National Security Agency Spies on Congress and Israel — Nothing New Here Move Along — NSA Spies On Everybody All The Time And Collects All Your Communcations And Aggregates It When You Become A Target! — Turnkey Totalitarian Secret Security Surveillance State Is Turned On You — The Fourth Amendment Has Been Destroyed — Encrypt Everything — Video

Posted on December 30, 2015. Filed under: American History, Articles, Blogroll, British History, Business, Central Intelligence Agency (CIA), Communications, Computers, Congress, Constitution, Corruption, Crime, Culture, Defense Intelligence Agency (DIA), Defense Intelligence Agency (DIA), Documentary, Economics, Education, Employment, European History, External Hard Drives, Faith, Family, Federal Bureau of Investigation (FBI), Federal Bureau of Investigation (FBI), Federal Government, Foreign Policy, Freedom, Friends, government spending, history, Investments, Life, Links, media, Middle East, Money, National Security Agency (NSA), National Security Agency (NSA_, Politics, Presidential Candidates, Press, Radio, Rants, Raves, Security, Speech, Systems, Talk Radio, Terrorism, Video, War, Wealth, Welfare, Writing | Tags: , , , , , , , , , , , , , , , , , , , , , |

 

nsa_logo

flowchart_final_008acronyms_003130607_PRISM_ppt_1.jpg.CROP.original-original

prism-slide-2

nsa-prism-slide

prism_vendor_slide

prism-slide-6

top-secret-nsa-prism-slide-7

prism-slide-8

top-secret-nsa-prism-slide-9

xkeyscore_cover_slide

x-keyscore

keystore_slidexkeyscore_slide

NSA-X-Keyscore-slide-003

Screen-Shot

xkeyscore_slideNSA-X-Keyscore-slide-004

XKS_Future_Slide

xkeyscore_plugins

screen-shot-2013-07-31-at-8-01-30-pm

screen-shot-2013-07-31-at-8-03-13-pm

data-mining-and-terrorists-apprehended

xks_map

 Rand Paul Disgusted at NSA Spying on Congress and Israel | Fox News

Report: NSA captured conversations of Congress members with Israeli leaders

Report Says NSA Captured Conversations Of Congress Members With Israeli Leaders

Report: NSA Wiretapped Conversations Between Israeli PM And Members Of Congress

What NSA Eavesdropping On Israel Reveals About Relations

Wall Street Journal: NSA spied on Israeli leaders

WSJ: NSA Spied Not Only On Israel But Congress During Nuke Talks – America’s Newsroom

NSA spied on Israel amid Iran talks, caught some US lawmakers’ US talks

Through a PRISM, Darkly – Everything we know about NSA spying [30c3]

Edward Snowden, v 1.0: NSA Whistleblower William Binney Tells All

NSA Surveillance and What To Do About It

ShmooCon 2014: The NSA: Capabilities and Countermeasures

Bruce Schneier: “Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World”

JACOB APPELBAUM EXPOSES NSA TOOLS HACKING YOUR COMPUTER-BACK DOORS & MALWARE

Jacob Appelbaum Interview – Discusses Edward Snowden, The NSA, TOR, WikiLeaks

William Binney – NSA Hiding Extent of Surveillance From FISA Courts & Congress

NSA Whistleblower: Everyone in US under virtual surveillance, all info stored, no matter the post

He told you so: Bill Binney talks NSA leaks

William Binney – The Government is Profiling You (The NSA is Spying on You)

William Binney: NSA had 9/11 foreknowledge

NSA Spying on All Americans Part 1

NSA Spying on All Americans Part 2

How the NSA Spies on Americans (Jim Harper)

The NSA: Future Crime Unit (Jim Harper)

NSA Whistleblower William Binney the 3 words that will put you on the NSA List

NSA whistleblower William Binney Keynote at HOPE Number Nine

NSA Whistleblower William Binney: The Future of FREEDOM

Alex Jones interviews William Binney December 22nd 2015

The Alex Jones Show (3rd HOUR-VIDEO Commercial Free) Wednesday December 30 2015: Seymour Hersh

Operation “Toto” Pulling Back The Curtain: Full NSA Interview

FULL Senate Debate On NSA Spying On ALL Americans

Spying on the Homefront-PBS Frontline

State of Surveillance: Police, Privacy and Technology

The USA Freedom Act | True News

Next Future Terrifying Technology Will Blow Your Mind

Enemy of the State Movie Will Smith (1998)

Encryption as Fast As Possible

Why the NSA is breaking our encryption — and why we should care | Matthew Green | TEDxMidAtlantic

U.S. Spy Net on Israel Snares Congress

NSA’s targeting of Israeli leaders swept up the content of private conversations with U.S. lawmakers

Prime Minister Benjamin Netanyahu joined President Barack Obama last month for a meeting in the Oval Office of the White House.

President Barack Obama announced two years ago he would curtail eavesdropping on friendly heads of state after the world learned the reach of long-secret U.S. surveillance programs.

But behind the scenes, the White House decided to keep certain allies under close watch, current and former U.S. officials said. Topping the list was Israeli Prime MinisterBenjamin Netanyahu.

The U.S., pursuing a nuclear arms agreement with Iran at the time, captured communications between Mr. Netanyahu and his aides that inflamed mistrust between the two countries and planted a political minefield at home when Mr. Netanyahu later took his campaign against the deal to Capitol Hill.

The National Security Agency’s targeting of Israeli leaders and officials also swept up the contents of some of their private conversations with U.S. lawmakers and American-Jewish groups. That raised fears—an “Oh-s— moment,” one senior U.S. official said—that the executive branch would be accused of spying on Congress.

The White House kept certain allies including Israeli Prime Minister Benjamin Netanyahu under surveillance after President Obama announced the U.S. would curtail surveillance on friendly heads of state. WSJ’s Adam Entous has details on Lunch Break. Photo: Getty

White House officials believed the intercepted information could be valuable to counter Mr. Netanyahu’s campaign. They also recognized that asking for it was politically risky. So, wary of a paper trail stemming from a request, the White House let the NSA decide what to share and what to withhold, officials said. “We didn’t say, ‘Do it,’ ” a senior U.S. official said. “We didn’t say, ‘Don’t do it.’ ”

WSJ’s Adam Entous explains how the U.S. determined which world leaders to spy on after announcing it would curtail surveillance. Photo: Getty

Stepped-up NSA eavesdropping revealed to the White House how Mr. Netanyahu and his advisers had leaked details of the U.S.-Iran negotiations—learned through Israeli spying operations—to undermine the talks; coordinated talking points with Jewish-American groups against the deal; and asked undecided lawmakers what it would take to win their votes, according to current and former officials familiar with the intercepts.

Before former NSA contractor Edward Snowden exposed much of the agency’s spying operations in 2013, there was little worry in the administration about the monitoring of friendly heads of state because it was such a closely held secret. After the revelations and a White House review, Mr. Obama announced in a January 2014 speech he would curb such eavesdropping.

In closed-door debate, the Obama administration weighed which allied leaders belonged on a so-called protected list, shielding them from NSA snooping. French President François Hollande, German Chancellor Angela Merkel and other North Atlantic Treaty Organization leaders made the list, but the administration permitted the NSA to target the leaders’ top advisers, current and former U.S. officials said. Other allies were excluded from the protected list, including Recep Tayyip Erdogan, president of NATO ally Turkey, which allowed the NSA to spy on their communications at the discretion of top officials.

Privately, Mr. Obama maintained the monitoring of Mr. Netanyahu on the grounds that it served a “compelling national security purpose,” according to current and former U.S. officials. Mr. Obama mentioned the exception in his speech but kept secret the leaders it would apply to.

Israeli, German and French government officials declined to comment on NSA activities. Turkish officials didn’t respond to requests Tuesday for comment. The Office of the Director of National Intelligence and the NSA declined to comment on communications provided to the White House.

The White House stopped directly monitoring the private communications of German Chancellor Angela Merkel but authorized the National Security Agency to eavesdrop on her top advisers. PHOTO: ODD ANDERSEN/AGENCE FRANCE-

This account, stretching over two terms of the Obama administration, is based on interviews with more than two dozen current and former U.S. intelligence and administration officials and reveals for the first time the extent of American spying on the Israeli prime minister.

Taking office

After Mr. Obama’s 2008 presidential election, U.S. intelligence officials gave his national-security team a one-page questionnaire on priorities. Included on the form was a box directing intelligence agencies to focus on “leadership intentions,” a category that relies on electronic spying to monitor world leaders.

The NSA was so proficient at monitoring heads of state that it was common for the agency to deliver a visiting leader’s talking points to the president in advance. “Who’s going to look at that box and say, ‘No, I don’t want to know what world leaders are saying,’ ” a former Obama administration official said.

In early intelligence briefings, Mr. Obama and his top advisers were told what U.S. spy agencies thought of world leaders, including Mr. Netanyahu, who at the time headed the opposition Likud party.

Michael Hayden, who led the NSA and the Central Intelligence Agency during the George W. Bush administration, described the intelligence relationship between the U.S. and Israel as “the most combustible mixture of intimacy and caution that we have.”

