Moderators: Elvis, DrVolin, Jeff
by Hunter » Mon Jun 17, 2013 6:36 pm
by Hunter » Mon Jun 17, 2013 6:44 pm
The document, known as a "primary order," complements a shorter Foreign Intelligence Surveillance court document leaked to The Guardian newspaper earlier this month. That document revealed the U.S. government had been asking Verizon Business Network Services Inc. to turn over, on a daily basis, phone call records for its subscribers, for 90 days. [...]
The still-secret primary order provides more information about the program, spells out specific limits on government authority and includes safeguards to protect the privacy of U.S. citizens, a senior administration official said.
by psynapz » Mon Jun 17, 2013 9:47 pm
by Hunter » Mon Jun 17, 2013 10:39 pm
NSA Deception Operation? Questions Surround Leaked PRISM Document’s Authenticity
Was Edward Snowden spotted before he decided to leak documents, and set up by the NSA?
Multiplying scandals to hide the one scandal that could sink Obama
Multiplying scandals to hide the scandal that could sink Obama
by Jon Rappoport
June 15, 2013
by Wombaticus Rex » Mon Jun 17, 2013 10:56 pm
Alchemy » Mon Jun 17, 2013 9:39 pm wrote:Dont know what to make of this, I believe Ed Snowden is the real deal but I guess some of these questions about him shouldnt be easily dismissed:
http://www.globalresearch.ca/nsa-decept ... ty/5338673
NSA Deception Operation? Questions Surround Leaked PRISM Document’s Authenticity
Was Edward Snowden spotted before he decided to leak documents, and set up by the NSA?
by Hunter » Mon Jun 17, 2013 11:01 pm
by Elvis » Mon Jun 17, 2013 11:17 pm
Contempt of Congress is the act of obstructing the work of the United States Congress or one of its committees.
...Presidential pardons appear not to apply to a civil contempt procedure such as the above, since it is not an "offense against the United States" or against "the dignity of public authority."
...Following a contempt citation, the presiding officer of the chamber is instructed to refer the matter to the U.S. Attorney for the District of Columbia;[9] according to the law it is the "duty" of the U.S. Attorney to refer the matter to a grand jury for action.
http://en.wikipedia.org/wiki/Contempt_of_Congress
Partial list of those held in contempt since 1975
...
Rita Lavelle (Republican),
EPA official April 26, 1983
House Committee on Energy and Commerce House of Representatives Indicted for lying to Congress; convicted; sentenced to 6 months in prison, 5 years probation thereafter, and a fine of $10,000
...
Eric Holder (Democrat), Attorney General June 20, 2012
House Committee on Oversight and Government Reform[13] June 28, 2012
House of Representatives Found in criminal[14] and civil[15] contempt
by Hunter » Tue Jun 18, 2013 12:04 am
It is a good question. Wish I had an answer for you.Elvis » Mon Jun 17, 2013 11:17 pm wrote:Why isn't Clapper being cited for contempt of Congress?Contempt of Congress is the act of obstructing the work of the United States Congress or one of its committees.
...Presidential pardons appear not to apply to a civil contempt procedure such as the above, since it is not an "offense against the United States" or against "the dignity of public authority."
...Following a contempt citation, the presiding officer of the chamber is instructed to refer the matter to the U.S. Attorney for the District of Columbia;[9] according to the law it is the "duty" of the U.S. Attorney to refer the matter to a grand jury for action.
http://en.wikipedia.org/wiki/Contempt_of_Congress
That Wikipedia entry is flagged for problems; if nothing else, there are gray areas.
Not being a newshound much, I missed the fact that, a year ago, Eric Holder was found to be in contempt of Congress:Partial list of those held in contempt since 1975
...
Rita Lavelle (Republican),
EPA official April 26, 1983
House Committee on Energy and Commerce House of Representatives Indicted for lying to Congress; convicted; sentenced to 6 months in prison, 5 years probation thereafter, and a fine of $10,000
...
Eric Holder (Democrat), Attorney General June 20, 2012
House Committee on Oversight and Government Reform[13] June 28, 2012
House of Representatives Found in criminal[14] and civil[15] contempt
No penalty for Holder? No contempt citation for Clapper?
House panel cites Eric Holder for contempt. Will he go to jail?
There's a jail in the US Capitol, but it's not likely to hold Attorney General Holder anytime soon. The executive branch has many options to delay criminal proceedings, which require the Department of Justice to initiate.
