show that even ONE person has been falsely targeted by this program?
February 23rd, 2007 at 5:25 pm
The paranoia over the “illegal Tapping of domestic phone calls” has been going on for a lot longer than most think. I used to be involved in the military intelligence side of the NSA as early as 1972. We listeded to a large variety of domestic phone traffic then as we do now in the interest of communications security. So when the NY Times makes a big deal over it now, I’m wondering why they didn’t care to report it before 9-11 when Clinton was doing a lot more listening than you think…
February 23rd, 2007 at 6:25 pm
anonymous: Absence of evidence is not evidence of absence.
Your naive, gullible, credulousness of our leaders is stunning. Haven’t you noticed that they LIE TO US ROUTINELY? Did it escape you that such behaviour has a long and sordid history, both in the US and in other nations too numerous to name, over a period of CENTURIES? No, make that MILLENIA!
February 23rd, 2007 at 7:37 pm
[…] the Justice Department who worked in their Computer Crime and Intellectual Property division…read more | digg […]
February 24th, 2007 at 2:26 am
I’ve got an example for you. Two years ago a produce distributor that did buisiness with the company I worked for had a shipment of apples impounded at the Washington state line, and held for three days- while truck after truck with apples from the same facility passed through unhindered. It turns out that the produce buyer, who knew his buisiness, had emailed the growers representative in Wasington state to inquire about the health of that year’s crop. Specifically about how much of the crop was affected by the outbreak they had been troubled by the previous year of a fairly common apple disease called “water core”. No one thought to connect the two until six months later in a produce trade journal there was an article by a swiss produce shipper who had made a similar email iquiry to a Canadian growers co-op with similar results- only his trucks were detained at the US border. In the article, the Swiss shipper commented to the effect of: To those of you who wondered if you were being watched, now you know.
February 24th, 2007 at 9:31 am
If it took someone to show you some documents to know that AT&T was doing this then you need to pay more attention to the news. AT&T was allowed to regroup recently. Hmm I wander why… That was a clear enough sign for me. Apple chose Cingular which soon rebranded itself as AT&T. Apple chose Cingular because they get to be cozier with the government. I don’t blame them. Welcome back Ma Bell. You already brought up echelon so I hardly understand your new found fear. I spy with my little “eye”.