The NSA helped Israel expand its electronic spy apparatus—known as signals intelligence—in the late 1970s. The arrangement gave Israel access to the communications of its regional enemies, information shared with the U.S. Israel’s spy chiefs later suspected the NSA was tapping into their systems.

When Mr. Obama took office, the NSA and its Israeli counterpart, Unit 8200, worked together against shared threats, including a campaign to sabotage centrifuges for Iran’s nuclear program. At the same time, the U.S. and Israeli intelligence agencies targeted one another, stoking tensions.

“Intelligence professionals have a saying: There are no friendly intelligence services,” said Mike Rogers, former Republican chairman of the House Intelligence Committee.

Early in the Obama presidency, for example, Unit 8200 gave the NSA a hacking tool the NSA later discovered also told Israel how the Americans used it. It wasn’t the only time the NSA caught Unit 8200 poking around restricted U.S. networks. Israel would say intrusions were accidental, one former U.S. official said, and the NSA would respond, “Don’t worry. We make mistakes, too.”

In 2011 and 2012, the aims of Messrs. Netanyahu and Obama diverged over Iran. Mr. Netanyahu prepared for a possible strike against an Iranian nuclear facility, as Mr. Obama pursued secret talks with Tehran without telling Israel.

Convinced Mr. Netanyahu would attack Iran without warning the White House, U.S. spy agencies ramped up their surveillance, with the assent of Democratic and Republican lawmakers serving on congressional intelligence committees.

By 2013, U.S. intelligence agencies determined Mr. Netanyahu wasn’t going to strike Iran. But they had another reason to keep watch. The White House wanted to know if Israel had learned of the secret negotiations. U.S. officials feared Iran would bolt the talks and pursue an atomic bomb if news leaked.

The NSA had, in some cases, spent decades placing electronic implants in networks around the world to collect phone calls, text messages and emails. Removing them or turning them off in the wake of the Snowden revelations would make it difficult, if not impossible, to re-establish access in the future, U.S. intelligence officials warned the White House.

Instead of removing the implants, Mr. Obama decided to shut off the NSA’s monitoring of phone numbers and email addresses of certain allied leaders—a move that could be reversed by the president or his successor.

There was little debate over Israel. “Going dark on Bibi? Of course we wouldn’t do that,” a senior U.S. official said, using Mr. Netanyahu’s nickname.

One tool was a cyber implant in Israeli networks that gave the NSA access to communications within the Israeli prime minister’s office.

Given the appetite for information about Mr. Netanyahu’s intentions during the U.S.-Iran negotiations, the NSA tried to send updates to U.S. policy makers quickly, often in less than six hours after a notable communication was intercepted, a former official said.

NSA intercepts convinced the White House last year that Israel was spying on negotiations under way in Europe. Israeli officials later denied targeting U.S. negotiators, saying they had won access to U.S. positions by spying only on the Iranians.

By late 2014, White House officials knew Mr. Netanyahu wanted to block the emerging nuclear deal but didn’t know how.

On Jan. 8, John Boehner, then the Republican House Speaker, and incoming Republican Senate Majority Leader Mitch McConnell agreed on a plan. They would invite Mr. Netanyahu to deliver a speech to a joint session of Congress. A day later, Mr. Boehner called Ron Dermer, the Israeli ambassador, to get Mr. Netanyahu’s agreement.

Despite NSA surveillance, Obama administration officials said they were caught off guard when Mr. Boehner announced the invitation on Jan. 21.

Soon after, Israel’s lobbying campaign against the deal went into full swing on Capitol Hill, and it didn’t take long for administration and intelligence officials to realize the NSA was sweeping up the content of conversations with lawmakers.

The message to the NSA from the White House amounted to: “You decide” what to deliver, a former intelligence official said.

NSA rules governing intercepted communications “to, from or about” Americans date back to the Cold War and require obscuring the identities of U.S. individuals and U.S. corporations. An American is identified only as a “U.S. person” in intelligence reports; a U.S. corporation is identified only as a “U.S. organization.” Senior U.S. officials can ask for names if needed to understand the intelligence information.

The Obama administration included French President François Hollande on a so-called protected list, shielding him from NSA snooping. PHOTO: PHILIPPE WOJAZER/REUTERS

The rules were tightened in the early 1990s to require that intelligence agencies inform congressional committees when a lawmaker’s name was revealed to the executive branch in summaries of intercepted communications.

A 2011 NSA directive said direct communications between foreign intelligence targets and members of Congress should be destroyed when they are intercepted. But the NSA director can issue a waiver if he determines the communications contain “significant foreign intelligence.”

The NSA has leeway to collect and disseminate intercepted communications involving U.S. lawmakers if, for example, foreign ambassadors send messages to their foreign ministries that recount their private meetings or phone calls with members of Congress, current and former officials said.

“Either way, we got the same information,” a former official said, citing detailed reports prepared by the Israelis after exchanges with lawmakers.

During Israel’s lobbying campaign in the months before the deal cleared Congress in September, the NSA removed the names of lawmakers from intelligence reports and weeded out personal information. The agency kept out “trash talk,” officials said, such as personal attacks on the executive branch.

Administration and intelligence officials said the White House didn’t ask the NSA to identify any lawmakers during this period.

“From what I can tell, we haven’t had a problem with how incidental collection has been handled concerning lawmakers,” said Rep. Adam Schiff, a California Democrat and the ranking member of the House Permanent Select Committee on Intelligence. He declined to comment on any specific communications between lawmakers and Israel.

The NSA reports allowed administration officials to peer inside Israeli efforts to turn Congress against the deal. Mr. Dermer was described as coaching unnamed U.S. organizations—which officials could tell from the context were Jewish-American groups—on lines of argument to use with lawmakers, and Israeli officials were reported pressing lawmakers to oppose the deal.

“These allegations are total nonsense,” said a spokesman for the Embassy of Israel in Washington.

A U.S. intelligence official familiar with the intercepts said Israel’s pitch to undecided lawmakers often included such questions as: “How can we get your vote? What’s it going to take?”

NSA intelligence reports helped the White House figure out which Israeli government officials had leaked information from confidential U.S. briefings. When confronted by the U.S., Israel denied passing on the briefing materials.

The agency’s goal was “to give us an accurate illustrative picture of what [the Israelis] were doing,” a senior U.S. official said.

Just before Mr. Netanyahu’s address to Congress in March, the NSA swept up Israeli messages that raised alarms at the White House: Mr. Netanyahu’s office wanted details from Israeli intelligence officials about the latest U.S. positions in the Iran talks, U.S. officials said.

A day before the speech, Secretary of State John Kerry made an unusual disclosure. Speaking to reporters in Switzerland, Mr. Kerry said he was concerned Mr. Netanyahu would divulge “selective details of the ongoing negotiations.”

The State Department said Mr. Kerry was responding to Israeli media reports that Mr. Netanyahu wanted to use his speech to make sure U.S. lawmakers knew the terms of the Iran deal.

Intelligence officials said the media reports allowed the U.S. to put Mr. Netanyahu on notice without revealing they already knew his thinking. The prime minister mentioned no secrets during his speech to Congress.

In the final months of the campaign, NSA intercepts yielded few surprises. Officials said the information reaffirmed what they heard directly from lawmakers and Israeli officials opposed to Mr. Netanyahu’s campaign—that the prime minister was focused on building opposition among Democratic lawmakers.

The NSA intercepts, however, revealed one surprise. Mr. Netanyahu and some of his allies voiced confidence they could win enough votes.

https://www.youtube.com/watch?v=kVRFm5Er6OI

Encryption

From Wikipedia, the free encyclopedia
“Encrypt” redirects here. For the film, see Encrypt (film).
This article is about algorithms for encryption and decryption. For an overview of cryptographic technology in general, see Cryptography.

In cryptography, encryption is the process of encoding messages or information in such a way that only authorized parties can read it.[1] Encryption does not of itself prevent interception, but denies the message content to the interceptor.[2]:374 In an encryption scheme, the intended communication information or message, referred to as plaintext, is encrypted using an encryption algorithm, generating ciphertext that can only be read if decrypted.[2] For technical reasons, an encryption scheme usually uses a pseudo-random encryption key generated by an algorithm. It is in principle possible to decrypt the message without possessing the key, but, for a well-designed encryption scheme, large computational resources and skill are required. An authorized recipient can easily decrypt the message with the key provided by the originator to recipients, but not to unauthorized interceptors.

Types of encryption

Symmetric key encryption

In symmetric-key schemes,[3] the encryption and decryption keys are the same. Communicating parties must have the same key before they can achieve secure communication.

Public key encryption

Illustration of how encryption is used within servers Public key encryption.

