Tuesday, December 20, 2005

Sniffing around

It's very plausible to me that the latest Bush perfidy - secretly approving widespread spying by the NSA on US citizens in the wake of 9/11 - is not about phone wiretapping at all. It's about large scale monitoring of Internet communications.

The press has pointed out repeatedly that the 1978 FISA law allows the government to wiretap on short notice, even to wiretap first and then ask a FISA court for permission retroactively. So, the Bush administration's claim that existing legal requirements slowed things down and "jeopardized national security" is just wrong, and informed people know this.

I suspect what is really going on is that in the wake of 9/11 Bush authorized large scale monitoring of Internet communications, probably by allowing NSA to tap into the backbone. There was a lot of discussion of similar programs, such as Poindexter's Total Information Awareness (TIA) system. Technically, it would not be hard to sample Internet traffic, looking for email or Web activity with certain key words or patterns. However, 100% coverage is probably beyond anyone's capability at the moment.

The problem with this is that you only catch dumb terrorists (maybe that's good enough). As I pointed out before, even widely available communication tools like Skype allow for unbreakable encrypted communication. Don't all terrorists, even ones who don't understand how the Internet works, simply assume that it is being monitored (at least in some weak way)? If so, how can Bush claim that whistleblowers jeopardized national security by leaking information about this illegal program?

BTW, good thing Rockefeller (Senate Intel. Cmmte.) kept a copy of the letter he sent to Cheney. The Bushies claim (lying again) that they got congressional approval, conveniently leaving out that Rockefeller protested immediately about the legality of the program (as did Daschle, who claims the briefings may also have been technically misleading).

Note Added: Administration officials are very careful to state that only "communications" between the US and foreign countries are being monitored. I suppose this means that if your packets don't leave the US, they aren't sniffed. However, all Blackberry users should be aware that their email likely travels through servers in Canada, so is potentially subject to monitoring :-) This Times article seems to confirm that email is intercepted.

TalkLeft: Why do Gonzales and Condi Rice keep mentioning the "technical" aspects of the program as a dodge around FISA?

Why this seemingly inconsequential parsing by Bush of the difference between "monitoring and detection"? Bush says they use FISA if they're monitoring, but this is about "detection."

Why, in his letter, does Rockefeller state that he's "not a technician."?
Why the mention of TIA in Rockefeller's letter?
And why the mention of "large batches of numbers all at once"?


These are not phone numbers we're talking about...These are IP addresses, email addresses.

A system is in place that basically filters on certain triggers (text, phoneme, etc.) within Internet "conversations." This is "detection" or at least its tortured definition that was placed in this idiot Bush's mind. "Monitoring" would be recording an entire conversation, like in a phone conversation.

That system then collects information on those conversations including...ta da...source and destination IP addresses. Those IP addresses can then be stored for further investigation on other "conversations."


Wolfgang said...


this is exactly my suspicion as well.
The reason they could not use FISA was simply because there were too many cases, e.g. several million per day.

Steve Hsu said...

Now that I think about it, even if they were still only monitoring phone communications (and not yet branching out into the Internet), the sheer volume of "triggers" might make FISA unworkable for them. If you get even thousands of recorded calls per day that you would like to look into (very possible using Echelon), that would overwhelm the FISA court. So automation even at the telco sniffing level might require this abrogation of our rights :-)

See here for some Echelon hardware discussion:

Anonymous said...

RE: Foreign Internet Traffic -
Not only may internet traffic be routed out of the country for legitimate operational purposes, they may be routed out of the country ... say ... due to some sort of outage, maintenance period, testing or other error. These sorts of errors can easily be encouraged by crafty third parties.

Steve Hsu said...

Yes, but for the vast majority of traffic between two US users no packets will leave the country (except perhaps to Canada? There might be tier 1 peering that goes through Toronto).

I am now remembering some things from an earlier life. It is (was?) illegal for NSA to spy on Americans at home, so they would rely on their partners (UK-AUS-CA) to spy on domestic communications and vice versa. Perhaps this got too cumbersome for Bush, or the others didn't have the manpower for the volume of surveillance he wanted.

So, I guess there is a story which is pure telco (no Internet) that nevertheless requires them to go beyond FISA.

It's cetainly possible that this increased monitoring (Internet or telco) increases our security. But there are always tradeoffs between liberties and securities, and I object to the way this was pursued by the Bushies. I believe it is illegal under the constitution.

Anonymous said...

Your comment about "dumb terrorists" reminded me of something I was reading about intelligence operations in Iraq. The article I was reading stated that radio transmisions were being intercepted in Iraq, sent back to the US (I assume to the NSA) and then "being decrypted" and sent back to field. All in real time. What struck me as amazing about this assertion was the line "being decrypted." What the heck kind of security is being cracked by the NSA in real time?! Of course it could have been that they were just "translating" the radio, and the writer just screwed this up, but sheesh, I've got to say that either the NSA kicks more computational butt than I thought, or the Iraqi's are just plain dumb in their cryptography.

Also, how sure are we that tier 1 is not "hijacked in duplicate" at some point and then exported to foreign soil? This doesn't sound too crazy to me.

Steve Hsu said...

>Also, how sure are we that tier 1 is not
> "hijacked in duplicate" at some point
> and then exported to foreign soil?

Enormous resources required to do that, and interfering with a lot of ISPs. Impossible to conceal from the public.

Much easier: NSA/Homeland Sec. just go to a bunch of big Tier 1 ISPs and tell them they want to put in some sniffers in the cages with all the routers, etc. Even then they could probably only sniff a fraction of the traffic. Perhaps they only grab packets destined for certain "foreign" IP addresses?

Anonymous said...

Clinton did it:

Carter did it:

Wash Post July 1994:
Extend not only to searches of the homes of U.S. citizens but also -- in the delicate words of a Justice Department official -- to "places where you wouldn't find or would be unlikely to find information involving a U.S. citizen... would allow the government to use classified electronic surveillance techniques, such as infrared sensors to observe people inside their homes, without a court order."

Deputy Attorney General Jamie S. Gorelick, the Clinton administration believes the president "has inherent authority to conduct warrantless searches for foreign intelligence purposes."

Secret searches and wiretaps of Aldrich Ames's office and home in June and October 1993, both without a federal warrant.

Anonymous said...

The Dems don't want to achieve victory in Iraq:

But they don't want to withdraw:

Anonymous said...

Do you object to the following warrantless searches: http://www.nationalreview.com/

Anonymous said...

Looks like the real reason the NY times wanted to break the story is coming out:

Steve Hsu said...

What was the need for FISA in 1978 if indeed individual Americans don't have privacy rights? The level of intrusion here is unprecedented -- thousands of conversations (whether voice or data; presumably over a period of days or more) recorded without any judicial supervision.

I'm not arguing that it isn't useful in fighting terror. Possibly it is quite useful. But it is clearly unprecedented in scope.

The Bushies themselves don't buy your arguments -- they are appealing directly to an aggressive interpretation of Presidential war powers. It is clear they are arguing a new line of interpretation, one that has, at least, not been in vogue for the last 30 years or more. This administration has been completely cavalier about the risk of constitutional crisis. Bush is no more a "war president" than Ronald Reagan or Jimmy Carter. (The foreign threat to the US was much greater then.)

At the White House, spokesman Scott McClellan was asked to explain why Bush last year said, "Any time you hear the United States government talking about wiretap, it requires -- a wiretap requires a court order. Nothing has changed, by the way. When we're talking about chasing down terrorists, we're talking about getting a court order before we do so."

Blog Archive