November 21st, 2008

Smoke and Fire at the NSA, Part One
john posted in politics & culture on May 15th, 2006

The NSA has been in the news a lot lately, which is surely making the suits squirm at the so-called super-secret agency. The news reports I have read have missed the most important technical point about the NSA and its spying.

News Break: after this story was posted, ABC news reporter Brian Ross posted a piece on FBI searching reporter’s phone records. NPR and The Christian Science Monitor ( search: “FBI checking reporters’ phone records”) have stories on it too.

operators Operators at workbugsweep Sweeping for bugs

The NSA’s job is to listen to massive amounts of global phone, mail, email, radio and Internet traffic. They don’t wiretap with alligator clips and some headphones, they use huge arrays of computers to listen to thousands of calls at once looking for people, places, words, or voices.

First I’ll say I have no inside information at all, and even if I did, NSA would hide behind its secrecy. So just what they did and didn’t do probably won’t ever be fully known. The only solution for citizens then, is to assume that they did pretty much whatever was within their technical ability. This is the where-there-is-smoke-there’s-fire approach. Outside the courts, it’ll have to do, and the only other choice is to stick your head in the sand.

columbia supecomputer
An Intel supercomputer with 10,240 processors.

The second point to remember is that the NSA is just a tool. It does what it is told to do by the Administration. Everything I have read about them makes them sound very professional, and very smart. These are not the Inspector Clouseaus of the spook service. I don’t think they are an evil agency run amok. I do think they have a very strong bond of secrecy and service, even, or especially when they think the generals and politicians are dopes. They probably think most of them are fools or worse. But they do their job anyway.

clouseauThe late Peter Sellers nsa The real thing.

Who are they?
The NSA goes back almost to World War Two, and has been charged with the technical side of spying, especially code-breaking and intercepting messages. They were early users and developers of computers and software, which is an important point in this controversy. Back in the Cold War it was widely acknowledged that the NSA tapped undersea phone cables from submarines in order to listen in on traffic, and used various ultra-high-tech antennas and satellites to gather radio traffic. Today, we now know, most of the US phone companies have simply allowed the NSA into their switch rooms, where they can tap phone and Internet traffic with ease. The billing database we just heard about, lets them associate calling patterns and helps with the needle-in-a-haystack problem.

When you are listening to radio and telephone transmissions, two big problems arise:
1) how to get access to the transmission.
2) how to find interesting bits in the huge storm of data.

Letting the spies into your switch room effectively solves the first problem in the easiest way. The second is a really big problem, especially with phone conversations in multiple languages. However, the telephone world bills by the minute and keeps records of every phone call including the telephone numbers. You’ve seen this on your bill. If you have the phone records, as the NSA now does, and if you have the conversations stored away, well then you can retroactively go back and listen to a recorded conversation, based on some phone record.

Imagine being able to store vast numbers of phone conversations as computer files. The size of the archive could be staggering. But Google and Yahoo are civilian examples of enormous, fast databases, and so it seems realistic to me that the NSA can archive a substantial percentage of all the phone calls it might someday want to hear.

The NSA has worked on speech recognition, computers that can understand human speech, since the 1960’s. With speech recognition, it can listen for keywords in many conversations at once, and pass on the ones that meet the search criteria. With phone records and an archive of calls, they can examine all the calls made to and from a number, plus all the calls to and from all those numbers that connected to the first number, and so on until a sophisticated pattern is developed. There also is software that can recognize a person by the voice itself, and you can be sure that NSA has very good versions of that too. So by storing calls, by searching through them for keywords, by identifying people by voice traits, and by cross-indexing the phone records, the NSA can basically listen to a huge number of phone calls.

Yes, if they want to know every time some one says “honey-pie” or ‘inshallah” they can, and likely identify the person saying it with further effort. If someone wants to hear every conversation between your Senator and a residential cell phone owned by a woman he can.

So what?
Well if you aren’t comfortable with the government reading your mail, email, and listening to your phone calls without a court order, this is infuriating. On the other hand, if Mussolini looks better to you every day, please move somewhere else where you can truly be happy.

The essential point:
The NSA is really wiretapping all or most of your conversations and tracking your connections to other people. They just aren’t doing it with a bunch of guys in earphones. They don’t use a court order because they are filtering all the calls. If they have an actual suspicion, they can get a warrant three days after the fact of having humans listen to calls. So they are wiretapping in order to find out who to tap.