In public-key encryption schemes, the encryption key is published for anyone to use and encrypt messages. However, only the receiving party has access to the decryption key that enables messages to be read.[4] Public-key encryption was first described in a secret document in 1973;[5] before then all encryption schemes were symmetric-key (also called private-key).[2]:478

A publicly available public key encryption application called Pretty Good Privacy (PGP) was written in 1991 by Phil Zimmermann, and distributed free of charge with source code; it was purchased by Symantec in 2010 and is regularly updated.[6]

Uses of encryption

Encryption has long been used by military and governments to facilitate secret communication. It is now commonly used in protecting information within many kinds of civilian systems. For example, the Computer Security Institute reported that in 2007, 71% of companies surveyed utilized encryption for some of their data in transit, and 53% utilized encryption for some of their data in storage.[7] Encryption can be used to protect data “at rest”, such as information stored on computers and storage devices (e.g. USB flash drives). In recent years there have been numerous reports of confidential data such as customers’ personal records being exposed through loss or theft of laptops or backup drives. Encrypting such files at rest helps protect them should physical security measures fail. Digital rights management systems, which prevent unauthorized use or reproduction of copyrighted material and protect software against reverse engineering (see also copy protection), is another somewhat different example of using encryption on data at rest.[8]

Encryption is also used to protect data in transit, for example data being transferred via networks (e.g. the Internet, e-commerce), mobile telephones, wireless microphones, wireless intercom systems, Bluetooth devices and bank automatic teller machines. There have been numerous reports of data in transit being intercepted in recent years.[9] Data should also be encrypted when transmitted across networks in order to protect against eavesdropping of network traffic by unauthorized users.[10]

Message verification

Encryption, by itself, can protect the confidentiality of messages, but other techniques are still needed to protect the integrity and authenticity of a message; for example, verification of amessage authentication code (MAC) or a digital signature. Standards for cryptographic software and hardware to perform encryption are widely available, but successfully using encryption to ensure security may be a challenging problem. A single error in system design or execution can allow successful attacks. Sometimes an adversary can obtain unencrypted information without directly undoing the encryption. See, e.g., traffic analysis, TEMPEST, or Trojan horse.[11]

Digital signature and encryption must be applied to the ciphertext when it is created (typically on the same device used to compose the message) to avoid tampering; otherwise any node between the sender and the encryption agent could potentially tamper with it. Encrypting at the time of creation is only secure if the encryption device itself has not been tampered with.

See also

References

  1. Jump up^ “What is Encryption? | EFF Surveillance Self-Defense Project.” What is Encryption? | EFF Surveillance Self-Defense Project. Surveillance Self-Defense Project, n.d. Web. 03 Nov. 2014. <https://ssd.eff.org/en/module/what-encryption>.
  2. ^ Jump up to:a b c Goldreich, Oded. Foundations of Cryptography: Volume 2, Basic Applications. Vol. 2. Cambridge university press, 2004.
  3. Jump up^ Symmetric-key encryption software
  4. Jump up^ Bellare, Mihir. “Public-Key Encryption in a Multi-user Setting: Security Proofs and Improvements.” Springer Berlin Heidelberg, 2000. Page 1.
  5. Jump up^ “Public-Key Encryption – how GCHQ got there first!”. gchq.gov.uk. Archived from the original on May 19, 2010.
  6. Jump up^ “Symantec buys encryption specialist PGP for $300M”. Computerworld. 2010-04-29. Retrieved 2010-04-29.
  7. Jump up^ Robert Richardson, 2008 CSI Computer Crime and Security Survey at 19.i.cmpnet.com
  8. Jump up^ https://www.eff.org/issues/drm
  9. Jump up^ Fiber Optic Networks Vulnerable to Attack, Information Security Magazine, November 15, 2006, Sandra Kay Miller
  10. Jump up^ https://security.berkeley.edu/content/data-encryption-transit-guideline
  11. Jump up^ http://usa.kaspersky.com/internet-security-center/threats/trojans#.VV3oaWDTvfY

Further reading

https://en.wikipedia.org/wiki/Encryption

Read Full Post | Make a Comment ( None so far )

NSA Diverts, Collects, Stores, Searches, Queries, Intercepts, Monitors, Reads, Listens, Analyzes, Reports, Targets and Spies On All The World’s 7 Billion People Plus Information Including 314 Million American Citizens –Massive Invasion of American People’s Privacy and Violation of 4th Amendment Right To Privacy Under U.S. Constitution — Violation of Law and Betrayal of Oaths of Office — The Tyranny of the Secret Security Surveillance State (S4) — Videos

Posted on August 17, 2013. Filed under: American History, Banking, Blogroll, College, Communications, Constitution, Data Storage, Demographics, Economics, Education, Employment, European History, Federal Government, Federal Government Budget, Fiscal Policy, Foreign Policy, government, government spending, history, Language, Law, liberty, Life, Links, Literacy, Macroeconomics, media, Microeconomics, Monetary Policy, Money, People, Philosophy, Politics, Press, Programming, Psychology, Rants, Raves, Regulations, Security, Strategy, Tax Policy, Taxes, Technology, Video | Tags: , , , , , , , , , , , , , , , , , , , , |

NSA

NSA Data Center, Bluffdale, Utah

NSA_Data_center_bluffdale_utha

NSA_breaches

NSA broke privacy rules thousands of times per year, audit finds

By Barton Gellman,        

The National Security Agency has broken privacy rules or overstepped its legal authority thousands of times each year since Congress granted the agency broad new powers in 2008, according to an internal audit and other top-secret documents.

Most of the infractions involve unauthorized surveillance of Americans or foreign intelligence targets in the United States, both of which are restricted by statute and executive order. They range from significant violations of law to typographical errors that resulted in unintended interception of U.S. e-mails and telephone calls.

The documents, provided earlier this summer to The Washington Post by former NSA contractor Edward Snowden, include a level of detail and analysis that is not routinely shared with Congress or the special court that oversees surveillance. In one of the documents, agency personnel are instructed to remove details and substitute more generic language in reports to the Justice Department and the Office of the Director of National Intelligence.

In one instance, the NSA decided that it need not report the unintended surveillance of Americans. A notable example in 2008 was the interception of a “large number” of calls placed from Washington when a programming error confused the U.S. area code 202 for 20, the international dialing code for Egypt, according to a “quality assurance” review that was not distributed to the NSA’s oversight staff.

In another case, the Foreign Intelligence Surveillance Court, which has authority over some NSA operations, did not learn about a new collection method until it had been in operation for many months. The court ruled it unconstitutional.

[FISA judge: Ability to police U.S. spying program is limited]

The Obama administration has provided almost no public information about the NSA’s compliance record. In June, after promising to explain the NSA’s record in “as transparent a way as we possibly can,” Deputy Attorney General James Cole described extensive safeguards and oversight that keep the agency in check. “Every now and then, there may be a mistake,” Cole said in congressional testimony.

The NSA audit obtained by The Post, dated May 2012, counted 2,776 incidents in the preceding 12 months of unauthorized collection, storage, access to or distribution of legally protected communications. Most were unintended. Many involved failures of due diligence or violations of standard operating procedure. The most serious incidents included a violation of a court order and unauthorized use of data about more than 3,000 Americans and green-card holders.

In a statement in response to questions for this article, the NSA said it attempts to identify problems “at the earliest possible moment, implement mitigation measures wherever possible, and drive the numbers down.” The government was made aware of The Post’s intention to publish the documents that accompany this article online.

“We’re a human-run agency operating in a complex environment with a number of different regulatory regimes, so at times we find ourselves on the wrong side of the line,” a senior NSA official said in an interview, speaking with White House permission on the condition of anonymity.

http://www.washingtonpost.com/world/national-security/nsa-broke-privacy-rules-thousands-of-times-per-year-audit-finds/2013/08/15/3310e554-05ca-11e3-a07f-49ddc7417125_story.html

NSA report on privacy violations in the first quarter of 2012

This is the full executive summary, with names redacted by The Post, of a classified internal report on breaches of NSA privacy rules and legal restrictions.

The report covers the period from January through March 2012 and includes comparative data for the full preceding year. Its author is director of oversight and compliance for the NSA’s Signals Intelligence Directorate, but the scope of the report is narrower. Incidents are counted only if they took place within “NSA-Washington,” a term encompassing the Ft. Meade headquarters and nearby facilities. The NSA declined to provide comparable figures for its operations as a whole. A senior intelligence official said only that if all offices and directorates were included, the number of violations would “not double.”

http://apps.washingtonpost.com/g/page/national/nsa-report-on-privacy-violations-in-the-first-quarter-of-2012/395/

Reporter reveals thousands of NSA abuses

NSA Scandal – Americans “Shut Up & Obey” – RPT NSA Broke Rules Thousands Of Times!

Ron Paul / Glenn Greenwald Interview

Snowden Leak Reveals NSA Broke Its Own Rules THOUSANDS OF TIMES

Internal NSA Audit  Privacy Rules Broken Thousands of Times

NSA audit confirms abuse despite Obama’s claim

Report: NSA Spying Broke Privacy Rules Many Times – Edwards Snowden Documents Reveal

Edward Snowden NSA Reform Analysis

EVERYTHING You Do Online Is Recorded In XKeyscore The Young Turks with Cenk Uygur

XKeyscore  A New Level of Invasive NSA Data Spying

‘Does the NSA collect any type of data at all on millions or hundreds of millions of Americans?’