Technically speaking, it’s possible he could end up in the slammer. But don’t hold your breath – it almost certainly isn’t going to happen. In the modern era, citing an administration official for contempt is often just a tactical maneuver in a larger Congress-White House dispute. It can put some added pressure on the administration, sure. But the executive branch has lots of ways to delay the resulting legal proceedings.
“Efforts to punish an executive branch official for non-compliance with a subpoena through criminal contempt will likely prove unavailing in many, if not most circumstances,” concludes a newly issued Congressional Research Service report on Congress’s contempt power.
by brekin » Tue Jun 18, 2013 1:23 am
A former Qwest Communications International executive, appealing a conviction for insider trading, has alleged that the government withdrew opportunities for contracts worth hundreds of millions of dollars after Qwest refused to participate in an unidentified National Security Agency program that the company thought might be illegal.
Former chief executive Joseph P. Nacchio, convicted in April of 19 counts of insider trading, said the NSA approached Qwest more than six months before the Sept. 11, 2001, attacks, according to court documents unsealed in Denver this week.Details about the alleged NSA program have been redacted from the documents, but Nacchio's lawyer said last year that the NSA had approached the company about participating in a warrantless surveillance program to gather information about Americans' phone records.
In the court filings disclosed this week, Nacchio suggests that Qwest's refusal to take part in that program led the government to cancel a separate, lucrative contract with the NSA in retribution. He is using the allegation to try to show why his stock sale should not have been considered improper.
Nacchio was convicted for selling shares of Qwest stock in early 2001, just before financial problems caused the company's share price to tumble. He has claimed in court papers that he had been optimistic that Qwest would overcome weak sales because of the expected top-secret contract with the government. Nacchio said he was forbidden to mention the specifics during the trial because of secrecy restrictions, but the judge ruled that the issue was irrelevant to the charges against him.
Nacchio's account, which places the NSA proposal at a meeting on Feb. 27, 2001, suggests that the Bush administration was seeking to enlist telecommunications firms in programs without court oversight before the terrorist attacks on New York and the Pentagon. The Sept. 11 attacks have been cited by the government as the main impetus for its warrantless surveillance efforts.
The allegations could affect the debate on Capitol Hill over whether telecoms sued for disclosing customers' phone records and other data to the government after the Sept. 11 attacks should be given legal immunity, even if they did not have court authorization to do so.
Spokesmen for the Justice Department, the NSA, the White House and the director of national intelligence declined to comment, citing the ongoing legal case against Nacchio and the classified nature of the NSA's activities. Federal filings in the appeal have not yet been disclosed.
In May 2006, USA Today reported that the NSA had been secretly collecting the phone-call records of tens of millions of Americans, using data provided by major telecom firms. Qwest, it reported, declined to participate because of fears that the program lacked legal standing.
In a statement released after the story was published, Nacchio attorney Herbert Stern said that in fall 2001, Qwest was approached to give the government access to the private phone records of Qwest customers. At the time, Nacchio was chairman of the president's National Security Telecommunications Advisory Committee.
"Mr. Nacchio made inquiry as to whether a warrant or other legal process had been secured in support of that request," Stern said. "When he learned that no such authority had been granted and that there was a disinclination on the part of the authorities to use any legal process, including the Special Court which had been established to handle such matters, Mr. Nacchio concluded that these requests violated the privacy requirements of the Telecommunications Act."
Stern could not be reached for comment yesterday. Another lawyer for Nacchio, Jeffrey Speiser, declined to comment on whether the call-records program was the program discussed at the February 2001 meeting.
In a May 25, 2007, order, U.S. District Judge Edward W. Nottingham wrote that Nacchio has asserted that "Qwest entered into two classified contracts valued at hundreds of millions of dollars, without a competitive bidding process and that in 2000 and 2001, he participated in discussion with high-ranking [redacted] representatives concerning the possibility of awarding additional contracts of a similar nature." He wrote, "Those discussions led him to believe that [redacted] would award Qwest contracts valued at amounts that would more than offset the negative warnings he was receiving about Qwest's financial prospects."
The newly released court documents say that, on Feb. 27, 2001, Nacchio and James Payne, then Qwest's senior vice president of government systems, met with NSA officials at Fort Meade, expecting to discuss "Groundbreaker," a project to outsource the NSA's non-mission-critical systems.
The men came out of the meeting "with optimism about the prospect for 2001 revenue from NSA," according to an April 9, 2007, court filing by Nacchio's lawyers that was disclosed this week.
