The Reality of Persistent Government Surveillance Richard Abbott Rabbit@shaw.ca Oregonrabbit@hushmail.com
Disclosure All info in this presentation is taken from publicly- accessible sources. Some info may be “classified” but all is in the public sphere. (ie leaked documents)
Persistent Ongoing, long-term, continuous Government Commanded by nation states or their agents Surveillance Overwatch Collection of information without regard to specific incidents (not reactive)
Not Covered: Targeted surveillance of actual suspects. Surveillance by local law enforcement. Surveillance of employees. -Government workers -Military Personnel
The Backstory of The Modern Surveillance State The Cold War BRUSA : 1943 British-US agreement to streamline intel sharing UKUSA : 1946 Signals intel cooperation -UK + USA + Canada + Australia + New Zealand -AUSCANNZUKUS or the “Five Eyes”
Commonalities of the Five Eyes English speaking Allied during WWII Geographically large None occupied and/or liberated by Allied forces -Not France/Germany/Japan Key : None have permanent US military bases -Blind spots –> need for allies
Satellites: A Case Study Highly secretive, but impossible to hide Highly expensive → lots of people → lots of leaks Very long term programs (50+ year history) Most capabilities are understandable via lay-observation
ECHELON Existence first publicly reported in 1988 Examined by EU parliament in late 90's -Formal report in 2001 (pre-9/11) Primarily a satellite intercept program -Listening Stations located near commercial satellite communication facilities. -Large antennae trained to geostationary sats
Yakima Research Station (1/2)
Yakima Research Station (2/2)
Yakima Purpose Installation of antennae contemporaneous with launch of Intelsat and INMARSAT comercial communications sats -Note lack of radomes → not hiding targets May soon be closed, with work moved to another location.
Canada's contribution to ECHALON: CFB Leitrim, Canada (outside Ottawa)
CFB Leitrim Purpose “According to official information, [CFB Leitrim's] task is to provide 'cryptologic rating' and to intercept diplomatic communications.” “If a site houses two or more satellite antennae with a diameter of at least 18 m, one of its tasks is certainly that of intercepting civilian communications.“ -Europarlement report on ECHELON
RAF Menwith Hill
Misawa Air Base, Japan
National Reconnaissance Office (NRO) “From our inception in 1961 to our declassification to the public in 1992 , we have worked tirelessly to provide the best reconnaissance support possible to the Intelligence Community (IC) and Department of Defense (DoD). We are unwavering in our dedication to fulfilling our vision: Vigilance From Above.” PGS involves space-based interception -Geostationary (36,000km) -Not imaging sats in LEO → not persistent
Evolution of Geostationary Sats 1970s: Rhyolite / Aquacade (4 sats, 20-meter dishes) -Simple bent-pipes reflecting to Australia 1980s: Chalet/ Vortex (6 sats, 38-meter dishes) 1990s: Mercury (3 sats, 1,000,000,000$ each in 1998 dollars) Current: Orion/Mentor (5 so far, 100+ meter dishes)
Like this, but think 16x bigger!
9/11 – The World Changes The President's Surveillance Program (PSP) Essentially a series of leaks by the president regarding ongoing ECHELON-type operations Terrorist Surveillance Program (TSP) Warrantless wiretapping by NSA Transfered to FISA in 2007, no longer “warrantless”, but Identical in practice.
2001-2006, Changing public stories... “We are only tapping terrorists” “We are only tapping foreigners who talk to terrorists” “We are only tapping foreign communications” “We are only tapping calls where one party is foreign” “We are tapping everyone, but only listening to X Y and Z”
The Legal Justification of the PSP(s) (1) International communications are not private. (2) Constitutional protections restrict only local governments The “Rightless foreigners” defense (3) State Secrets privilege Bars all judicial oversight See United States v. Reynolds
The Post-PSP Cleanup Consistent efforts by FBI/NSA/CIA to gauge public reaction via controlled leaks. Widespread domestic wiretapping now accepted by US public. See Shia LaBeouf on Leno, 2008 talking about 2005 taps of his phone. http://www.youtube.com/watch?v=7BMepsU6ycg
Room 461A Top Secret NSA taping facility. Located at 611 Folsom Street, San Fransisco CA Hepting v. AT&T (2006) Filed by EFF against AT&T Mooted by 2007 grant of immunity for telecoms cooperating with US government "While doing my job, I learned that fiber optic cables from the secret room were tapping into the Worldnet (AT&T's internet service) circuits by splitting off a portion of the light signal,"
Post-9/11 Transitions in Intelligence Operations From prediction of future attacks to reporting on ongoing ““We have not been able to corroborate some of the more sensational threat reporting, such as that from a ---- service in 1998 saying that Bin Laden wanted to hijack a U.S. Aircraft...” -August 6, 2001 presidential daily brief Failed to prevent attacks. Need “They are going to attack THIS plane on THIS day.” Need access to ALL relevant communications.