Glenn Greenwald   There Are Extremely Invasive Spying Programs the Public Still Does Not Know About

What you’re not being told about Booz Allen Hamilton and Edward Snowden

Justin Amash  No Precedent In History For NSA Spying

Can American’s Change the Agenda of Extreme Spying?

FOX NEWS: NSA Tracking Of American People

“NSA Spying Now Protected From Any Challenges Under The Fourth Amendment”

Rand Paul on NSA Spying   ‘An Utter, Frank Hypocrisy’   But will he do anything about it

Background Articles and Videos

NSA Whistle-blower Reveals “Stellar Wind” Spying on You – code named The Program

NSA Whistleblower: ‘Everyone In U.S. Under Virtual Surveillance’

NSA Collects ‘Word for Word’ Every Domestic Communication

NSA Whistleblowers:  “All U.S.Citizens” Targeted By Surveillance Program, Not Just Verizon Customers

“Obama Is BIG BROTHER And He’s A LIAR!”

NSA Spying is Far Worse Than You Thought

UNBELIEVABE  NSA, FBI Secretly Mines Data from Major Internet Companies Google, Yahoo

NSA Spying on All Americans Part 1

NSA spying on All Americans Part 2

James Bamford: Inside the NSA’s Largest  Secret Domestic Spy Center

NSA Whistleblower Speaks Live: “The Government Is Lying To You” Part 2

NSA Whistleblower Speaks Live: “The Government Is Lying To You” Part 3

NSA Whistleblower Speaks Live: “The Government Is Lying To You” Part 4

NSA whistleblower William Binney Keynote at HOPE Number Nine

NSA Whistleblower Thomas Drake speaks at National Press Club – March 15, 2013

The Reality

Enemies of the State [29C3]

The Movie

ENEMY OF THE STATE… (1998) MUST WATCH..TAKE SERIOUSLY..

NSA and the One Trillion Dollar scam [Empire]

Nova: The Spy Factory Full Video

Inside NSA – The National Security Agency – Documentary

Inside The NSA~Americas Cyber Secrets

Why Shouldn’t I Work for the NSA?  (Good Will Hunting)

The NSA Is Building the Country’s Biggest Spy Center (Watch What You Say)

The spring air in the small, sand-dusted town has a soft haze to it, and clumps of green-gray sagebrush rustle in the breeze. Bluffdale sits in a bowl-shaped valley in the shadow of Utah’s Wasatch Range to the east and the Oquirrh Mountains to the west. It’s the heart of Mormon country, where religious pioneers first arrived more than 160 years ago. They came to escape the rest of the world, to understand the mysterious words sent down from their god as revealed on buried golden plates, and to practice what has become known as “the principle,” marriage to multiple wives.

Today Bluffdale is home to one of the nation’s largest sects of polygamists, the Apostolic United Brethren, with upwards of 9,000 members. The brethren’s complex includes a chapel, a school, a sports field, and an archive. Membership has doubled since 1978—and the number of plural marriages has tripled—so the sect has recently been looking for ways to purchase more land and expand throughout the town.

But new pioneers have quietly begun moving into the area, secretive outsiders who say little and keep to themselves. Like the pious polygamists, they are focused on deciphering cryptic messages that only they have the power to understand. Just off Beef Hollow Road, less than a mile from brethren headquarters, thousands of hard-hatted construction workers in sweat-soaked T-shirts are laying the groundwork for the newcomers’ own temple and archive, a massive complex so large that it necessitated expanding the town’s boundaries. Once built, it will be more than five times the size of the US Capitol.

Rather than Bibles, prophets, and worshippers, this temple will be filled with servers, computer intelligence experts, and armed guards. And instead of listening for words flowing down from heaven, these newcomers will be secretly capturing, storing, and analyzing vast quantities of words and images hurtling through the world’s telecommunications networks. In the little town of Bluffdale, Big Love and Big Brother have become uneasy neighbors.

The NSA has become the largest, most covert, and potentially most intrusive intelligence agency ever.

Under construction by contractors with top-secret clearances, the blandly named Utah Data Center is being built for the National Security Agency. A project of immense secrecy, it is the final piece in a complex puzzle assembled over the past decade. Its purpose: to intercept, decipher, analyze, and store vast swaths of the world’s communications as they zap down from satellites and zip through the underground and undersea cables of international, foreign, and domestic networks. The heavily fortified $2 billion center should be up and running in September 2013. Flowing through its servers and routers and stored in near-bottomless databases will be all forms of communication, including the complete contents of private emails, cell phone calls, and Google searches, as well as all sorts of personal data trails—parking receipts, travel itineraries, bookstore purchases, and other digital “pocket litter.” It is, in some measure, the realization of the “total information awareness” program created during the first term of the Bush administration—an effort that was killed by Congress in 2003 after it caused an outcry over its potential for invading Americans’ privacy.

But “this is more than just a data center,” says one senior intelligence official who until recently was involved with the program. The mammoth Bluffdale center will have another important and far more secret role that until now has gone unrevealed. It is also critical, he says, for breaking codes. And code-breaking is crucial, because much of the data that the center will handle—financial information, stock transactions, business deals, foreign military and diplomatic secrets, legal documents, confidential personal communications—will be heavily encrypted. According to another top official also involved with the program, the NSA made an enormous breakthrough several years ago in its ability to cryptanalyze, or break, unfathomably complex encryption systems employed by not only governments around the world but also many average computer users in the US. The upshot, according to this official: “Everybody’s a target; everybody with communication is a target.”

For the NSA, overflowing with tens of billions of dollars in post-9/11 budget awards, the cryptanalysis breakthrough came at a time of explosive growth, in size as well as in power. Established as an arm of the Department of Defense following Pearl Harbor, with the primary purpose of preventing another surprise assault, the NSA suffered a series of humiliations in the post-Cold War years. Caught offguard by an escalating series of terrorist attacks—the first World Trade Center bombing, the blowing up of US embassies in East Africa, the attack on the USS Cole in Yemen, and finally the devastation of 9/11—some began questioning the agency’s very reason for being. In response, the NSA has quietly been reborn. And while there is little indication that its actual effectiveness has improved—after all, despite numerous pieces of evidence and intelligence-gathering opportunities, it missed the near-disastrous attempted attacks by the underwear bomber on a flight to Detroit in 2009 and by the car bomber in Times Square in 2010—there is no doubt that it has transformed itself into the largest, most covert, and potentially most intrusive intelligence agency ever created.

In the process—and for the first time since Watergate and the other scandals of the Nixon administration—the NSA has turned its surveillance apparatus on the US and its citizens. It has established listening posts throughout the nation to collect and sift through billions of email messages and phone calls, whether they originate within the country or overseas. It has created a supercomputer of almost unimaginable speed to look for patterns and unscramble codes. Finally, the agency has begun building a place to store all the trillions of words and thoughts and whispers captured in its electronic net. And, of course, it’s all being done in secret. To those on the inside, the old adage that NSA stands for Never Say Anything applies more than ever.

Utah_data_center

A swath of freezing fog blanketed Salt Lake City on the morning of January 6, 2011, mixing with a weeklong coating of heavy gray smog. Red air alerts, warning people to stay indoors unless absolutely necessary, had become almost daily occurrences, and the temperature was in the bone-chilling twenties. “What I smell and taste is like coal smoke,” complained one local blogger that day. At the city’s international airport, many inbound flights were delayed or diverted while outbound regional jets were grounded. But among those making it through the icy mist was a figure whose gray suit and tie made him almost disappear into the background. He was tall and thin, with the physique of an aging basketball player and dark caterpillar eyebrows beneath a shock of matching hair. Accompanied by a retinue of bodyguards, the man was NSA deputy director Chris Inglis, the agency’s highest-ranking civilian and the person who ran its worldwide day-to-day operations.

A short time later, Inglis arrived in Bluffdale at the site of the future data center, a flat, unpaved runway on a little-used part of Camp Williams, a National Guard training site. There, in a white tent set up for the occasion, Inglis joined Harvey Davis, the agency’s associate director for installations and logistics, and Utah senator Orrin Hatch, along with a few generals and politicians in a surreal ceremony. Standing in an odd wooden sandbox and holding gold-painted shovels, they made awkward jabs at the sand and thus officially broke ground on what the local media had simply dubbed “the spy center.” Hoping for some details on what was about to be built, reporters turned to one of the invited guests, Lane Beattie of the Salt Lake Chamber of Commerce. Did he have any idea of the purpose behind the new facility in his backyard? “Absolutely not,” he said with a self-conscious half laugh. “Nor do I want them spying on me.”

For his part, Inglis simply engaged in a bit of double-talk, emphasizing the least threatening aspect of the center: “It’s a state-of-the-art facility designed to support the intelligence community in its mission to, in turn, enable and protect the nation’s cybersecurity.” While cybersecurity will certainly be among the areas focused on in Bluffdale, what is collected, how it’s collected, and what is done with the material are far more important issues. Battling hackers makes for a nice cover—it’s easy to explain, and who could be against it? Then the reporters turned to Hatch, who proudly described the center as “a great tribute to Utah,” then added, “I can’t tell you a lot about what they’re going to be doing, because it’s highly classified.”