But the filing also claims that Nacchio "refused" to participate in some unidentified program or activity because it was possibly illegal and that the NSA later "expressed disappointment" about Qwest's decision.
"Nacchio said it was a legal issue and that they could not do something that their general counsel told them not to do. . . . Nacchio projected that he might do it if they could find a way to do it legally," the filing said.
Mike German, policy counsel for the American Civil Liberties Union, said the documents show "that there is more to this story about the government's relationship with the telecoms than what the administration has admitted to."
Kurt Opsahl, senior staff attorney for the Electronic Frontier Foundation, said: "It's inappropriate for the government to be awarding a contract conditioned upon an agreement to an illegal program. That truly is what's going on here."The foundation has sued AT&T, charging that it violated privacy laws by cooperating with the government's warrantless surveillance program.
by Elvis » Tue Jun 18, 2013 4:10 am
http://www.etoan.com/phasorphone-secret.htmlPHASORPHONE SECRECY
The Puzzle Palace: A Report on America's Most Secret Agency
James Bamford, Penguin Books, 1983.
[A] foursome of inventors in Seattle, working in their spare time in the back of a garage, managed to develop a new type of voice scrambler. Led by thirty-five-year-old Carl Nicolai, a job-shopper, or technical "Kelly girl," the group called its new invention the Phasorphone and submitted a patent application in October 1977. In April 1978, Nicolai finally received a response from the Patent Office. But when he opened the letter, he was stunned Instead of a patent, his hands held a strange form with the words SECRECY ORDER in large bold letters across the top.
Nicolai had suddenly been assaulted with one of the oldest weapons in the nation's national security arsenal: the Invention Secrecy Act.
[...]
Nicolai's secrecy order told him little except that he faced two years in jail and a $10,000 fine for disclosing any aspect of his device "in any way to any person not cognizant of the invention prior to the date of the order." Nowhere on the order did it say why it was issued or who ordered the action.
[...]
The object of Nicolai's patent application and the NSA's anxiety was a voice privacy system that relied more, apparently, on the science of transmission security than cryptography. As opposed to cryptography, which merely renders the contents of a message unintelligible to those without the key, transmission security conceals the very existence of the message itself. The seed for the Phasorphone was planted in 1960 in an article on communications security by Alfred Pfanstiehl for Analog magazine. Pfanstiehl suggested that instead of the traditional method of transmission, where signals are sent between transmitter and receiver over a single frequency, a system of pseudorandom wave forms be used. Under such a system a code could be devised using pseudorandom alterations of the frequency spectrum exactly synchronized between transmitter and receiver. The system held promise for an area particularly vulnerable to eavesdropping: CB and marine band radio. But it could also be modified for telephone.
http://etoan.com/index.html#intelligent-noiseIn the late 1970's a team of engineers in Seattle designed a secure telephone they called the PhasorPhone. Their attempt to have the design patented resulted in a secrecy order issued at the direction of the National Security Agency (NSA). Some brief exerpts from James Bamford's book The Puzzle Palace describing the situation can be seen by clicking here.
Even TIME magazine ran a story about it in their October 2, 1978 issue. You can read a snippet here.
An Associated Press news story that ran in February 1980 contained the following:
The inventors, who are still working on devices that scramble or encode conversations or computer data, hope they don't run into the NSA again.
"The less we have to do with that agency the better," Raike said.
Timeline
Patent application filed on October 20, 1977.
Secrecy order issued April 21, 1978, at the behest of NSA.
Secrecy order lifted October 11, 1978, after inquiry by Senator Warren Manguson (D-WA).
Patent 4,188,580 granted February 12, 1980. Inventors identified as Carl Nicolai, William Raike and David Miller. Invention assigned to Telesync Corporation of Carmel Valley, California.
Origins
The original design of the PhasorPhone was prompted by an article entitled Intelligent Noise which appeared in the December 1962 issue of Analog magazine. You can read the article by clicking here.
The article makes reference to radar signals using pseudo-noise sequences, which likely refers to either
(a) MIT Lincoln Laboratory's high frequency NOMAC (NOise Modulation and Correlation) system, known under the Army Signal Corps production name F9C. NOMAC was a communications system using noise-like signals and cross-correlation detection. Papers describing this method and system date back to 1952; or
(b) the Jet Propulsion Laboratory (JPL) radio communication system called CODORAC (COded DOppler, Ranging, and Command) that became the basis for what is now the Deep Space Network (DSN).
http://www.etoan.com/phasorphone-time.htmlBureaucratic Scramble
From TIME magazine, October 2, 1978:
Mathematician William M. Raike of the U.S. Navy's Postgraduate School in Monterey, Calif., and three associates from Seattle invented a gadget they call a "phasorphone." It scrambles voices on both ends of a CB radio or phone conversation and costs about $100, far less than similar devices already on the market.