From Intelligence to Law Enforcement Data needs to be absolute Specific persons must be named Due process must be obeyed Chain of custody/evidence High probability that public will be made aware of operations.
Touchstone shifts from method of collection to citizenship of person tapped. Old School: International communications are open to interception. Domestic communications are open so long as handed over voluntarily by operators (ie Room 461a). Post-2007 FISA Amendments: “there is no substantial likelihood that the surveillance will ac- quire the contents of any communication to which a United States person is a party” 50 USC§1801(a)(1-3) -Source of the 51% standard for foreignness
The Privacy / Metadata Cycle Government perspective: If a corporation has access to data for purposes of profit, user has waived privacy rights. Corporate Perspective: If government claims no privacy interest at issue, we are free to use data however we wish.
Current State of Affairs Wiretapping / Internet Caching Hardcoded Backdoors Voluntary Handovers
Wiretapping Three Collection Methods: (1) Taps on fiber backbone Special Collection Service (SCS) from embassies FORNSAT (ECHELON taps of foreign satellites) Special Source Operations (SSO) (2) Taps within US corporate systems (Prism) (3) FISA-warranted handovers (ie Verison call records)
“Genie” Leaked in Snowden “black budget” document NSA Hacking of optical routers/switches -for purposes of wiretapping $652-million program
Hardcoded Backdoors Extension of pre-1996 restrictions on export of encryption Most likely how the Special Collection Service (SCS) gains data. see Lotus Notes work reduction http://www.cypherspace.org/adam/hacks/lotus-nsa-key.html
RuggedCom (April 2012) Username “factory” password based on MAC RuggedCom and CERT were informed, but failed to act. Links to Stuxnet: RuggedCom owned by Siemens Similar Backdoors in Siemens programmable logic controllers (PLCs) Stuxnet used similar backdoors in Siemens SCADA products
Baracudda networks (Jan 2013) Backdoor accessible from specific IP ranges Private ranges: 192.168.200.0/24 192.168.10.0/24 Public ranges: 205.158.110.0/24 216.129.105.0/24
Possible NSA Fronts? mail.totalpaas.com (205.158.110.135) - Domain registered by: Domains By Proxy, LLC … frmt1.boxitweb.com (205.158.110.132) - Domain registered by: Thor Myhrstad static.medallia.com (205.158.110.229) - Domain registed by: Medallia Inc. utility.connectify.net (205.158.110.171) - Domain registered by: Connectify Networks, Inc. everest.address.com (216.129.105.202) - Domain registed by: WhitePages, Inc. mail.tqm.bz (216.129.105.205) - Domain registered by: Total Quality Maintenance, Inc outbound.andyforbes.com (216.129.105.212) - Domain registered by: HM hosting
What are they looking for? (1) Terrorism (no debate) (2) Other illegal activity The Airbus-Saudi bribery fiasco Megaupload (3) Military Intelligence (again, no debate) (4) Intellectual property and/or commercial advantage
Commercial Advantage ?!$#!@#$ “There is wide-ranging evidence indicating that major governments are routinely utilising communications intelligence to provide commercial advantage to companies and trade” -STOA Report to the Director General for Research of the European Parliament 1999 “From a commercial communications satellite, NSA lifted all the faxes and phone calls between the European consortium Airbus, the Saudi national airline and the Saudi government. The agency found that Airbus agents were offering bribes to a Saudi official. It passed the information to U.S. officials pressing the bid of Boeing Co and McDonnell Douglas Corp., which triumphed last year in the $6 billion competition."” http://articles.baltimoresun.com/1995-12-03/news/1995337001_1_intelligence-agency-nsa-intelligence-national-security-agency
Recommend
More recommend