Is this possible from a technical viewpoint?
I think so, if you don’t, then make a comment and we’ll discuss it. One thing to remember: it doesn’t matter if the software sometimes fails to understand speech, or gets too many calls at once. Whatever it does turn out is warrantless eavesdropping on everybody.

What other information do they have?
Everything. No I really mean it. They ( FBI and I am assuming other agencies) buy data from the commercial services such as the credit bureaus and credit card companies, banks, schools, websites, and other databases. Like any mediocre private investigator, they have access to your driver’s license, your titles and deeds, your business records, your legal history, your address and telephone numbers, your work history, your income and so on. My guess is that medical records and IRS records are harder to get. Of course, if they go for the rubber-stamp warrant, they can get all that too.

Can they read my email and track my web browsing?
You mean can someone find out if you look at porn sites, or chat with strangers on dating sites? Does Big Brother know when you are emailing love notes to that cute hunk in marketing? Yes, and in fact you don’t have to be a super-spy with a train-load of money. Any PC with a physical connection to your data on the network can read all of it. The software is free. ( it’s quite useful for debugging)

So what? I am an honest citizen!
Uh huh, sure you are. Here’s a list of examples…-

First class of bad things: mistaken identity
Example- Say they are looking at the history of a motel in Wichita on a certain date. They see that your rental car stopped there for fifteen minutes, but you never rented a room. ( yes Virginia, Hertz tracks the cars with GPS ) They note that the motel was not on the direct route from the airport to your destination. They are interrogating a gunrunner who was selling out of that motel, and they show him your picture, and he gratefully fingers you as the one who bought three machine guns. The real buyer is too dangerous for him to mention.

They check your Internet records and magazine subscriptions and find you read Machine Gun Monthly. They check UPS and your credit cards and find you shipped something heavy from Wichita to Kazakhstan before you got on the plane to go home. By the time they figure out you are the wrong guy, they have poisoned your family, your job, and your social circle with ugly questions and innuendo. You have barely avoided jail. In reality, you were lost in Wichita, stopped to ask directions, and the UPS shipment was drill bits.

Note that the existence of high-tech tracking and databases created the problem. Information ( you were at this hotel at this time when gunrunning occurred ) was created by an accidental result from a database search. Access to the data just made it worse. Because you weren’t really involved you looked more guilty than the guy who was covering his tracks.

Second class of bad things: political party mischief
Example- Just as Richard Nixon burglarized Democratic headquarters, the current President’s campaign weenies decide to play dirty. They get with the White House political adviser who has security clearance, he kicks off a secret investigation into the election supposedly to look for foreign influence over the opposition party. With a top secret clearance he gets to look at the raw data, not just the summary. His computer guys sift it and get the schedule of opposition TV and listen in on their strategy, and they undermine the opposition with the information. Somebody blows the whistle on them from inside the NSA - they spin the story by saying they were looking for foreign influence over the opposition. They get away with it, and still manage to smear the opposition.

Third class of bad things: f-word mischief. Not that f-word, “fascist” is what I meant.
Example- Just as the FBI spied on Martin Luther King, some shadowy agency at DoD or other decides Veterans for Peace or the Animal Sufferance League is a terrorist organization. Of course they never find any evidence, but they do find some adultery and some sloppy bookkeeping. By harassing the members and their creditors, they create suspicions that destroy the organization, close the website, ruin some marriages, and prevent the organization from criticizing the administration any more.

Fourth class of bad things: general Orwellian mischief.
Example- Years of interference - tracking web sites’ membership, personal data, posts, comments, blogs, chat rooms and so forth ruins the free-for-all atmosphere that lets Jawfish post this piece. It becomes too dangerous for good citizens to make comments and criticize the powers that be. Quiet words may be spoken and people don’t get a promotion, a job, an appointment, a grant. The mere fear of this creates a self-censoring society.

Last example: what they are mostly likely to do:
This one is most likely because it accomplishes all the political goals in one action. They listen in on members of the press. They use the information to intimidate both sources and reporters. They’ll use the high-minded excuse that they were closing national security leaks. Just knowing that they might do it will shut down sources.

The very first sources to go silent will be the ones who know about the spying.

What’s your take? Leave a comment.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

Leave a Response

Powered by WebRing.

Xphactinus based on theme by Chris Lin. powered by Wordpress.
XHTML | CSS | RSS feed | Comments RSS