Officials at the National Security Agency were so impressed that they offered the inventors research contracts. When the foursome declined, the agency asked them to sign on as consultants. They refused again. But then the U.S. Patent Office rejected their application for a patent. Reason: NSA had decided that the sale of phasorphones might endanger national security. The agency was willing to reconsider, however, if the inventors would explain how the scrambler works.
Why does the device threaten U.S. security? The answer, NSA replied in the spirit of catch-22, is classified. The inventors have invested $30,000 in their project and received nothing in return. Complains Raike: "We feel that the Government has illegally seized our property."
http://patents.justia.com/assignee/telesync-corporationJustia > Patents > Patents by Assignee Telesync Corporation
Patents by Assignee Telesync Corporation
Secure communication system
Patent number: 4188580
Abstract: A secure communication system for transmitting and receiving an encoded information signal. The system generates at transmitting and receiving locations a predetermined unique pseudorandom code. A synchronized tracking signal is imposed on the information to be transmitted and added to the information to form an intermediate signal. The pseudorandom code is then multiplied by the intermediate signal directly so that the ultimate result appears to assume the character of pseudorandom noise, which is then transmitted to the receiving location. The synchronization and transmitted encoded portion is decoded at the receiver and used to generate a base signal for a pseudorandom generator at the receiving location, as well as initiate initial clocking pulse time for operation of the receiver pseudorandom generator.
Type: Grant
Filed: October 20, 1977
Issued: February 12, 1980
Assignee: Telesync Corporation
Inventors: Carl R. Nicolai, William M. Raike, David L. Miller
by Hunter » Tue Jun 18, 2013 5:06 am
by seemslikeadream » Tue Jun 18, 2013 8:48 am
Senate Intel Committee Blocks Former Staffer From Talking To Press About Oversight Process
BRIAN BEUTLER JUNE 18, 2013, 12:00 AM 1911
The Senate Select Committee on Intelligence has taken the unusual step of actively blocking a former committee aide from talking to TPM about congressional oversight of the intelligence community. At issue isn’t classified sources and methods of intelligence gathering but general information about how the committee functions — and how it should function. The committee’s refusal to allow former general counsel Vicki Divoll to disclose unclassified information to a reporter was the first and only time it has sought to block her from making public comments, based on her experience as one of its most senior aides, since she left Capitol Hill in 2003.
The committee’s decision comes amid fallout from leaks of classified National Security Agency documents by ex-NSA contractor Edward Snowden. In light of the Snowden revelations about the country’s secret surveillance programs, TPM was reporting a story based on interviews with members of Congress and current and former aides about the successes and pitfalls of intelligence oversight on Capitol Hill. The goal was to answer some basic questions for readers: How does a classified process differ from public oversight? What challenges do the combination of government secrecy, classified briefings, and strict committee protocols present to legislators trying to control the nation’s sprawling intelligence apparatus?
Divoll served as a senior aide on the committee from 2000-2003, including two years as its general counsel. Before that, from 1995-2000 she was assistant general counsel for the Central Intelligence Agency, where she also served as deputy legal adviser to the agency’s Counterterrorism Center. After leaving the Senate, Divoll was a fellow at the Harvard Institute of Politics and an adjunct professor at the Naval Academy. She has been regularly cited by reporters in news stories, penned op-eds on counterterrorism and civil liberties, and appeared on television.
The ground rules for the interview were that it would be conducted off the record, but only temporarily, to give Divoll an opportunity to review the accuracy of the quotes she provided, and that those would be placed back on the record.
While Divoll remains legally barred from disclosing classified information, she is also still subject to a non-disclosure agreement with the Senate Intelligence Committee that bars her from discussing committee-sensitive business. Out of an abundance of caution, Divoll also conferred with the committee on Friday about her interview with TPM. She anticipated that the committee would approve the interview, noting that in her post-government career, both the committee and the CIA had never done more than request minor tweaks when she brought them pieces of her writing for pre-publication review.
This, she believed, would be a similar process.