And then there was this anomaly: Although this was supposedly the official ground-breaking for the nation’s largest and most expensive cybersecurity project, no one from the Department of Homeland Security, the agency responsible for protecting civilian networks from cyberattack, spoke from the lectern. In fact, the official who’d originally introduced the data center, at a press conference in Salt Lake City in October 2009, had nothing to do with cybersecurity. It was Glenn A. Gaffney, deputy director of national intelligence for collection, a man who had spent almost his entire career at the CIA. As head of collection for the intelligence community, he managed the country’s human and electronic spies.

Within days, the tent and sandbox and gold shovels would be gone and Inglis and the generals would be replaced by some 10,000 construction workers. “We’ve been asked not to talk about the project,” Rob Moore, president of Big-D Construction, one of the three major contractors working on the project, told a local reporter. The plans for the center show an extensive security system: an elaborate $10 million antiterrorism protection program, including a fence designed to stop a 15,000-pound vehicle traveling 50 miles per hour, closed-circuit cameras, a biometric identification system, a vehicle inspection facility, and a visitor-control center.

Inside, the facility will consist of four 25,000-square-foot halls filled with servers, complete with raised floor space for cables and storage. In addition, there will be more than 900,000 square feet for technical support and administration. The entire site will be self-sustaining, with fuel tanks large enough to power the backup generators for three days in an emergency, water storage with the capability of pumping 1.7 million gallons of liquid per day, as well as a sewage system and massive air-conditioning system to keep all those servers cool. Electricity will come from the center’s own substation built by Rocky Mountain Power to satisfy the 65-megawatt power demand. Such a mammoth amount of energy comes with a mammoth price tag—about $40 million a year, according to one estimate.

Given the facility’s scale and the fact that a terabyte of data can now be stored on a flash drive the size of a man’s pinky, the potential amount of information that could be housed in Bluffdale is truly staggering. But so is the exponential growth in the amount of intelligence data being produced every day by the eavesdropping sensors of the NSA and other intelligence agencies. As a result of this “expanding array of theater airborne and other sensor networks,” as a 2007 Department of Defense report puts it, the Pentagon is attempting to expand its worldwide communications network, known as the Global Information Grid, to handle yottabytes (1024 bytes) of data. (A yottabyte is a septillion bytes—so large that no one has yet coined a term for the next higher magnitude.)

It needs that capacity because, according to a recent report by Cisco, global Internet traffic will quadruple from 2010 to 2015, reaching 966 exabytes per year. (A million exabytes equal a yottabyte.) In terms of scale, Eric Schmidt, Google’s former CEO, once estimated that the total of all human knowledge created from the dawn of man to 2003 totaled 5 exabytes. And the data flow shows no sign of slowing. In 2011 more than 2 billion of the world’s 6.9 billion people were connected to the Internet. By 2015, market research firm IDC estimates, there will be 2.7 billion users. Thus, the NSA’s need for a 1-million-square-foot data storehouse. Should the agency ever fill the Utah center with a yottabyte of information, it would be equal to about 500 quintillion (500,000,000,000,000,000,000) pages of text.

The data stored in Bluffdale will naturally go far beyond the world’s billions of public web pages. The NSA is more interested in the so-called invisible web, also known as the deep web or deepnet—data beyond the reach of the public. This includes password-protected data, US and foreign government communications, and noncommercial file-sharing between trusted peers. “The deep web contains government reports, databases, and other sources of information of high value to DOD and the intelligence community,” according to a 2010 Defense Science Board report. “Alternative tools are needed to find and index data in the deep web … Stealing the classified secrets of a potential adversary is where the [intelligence] community is most comfortable.” With its new Utah Data Center, the NSA will at last have the technical capability to store, and rummage through, all those stolen secrets. The question, of course, is how the agency defines who is, and who is not, “a potential adversary.”

nsa_spy_network

Before yottabytes of data from the deep web and elsewhere can begin piling up inside the servers of the NSA’s new center, they must be collected. To better accomplish that, the agency has undergone the largest building boom in its history, including installing secret electronic monitoring rooms in major US telecom facilities. Controlled by the NSA, these highly secured spaces are where the agency taps into the US communications networks, a practice that came to light during the Bush years but was never acknowledged by the agency. The broad outlines of the so-called warrantless-wiretapping program have long been exposed—how the NSA secretly and illegally bypassed the Foreign Intelligence Surveillance Court, which was supposed to oversee and authorize highly targeted domestic eavesdropping; how the program allowed wholesale monitoring of millions of American phone calls and email. In the wake of the program’s exposure, Congress passed the FISA Amendments Act of 2008, which largely made the practices legal. Telecoms that had agreed to participate in the illegal activity were granted immunity from prosecution and lawsuits. What wasn’t revealed until now, however, was the enormity of this ongoing domestic spying program.

For the first time, a former NSA official has gone on the record to describe the program, codenamed Stellar Wind, in detail. William Binney was a senior NSA crypto-mathematician largely responsible for automating the agency’s worldwide eavesdropping network. A tall man with strands of black hair across the front of his scalp and dark, determined eyes behind thick-rimmed glasses, the 68-year-old spent nearly four decades breaking codes and finding new ways to channel billions of private phone calls and email messages from around the world into the NSA’s bulging databases. As chief and one of the two cofounders of the agency’s Signals Intelligence Automation Research Center, Binney and his team designed much of the infrastructure that’s still likely used to intercept international and foreign communications.

He explains that the agency could have installed its tapping gear at the nation’s cable landing stations—the more than two dozen sites on the periphery of the US where fiber-optic cables come ashore. If it had taken that route, the NSA would have been able to limit its eavesdropping to just international communications, which at the time was all that was allowed under US law. Instead it chose to put the wiretapping rooms at key junction points throughout the country—large, windowless buildings known as switches—thus gaining access to not just international communications but also to most of the domestic traffic flowing through the US. The network of intercept stations goes far beyond the single room in an AT&T building in San Francisco exposed by a whistle-blower in 2006. “I think there’s 10 to 20 of them,” Binney says. “That’s not just San Francisco; they have them in the middle of the country and also on the East Coast.”

The eavesdropping on Americans doesn’t stop at the telecom switches. To capture satellite communications in and out of the US, the agency also monitors AT&T’s powerful earth stations, satellite receivers in locations that include Roaring Creek and Salt Creek. Tucked away on a back road in rural Catawissa, Pennsylvania, Roaring Creek’s three 105-foot dishes handle much of the country’s communications to and from Europe and the Middle East. And on an isolated stretch of land in remote Arbuckle, California, three similar dishes at the company’s Salt Creek station service the Pacific Rim and Asia.

The former NSA official held his thumb and forefinger close together: “We are that far from a turnkey totalitarian state.”

Binney left the NSA in late 2001, shortly after the agency launched its warrantless-wiretapping program. “They violated the Constitution setting it up,” he says bluntly. “But they didn’t care. They were going to do it anyway, and they were going to crucify anyone who stood in the way. When they started violating the Constitution, I couldn’t stay.” Binney says Stellar Wind was far larger than has been publicly disclosed and included not just eavesdropping on domestic phone calls but the inspection of domestic email. At the outset the program recorded 320 million calls a day, he says, which represented about 73 to 80 percent of the total volume of the agency’s worldwide intercepts. The haul only grew from there. According to Binney—who has maintained close contact with agency employees until a few years ago—the taps in the secret rooms dotting the country are actually powered by highly sophisticated software programs that conduct “deep packet inspection,” examining Internet traffic as it passes through the 10-gigabit-per-second cables at the speed of light.

The software, created by a company called Narus that’s now part of Boeing, is controlled remotely from NSA headquarters at Fort Meade in Maryland and searches US sources for target addresses, locations, countries, and phone numbers, as well as watch-listed names, keywords, and phrases in email. Any communication that arouses suspicion, especially those to or from the million or so people on agency watch lists, are automatically copied or recorded and then transmitted to the NSA.

The scope of surveillance expands from there, Binney says. Once a name is entered into the Narus database, all phone calls and other communications to and from that person are automatically routed to the NSA’s recorders. “Anybody you want, route to a recorder,” Binney says. “If your number’s in there? Routed and gets recorded.” He adds, “The Narus device allows you to take it all.” And when Bluffdale is completed, whatever is collected will be routed there for storage and analysis.

According to Binney, one of the deepest secrets of the Stellar Wind program—again, never confirmed until now—was that the NSA gained warrantless access to AT&T’s vast trove of domestic and international billing records, detailed information about who called whom in the US and around the world. As of 2007, AT&T had more than 2.8 trillion records housed in a database at its Florham Park, New Jersey, complex.

Verizon was also part of the program, Binney says, and that greatly expanded the volume of calls subject to the agency’s domestic eavesdropping. “That multiplies the call rate by at least a factor of five,” he says. “So you’re over a billion and a half calls a day.” (Spokespeople for Verizon and AT&T said their companies would not comment on matters of national security.)

Read Full Post | Make a Comment ( None so far )

FBI And NSA Demands Passwords From Internet Service Providers — Big Brother Is Truly Out-of-Control — Time To Totally Repeal Patriot Act — Photos and Videos

Posted on July 25, 2013. Filed under: American History, Blogroll, Communications, Constitution, Economics, Education, Employment, Federal Government, Federal Government Budget, Fiscal Policy, Foreign Policy, government spending, history, Illegal, Immigration, Law, liberty, Life, Links, Macroeconomics, media, People, Philosophy, Politics, Press, Radio, Rants, Raves, Security, Tax Policy, Taxes, Video, War, Wisdom | Tags: , , , , , , , , , , , , , , , , , , , , , , , |

collect-citizen-data

PRISM

nsa-spy-machine

nsa-surveillance-map

NSA_Utah_Data_Center_Bluffdale

NSA_Data_Center

front_NSA

utah-datacenter-layout

NSA Data Center

NSA Phone Records

frontal_view_entry_nsa

NSA

Amash Amendment Creates New Political Coalitions

Glenn Beck Justin Amash Interview On Nsa Surveillance

Justin Amash on NSA spying: This issue is about the American people vs. Washington political elites

Glenn Beck Excoriates Michele Bachmann: ‘Shame On You,’ ‘Really, Really, Really Almost Dead To Me’

Justin Amash: No Precedent In History For NSA Spying

Daines Fights to Protect Americans from NSA Mass Data Collection

Michigan congressman aims to defund NSA surveillance program

FOX NEWS: NSA Director’s Deceptive Testimony

NSAs Keith Alexander Calls Emergency Private Briefing To Lobby Against Justin Amash Amendment Curtai  

NSA Director describes PRISM-like program in 2012

Unconstitutional – Judge: FBI Requests Violate 1st Amendment – Judge Andrew Napolitano

NSA & The Mass Surveillance Society

FBI’s Patriot Act Abuse of National Security Letters and illegal NSA spying

Mark Levin – Government Surveillance – June 6, 2013 – Full Show

Full Show 6/10/13: The Rise of the Security State 

 

Nova: The Spy Factory Full Video

Feds tell Web firms to turn over user account passwords

Secret demands mark escalation in Internet surveillance by the federal government through gaining access to user passwords, which are typically stored in encrypted form.

The U.S. government has demanded that major Internet companies divulge users’ stored passwords, according to two industry sources familiar with these orders, which represent an escalation in surveillance techniques that has not previously been disclosed.

If the government is able to determine a person’s password, which is typically stored in encrypted form, the credential could be used to log in to an account to peruse confidential correspondence or even impersonate the user. Obtaining it also would aid in deciphering encrypted devices in situations where passwords are reused.

“I’ve certainly seen them ask for passwords,” said one Internet industry source who spoke on condition of anonymity. “We push back.”

A second person who has worked at a large Silicon Valley company confirmed that it received legal requests from the federal government for stored passwords. Companies “really heavily scrutinize” these requests, the person said. “There’s a lot of ‘over my dead body.'”

Some of the government orders demand not only a user’s password but also the encryption algorithm and the so-called salt, according to a person familiar with the requests. A salt is a random string of letters or numbers used to make it more difficult to reverse the encryption process and determine the original password. Other orders demand the secret question codes often associated with user accounts.

“This is one of those unanswered legal questions: Is there any circumstance under which they could get password information?” –Jennifer Granick, Stanford University

A Microsoft spokesperson would not say whether the company has received such requests from the government. But when asked whether Microsoft would divulge passwords, salts, or algorithms, the spokesperson replied: “No, we don’t, and we can’t see a circumstance in which we would provide it.”

Google also declined to disclose whether it had received requests for those types of data. But a spokesperson said the company has “never” turned over a user’s encrypted password, and that it has a legal team that frequently pushes back against requests that are fishing expeditions or are otherwise problematic. “We take the privacy and security of our users very seriously,” the spokesperson said.

Apple, Yahoo, Facebook, AOL, Verizon, AT&T, Time Warner Cable, and Comcast did not respond to queries about whether they have received requests for users’ passwords and how they would respond to them.

Richard Lovejoy, a director of the Opera Software subsidiary that operates FastMail, said he doesn’t recall receiving any such requests but that the company still has a relatively small number of users compared with its larger rivals. Because of that, he said, “we don’t get a high volume” of U.S. government demands.

The FBI declined to comment.

Some details remain unclear, including when the requests began and whether the government demands are always targeted at individuals or seek entire password database dumps. The Patriot Act has been used to demand entire database dumps of phone call logs, and critics have suggested its use is broader. “The authority of the government is essentially limitless” under that law, Sen. Ron Wyden, an Oregon Democrat who serves on the Senate Intelligence committee, said at a Washington event this week.

Large Internet companies have resisted the government’s requests by arguing that “you don’t have the right to operate the account as a person,” according to a person familiar with the issue. “I don’t know what happens when the government goes to smaller providers and demands user passwords,” the person said.

An attorney who represents Internet companies said he has not fielded government password requests, but “we’ve certainly had reset requests — if you have the device in your possession, than a password reset is the easier way.”

Cracking the codes Even if the National Security Agency or the FBI successfully obtains an encrypted password, salt, and details about the algorithm used, unearthing a user’s original password is hardly guaranteed. The odds of success depend in large part on two factors: the type of algorithm and the complexity of the password.

Algorithms, known as hash functions, that are viewed as suitable for scrambling stored passwords are designed to be difficult to reverse. One popular hash function called MD5, for instance, transforms the phrase “National Security Agency” into this string of seemingly random characters: 84bd1c27b26f7be85b2742817bb8d43b. Computer scientists believe that, if a hash function is well-designed, the original phrase cannot be derived from the output.

But modern computers, especially ones equipped with high-performance video cards, can test passwords scrambled with MD5 and other well-known hash algorithms at the rate of billions a second. One system using 25 Radeon-powered GPUs that was demonstrated at a conference last December tested 348 billion hashes per second, meaning it would crack a 14-character Windows XP password in six minutes.

The best practice among Silicon Valley companies is to adopt far slower hash algorithms — designed to take a large fraction of a second to scramble a password — that have been intentionally crafted to make it more difficult and expensive for the NSA and other attackers to test every possible combination.

One popular algorithm, used by Twitter and LinkedIn, is called bcrypt. A 2009 paper (PDF) by computer scientist Colin Percival estimated that it would cost a mere $4 to crack, in an average of one year, an 8-character bcrypt password composed only of letters. To do it in an average of one day, the hardware cost would jump to approximately $1,500.

But if a password of the same length included numbers, asterisks, punctuation marks, and other special characters, the cost-per-year leaps to $130,000. Increasing the length to any 10 characters, Percival estimated in 2009, brings the estimated cracking cost to a staggering $1.2 billion.

As computers have become more powerful, the cost of cracking bcrypt passwords has decreased. “I’d say as a rough ballpark, the current cost would be around 1/20th of the numbers I have in my paper,” said Percival, who founded a company called Tarsnap Backup, which offers “online backups for the truly paranoid.” Percival added that a government agency would likely use ASICs — application-specific integrated circuits — for password cracking because it’s “the most cost-efficient — at large scale — approach.”

While developing Tarsnap, Percival devised an algorithm called scrypt, which he estimates can make the “cost of a hardware brute-force attack” against a hashed password as much as 4,000 times greater than bcrypt.

Bcrypt was introduced (PDF) at a 1999 Usenix conference by Niels Provos, currently a distinguished engineer in Google’s infrastructure group, and David Mazières, an associate professor of computer science at Stanford University.

With the computers available today, “bcrypt won’t pipeline very well in hardware,” Mazières said, so it would “still be very expensive to do widespread cracking.”

Even if “the NSA is asking for access to hashed bcrypt passwords,” Mazières said, “that doesn’t necessarily mean they are cracking them.” Easier approaches, he said, include an order to extract them from the server or network when the user logs in — which has been done before — or installing a keylogger at the client.

Questions of law Whether the National Security Agency or FBI has the legal authority to demand that an Internet company divulge a hashed password, salt, and algorithm remains murky.

“This is one of those unanswered legal questions: Is there any circumstance under which they could get password information?” said Jennifer Granick, director of civil liberties at Stanford University’s Center for Internet and Society. “I don’t know.”

Granick said she’s not aware of any precedent for an Internet company “to provide passwords, encrypted or otherwise, or password algorithms to the government — for the government to crack passwords and use them unsupervised.” If the password will be used to log in to the account, she said, that’s “prospective surveillance,” which would require a wiretap order or Foreign Intelligence Surveillance Act order.

If the government can subsequently determine the password, “there’s a concern that the provider is enabling unauthorized access to the user’s account if they do that,” Granick said. That could, she said, raise legal issues under the Stored Communications Act and the Computer Fraud and Abuse Act.

The Justice Department has argued in court proceedings before that it has broad legal authority to obtain passwords. In 2011, for instance, federal prosecutors sent a grand jury subpoena demanding the password that would unlock files encrypted with the TrueCrypt utility.

The Florida man who received the subpoena claimed the Fifth Amendment, which protects his right to avoid self-incrimination, allowed him to refuse the prosecutors’ demand. In February 2012, the U.S. Court of Appeals for the Eleventh Circuit agreed, saying that because prosecutors could bring a criminal prosecution against him based on the contents of the decrypted files, the man “could not be compelled to decrypt the drives.”

In January 2012, a federal district judge in Colorado reached the opposite conclusion, ruling that a criminal defendant could be compelled under the All Writs Act to type in the password that would unlock a Toshiba Satellite laptop.

Both of those cases, however, deal with criminal proceedings when the password holder is the target of an investigation — and don’t address when a hashed password is stored on the servers of a company that’s an innocent third party.

“If you can figure out someone’s password, you have the ability to reuse the account,” which raises significant privacy concerns, said Seth Schoen, a senior staff technologist at the Electronic Frontier Foundation.

http://news.cnet.com/8301-13578_3-57595529-38/feds-tell-web-firms-to-turn-over-user-account-passwords/

Six Ways Congress May Reform NSA Snooping

A measure to end one NSA program was just defeated in the House by a surprisingly narrow margin. Here are other proposals on the table.

    by Kara Brandeisky

Although the House defeated a measure that would have defunded the bulk phone metadata collection program [1], the narrow 205-217 vote [2] showed that there is significant support in Congress to reform NSA surveillance programs. Here are six other legislative proposals on the table.

1) Raise the standard for what records are considered “relevant”

The Foreign Intelligence Surveillance Court has reportedly adopted a broad interpretation of the Patriot Act [3], ruling that all the records in a company’s database could be considered “relevant to an authorized investigation.” The leaked court order compelling a Verizon subsidiary to turn over all its phone records is just one example of how the Foreign Intelligence Surveillance Court has interpreted the statute.

Both Rep. John Conyers [4], D-Mich., and Sen. Bernie Sanders, I-Vt. [5], have introduced bills requiring the government to show “specific and articulable facts” demonstrating how records are relevant.  Similarly, legislation introduced by Sen. Mark Udall, D-Colo., would require any applications to include an explanation [6] of how any records sought are relevant to an authorized investigation.

2) Require NSA analysts to obtain court approval before searching metadata

Once the NSA has phone records in its possession, Sen. Dianne Feinstein has explained that NSA analysts may query the data without individualized court approvals [7], as long as they have a “reasonable suspicion, based on specific facts [8]” that the data is related to a foreign terrorist organization.

A bill from Rep. Stephen Lynch, D-Mass., would require the government to petition the Foreign Intelligence Surveillance Court every time an analyst wants to search telephone metadata [9]. From there, a surveillance court judge would need to find “reasonable, articulable suspicion” that the search is “specifically relevant to an authorized investigation” before approving the application. The legislation would also require the FBI to report monthly to congressional intelligence committees all the searches the analysts made.

3) Declassify Foreign Intelligence Surveillance Court opinions

Right now, court opinions authorizing the NSA surveillance programs remain secret. Advocacy groups have brought several Freedom of Information Act suits [10] seeking the release of Foreign Intelligence Surveillance Court documents, but the Justice Department continues to fight them.

Several bills would compel the secret court to release some opinions. The Ending Secret Law Act — both the House [11] and Senate [12] versions — would require the court to declassify all its opinions that include “significant construction or interpretation” of the Foreign Intelligence Surveillance Act. Under current law, the court already submits these “significant” opinions to congressional intelligence committees, so the bill would just require the court to share those documents with the public.

The bills do include an exception if the attorney general decides that declassifying an opinion would threaten national security. In that case, the court would release an unclassified summary of the opinion, or — if even offering a summary of the opinion would pose a national security threat — at least give a report on the declassification process with an “estimate” of how many opinions must remain classified.

Keep in mind, before Edward Snowden’s disclosures, the Justice Department argued that all “significant legal interpretations” needed to remain classified [13] for national security reasons. Since the leaks, the government has said it’s now reviewing what, if any, documents can be declassified, but they said they need more time [14].

4) Change the way Foreign Intelligence Surveillance Court judges are appointed

Current law does not give Congress any power to confirm Foreign Intelligence Surveillance Court judges. Instead, the chief justice of the United States appoints the judges, who all already serve on the federal bench. The judges serve seven-year terms. Chief Justice John Roberts appointed all 11 judges [15] currently serving on the court – ten of whom were nominated [16] to federal courts by Republican presidents.

A bill introduced by Rep. Adam Schiff, D-Calif., would give the president the power to appoint surveillance court judges [17] and give the Senate power to confirm. The president would also choose the presiding judge of the surveillance court, with Senate approval.

Alternatively, Rep. Steve Cohen, D-Tenn., has offered a bill [18] that would let the chief justice appoint three judges and let the House Speaker, the House minority leader, the Senate majority leader, and the Senate minority leader each appoint two judges.

5) Appoint a public advocate to argue before the Foreign Intelligence Surveillance Court

Currently, the government officials petitioning the Foreign Intelligence Surveillance Court do not face an adversarial process. Surveillance targets do not have representation before the court, and they are not notified if a court order is issued for their data.

In 33 years, the surveillance court only rejected 11 of an estimated 33,900 government requests [19], though it the government has also modified 40 of the 1,856 applications in 2012.

Two former Foreign Intelligence Surveillance Court judges – Judge James Robertson [20] and Judge James Carr [21] – have argued that Congress should appoint a public advocate to counter the government’s arguments. Carr wrote in the New York Times, “During my six years on the court, there were several occasions when I and other judges faced issues none of us had encountered before. […]Having lawyers challenge novel legal assertions in these secret proceedings would result in better judicial outcomes.”

Sen. Richard Blumenthal, D-Conn., has promised to introduce a bill [22] that would provide a “special advocate” to argue on behalf of privacy rights and give “civil society organizations” a chance to respond before the surveillance court issues significant rulings.

The surveillance court can actually invite advocates to argue before the court, as the Supreme Court did when the Obama administration refused to defend the Defense of Marriage Act.

“There’s nothing in law that would prevent the FISA court from hiring an advocate as an additional advisor to the court, except the need to obtain security clearances for that advocate, which would have to be granted by the executive branch,” explained Steven Bradbury, who served as the head of the Office of Legal Counsel in the Department of Justice from 2005 to 2009.

Bradbury has argued that the surveillance court may not need a permanent public advocate because its legal advisers [23] already fulfill that role.

6) End phone metadata collection on constitutional grounds

The Justice Department has maintained that mass phone metadata collection is “fully consistent with the Fourth Amendment [24].” That reasoning is based on the 1979 Supreme Court decision Smith v. Maryland [25], where the Court found that the government does not need a warrant based on probable cause to collect phone records. The Court reasoned that whenever you dial a phone number, you voluntarily share that phone number with a telecom, and you can’t reasonably expect a right to privacy for information shared with third parties. As a result, the Court ruled that the collection of phone records is not a “search” and does not merit protection under the Fourth Amendment.

Sen. Rand Paul, R-Ky., has introduced a bill [26] declaring that the Fourth Amendment “shall not be construed to allow any agency of the United States Government to search the phone records of Americans without a warrant based on probable cause” — effectively shutting down the NSA’s phone metadata collection program.

http://www.propublica.org/article/six-ways-congress-may-reform-nsa-snooping

The NSA’s New Spy Facilities are 7 Times Bigger Than the Pentagon

He works at one of the three-letter intelligence agencies and oversees construction of a $1.2 billion surveillance data center in Utah that is 15 times the size of MetLife Stadium, home to the New York Giants and Jets. Long Island native Harvey Davis, a top National Security Agency official, needs that commanding presence. His role is to supervise infrastructure construction worldwide for NSA, which is part of the Defense Department. That involves tending to logistics, military installations, as well as power, space and cooling for all NSA data centers.

In May, crews broke ground on a $792 million computing center at the agency’s headquarters near Baltimore that will complement the Utah site. Together the Utah center and Maryland’s 28-acre computer farm span 228 acres—more than seven times the size of the Pentagon.

During an interview with Government Executive in June, amid the uproar over leaked details of NSA’s domestic espionage activities, Davis describes the 200-acre Utah facility as very transparent: “Only brick and mortar.” A data center just provides energy and chills machines, he says.

About 6,500 contractors, along with more than 150 Army Corps of Engineers and NSA workers, including some with special needs, are assigned to the project. Davis perks up when he talks about the hundreds of individuals with disabilities he has steered into NSA.

But ask him why the facility is so big and what’s inside, and he is less forthcoming. “I think we’re crossing into content. It’s big because it’s required to be big,” says Davis, a 30-year veteran of the spy agency.

At NSA, secrecy is not exclusive to intelligence analysts. Every civil servant in the Installations and Logistics Directorate Davis leads has a security clearance. He earned his in the early 1980s, entering the agency with a master’s degree in business administration, experience managing inventory for a women’s apparel chain, and a yearning for a higher calling than retail.

For security reasons, some of the contractors erecting the data center don’t even know its purpose, other than the equipment needed—nothing about snooping. The 2010 public work solicitation called for a 65-megawatt center with a chiller plant, fire suppression systems, electrical generators and an uninterruptible power supply backup capacity.

Davis lets out that inside there will be supercomputers, or what NSA labels “high performance computers.” These need “different cooling and different power distributions as opposed to something you bought from Best Buy,” he says. The machines, along with whatever other technology is tucked in the facility, are slated to power on by Oct. 1.

Four years ago, the stated purpose of the megaplex near Salt Lake City was to amass foreign intelligence and warnings about hackers.  Officials described it as an extension of President George W. Bush’s 2008 Comprehensive National Cybersecurity Initiative, a largely classified, cross-agency program to protect U.S. computer networks against adversaries. Today, it is evident the data plantation will not be linked to any one program. Instead, the systems inside will warehouse counterterrorism information collected in aggregate, including millions of Americans’ phone logs for five years and certain foreigners’ online messages, NSA officials confirm. Spies at other locations will decipher what’s accumulated to thwart terrorist attacks, cyber assaults, and weapons of mass destruction.

The Utah effort is the largest ongoing Defense construction project in the United States. Still, it is only three-quarters the size of the department’s largest in the world—the Medical Center Replacement Project at Rhine Ordnance Barracks, Germany.

Harvey Davis, Director of Logistics, NSA, at the agency’s Fort Meade construction site. Photo by Melissa Golden

His Posse

Davis is reluctant to discuss the ratio of contractors to civil service employees in Utah—a week after The Guardian and The Washington Post have reported an NSA contractor leaked Top Secret documents. Prosecutors are pursuing former Booz Allen Hamilton employee Edward Snowden for exposing files about PRISM, the agency’s foreign Internet surveillance program, and domestic call data-monitoring while he was administering NSA data systems in Hawaii.

Compared with the 6,500 contract employees, “there is a smaller number of people on my core project management team,” Davis says. An agency official in the room adds: “We can talk in total numbers here . . . We can’t get into how many are ours, how many are theirs.”

A few days after the interview, when asked why NSA’s reliance on contractors is hush-hush, agency officials released some figures.  Ten people are on Davis’ core team. About 150 employees from the Army Corps of Engineers, along with an undisclosed number of employees from the 1,000-member Installations and Logistics Directorate, are involved with the Utah project. NSA considers the total sum of agency personnel staffed to certain construction projects operational details and would not provide that statistic.  A small workforce of up to 200 government and contract employees—building engineers, systems administrators and maintenance workers—will stay permanently to keep the facility running.

Davis is more eager to discuss the quality than quantity of his employees. Roughly 10 years ago, while working as an NSA human resources director, he encountered an untapped talent pool that he now draws from regularly. “The disabled population is just so thankful to have a job. They would just come in here and you’d have to actually force them to go home,” Davis says. “I have engineers that are hard of hearing, and our workforce all took sign language so they could actually communicate with one another.”

Nobody waters down security clearance exercises to facilitate special needs applicants, he adds. “Somebody who was deaf, we would do polygraph in sign language,” Davis says. “What we look for is qualifications first. We have someone developing software—working on the computers—that is blind. There is really no limitation that we have found as long we can find the skill match.” At least a dozen engineers who have disabilities work in his directorate. Grounds maintenance and snow removal contractors in Utah will be hired through SourceAmerica (formerly NISH), a nonprofit organization that fits agency needs with the skills of job seekers with disabilities.

“He has integrated this into the fabric of the company,” says Joyce A. Bender, past chair of the board of the American Association of People with Disabilities, who met Davis when he decided NSA needed more diversity. “What makes this work at any company is a passionate leader, someone in leadership, whether it’s in the private sector or a federal agency,” says Bender, a Pittsburgh-based consultant who recruits people with disabilities for work in government and industry.

Her firm refers to NSA about 200 individuals annually for positions in finance, linguistics, math and other specialties. Since 2010, about 550 candidates have been hired. “If he says, ‘I’m going to do something,’ you can count on it that he is going to do it,” Bender says of Davis. “He doesn’t sugarcoat anything. He’s very direct and to the point.”

A Leak During Construction

No matter their background or how they came to NSA, civil servants and contract employees alike all serve in silence. “That’s really the culture of this agency, and we’re really not looking for big accolades,” Davis says. “What really makes the people satisfied here is that they did the job and they did it right and they’re doing things within the appropriate manner.” The mentality is that NSA operates in the dark for the safety of Americans. Some citizens, however, argue it should operate in the sunshine a little more for the safety of democracy.

The secrecy dispute is “a distraction and a weakness that has been presented by this guy,” Snowden, who should not have seen such sensitive information in the first place, says one former NSA official. “They’ve got to do some internal homework about how to keep that data separate,” the ex-official says, adding that technical controls are not very difficult to configure. “How the heck did this guy in Hawaii gain access to all that?”

Some human rights advocates are grateful for the exposure of the agency’s surveillance methods. “Communications about millions of innocent Americans are being stored for five years in a government database—whether or not there is any reason to search our call records, and I don’t think our Constitution allows that,” says Alex Abdo, staff attorney for the American Civil Liberties Union’s National Security Project.

Even some former Pentagon officials say citizens should know NSA’s intentions for the Utah data center. “When you have this much centralization of capabilities, which in government terms can translate into real power—that and resources—it’s important that the public be able to look at these things and figure out what they are doing,” says a cyber official who recently left Defense and now works as a private contractor. The official is not involved in the project and was not authorized to speak on behalf of the department.

A 2012 article in Wired reported that NSA needs the megaplex partially because the Pentagon wants to expand the military global communications network to manage yottabytes of data. “A yottabyte is a septillion bytes—so large that no one has yet coined a term for the next higher magnitude,” the article said. “Should the agency ever fill the Utah center with a yottabyte of information, it would be equal to about 500 quintillion (500,000,000,000,000,000,000) pages of text.” NSA officials told Government Executive, however, they do not discuss such operational details.

An Open House

The contents of the NSA computer fortress might be a mystery to the public, but Davis says his project has been open to congressional and industry scrutiny.

“The military construction process by design is a very, very transparent process. We work through the Corps of Engineers,” he says. “It’s a public discourse. When we give out our request for proposal, that’s through FedBizOpps.gov.” But on the website, many of the work descriptions for that project are locked behind a firewall. NSA spokeswoman Vanee Vines says the documents are restricted because “they must be accounted for and are only for cleared defense contractors.”

Davis acknowledges the controversy over his project has taken an emotional toll. “We’ve been pressured to disclose what’s been going in the Utah Data Center for quite a while independent of the current events,” he says. “My workforce and the workforce that I work with here [in Utah] take our jobs and our responsibility very, very seriously, and for somebody to say that we’re doing something untoward is a pretty big hit on the morale here.”

No matter the outcome of the debate, the Utah computers are expected to go online within two months. This is where the MBA comes in. From choosing a site, to convincing Congress to agree with blueprints to surmounting a late-in-the-game budget chop, balancing the books is key. “Utah is a wonderful place with abundant and inexpensive power,” Davis says. “Plenty of sources of water for cooling.” NSA applied a mathematical model to select the location. The surrounding environment simplified construction. “Utah, because of the facility and the utilities, just came out far and ahead of everywhere else,” he says. “Lots of good roads. We could get the steel in. We could get the concrete in. We have lots of sand pits nearby,” he says. “We built our own cement slabs in that area. It’s pretty well offset from the road for the security that we need for the data center.”

The price tag for the project is in line with industry standards, according to NSA. “It’s actually relatively cheap and I came in under cost,” Davis says, referring to $100 million in savings gained partly by refusing to let contractors adjust the plan. Penny-pinching became mandatory when governmentwide spending cuts, known as sequestration, kicked in this year.

“One of the biggest cost drivers on a project this size is something called an engineering change proposal. They really number in the tens to hundreds in a project of this size,” but one could “count on a couple of hands the numbers of change orders that we allowed to happen,” he says. “We spent a lot of time honing the requirements tightly up front, making sure we knew what we were building, building it, and not going back and changing it later.” That’s the New York strong arm talking.

http://www.defenseone.com/technology/2013/07/nsas-big-dig/67406/

Related Posts On Pronk Palisades

James Bamford — The National Security Agency (NSA) — Videos

Enemy Of The State: Life Imitating Art –National Security Agency Targets American People — Videos

Big Brother Barack Targets All The American People As Enemies of The State and Democratic Party — National Security Agency’s PRISM Is The Secret Security Surveillance State (S4) Means of Invading Privacy and Limiting Liberty — Outrageous Overreach–Videos

No Such Agency — NSA — National Security Agency — Threat To The Liberty and Privacy of The American People — None Of Their Damn Business — Still Trust The Federal Government? — Videos

National Security Agency (NSA) and Federal Bureau Investigation (FBI) Secret Security Surveillance State (S4) Uses Stellar Wind and PRISM To Create Secret Dossiers On All American Citizen Targets Similar To East Germany Stasi Files–Videos

NSA’s PRISM Political Payoff: 40 Million Plus Foreigners Are In USA As Illegal Aliens! — 75% Plus Lean Towards Democratic Party — Pathway To One Party Rule By 2025 If Senate Bill Becomes Law Giving Illegal Aliens Legal Status — 25 Million American Citizens Looking For Full Time Jobs! — Videos

Read Full Post | Make a Comment ( None so far )

Liked it here?
Why not try sites on the blogroll...