But for the first time in her career, the committee took the extraordinary step, on a bipartisan basis, of declaring the interview’s entire contents a violation of her non-disclosure agreement and effectively forbade her from putting any of it on the record.
“The committee has reviewed your submission … and objected to any publication of the information contained therein,” she was told.
Specifically the committee claimed the information she provided TPM was both “out of date” and “committee sensitive.”
Angered by the committee’s decision, Divoll sought Friday to have it reversed. The committee declined. TPM agreed to honor her request that we leave her comments off the record.
The fact that the Committee is so sensitive about disclosing not only sensitive national security information, but also the nature by which elected officials are allowed to oversee the intelligence community, is a testament to the extreme levels of secrecy tied to the entire process.
In an interview Monday afternoon, an SSCI spokesman explained and defended the committee’s decision.
“I would say that it is pretty uncommon that we would decline a pre-publication review,” the spokesman said. “And the most direct reason is that most submissions that we get for review don’t contain this kind of information.”
That’s a reference to “committee sensitive” information, as defined in the panel’s official rules. Those rules spell out the kinds of disclosures that qualify as “committee sensitive” — documents in the committee’s possession and events that transpire in committee meetings — but they also empower the chair and vice chair or their designees to declare documents and information “committee sensitive” as they see fit on a case-by-case basis.
Most of Divoll’s statements to TPM, however, tracked closely with information gleaned from other sources, and the public record.
Among the insights Divoll shared with us was the important role that staff can and should play in oversight of the executive branch’s intelligence activities.
Feinstein herself addressed this issue on June 9 in an appearance on ABC News.
“We had an intelligence committee meeting on Thursday [June 6], which I opened up to everybody and 27 senators came. You know, we informed them that every senator, the material is available. They can come and see it. One of the strictures with how they classified stuff is no staff. I think that should be changed so that intelligence committee staff can come in with the member and go over and review the material.”
Likewise, one of the committee’s current members, and its former chairman, Sen. Jay Rockefeller (D-WV), provided TPM a statement on Thursday suggesting in broad strokes that the oversight process could be improved.
“We’ve learned from the past that there’s a right way and a wrong way to give Congress the information we need to make decisions about our laws and policies, but I think we’re still a work in progress when it comes to the level of transparency needed for meaningful exchange about ongoing activities,” Rockefeller said. “The Bush Administration launched programs without any legal authority at all and then would show just the Intelligence Committee chairs and vice chairs a few perfunctory flip-charts - which we weren’t allowed to discuss even with each other — just so they could later claim ‘Congress was briefed.’ That created a deep distrust, and for me some skepticism lingers. It took years of wrangling with the intelligence community to open briefings up to more Senators, and there is still a lot of resistance to sharing information more broadly and with the public. But the process works far better today than in the past. The FISA law we passed requires multiple regular reports from the agencies, so if we see irregularities or areas of concern, we can pursue those.”
Rockefeller’s recollections and perspective are highly compatible with Divoll’s as well.
The committee spokesman said Divoll could have modified her statements to TPM and resubmitted them to the committee.
“We have done that in other cases in the past,” he said.
Reached Monday, though, Divoll insisted she was provided no opportunity for revision. “In the past if changes were necessary, those were requested,” she said.
Our reporting yielded other, more specific details about the nature of intelligence oversight and intelligence committee legislating that we hope to share with you in a future article.
by Hunter » Tue Jun 18, 2013 10:41 am
by seemslikeadream » Tue Jun 18, 2013 3:47 pm
Overseas Cyber-attack Target Memo for Obama to Include the Possibility of Use Inside U.S.
MARK KARLIN, EDITOR OF BUZZFLASH AT TRUTHOUT
Nearly lost in the scandal of domestic data mining, spyng and possible phone call monitoring of US citizens revealed by Glenn Greenwald is an article he co-authored on June 7. In the Guardian UK piece, Greenwald and co-author Ewen MacAskill discuss the implications of President Obama authorizing the targeting of nations, organizations, and just about anybody for US government initiated cyber-attacks.
(Here is the full document obtained by Greenwald and the Guardian and sub-titled by the paper, "Eighteen-page presidential memo reveals how Barack Obama has ordered intelligence officials to draw up a list of potential overseas targets for US cyber attacks.")
The directive focuses on overseas targets, which some might think is necessary in an age when digital technology may be as powerful a weapons as bombs and military might in wielding global power. But that raises the concerns that cyber-warfare may lead to military conflict. As the article cautions:
In the presidential directive, the criteria for offensive cyber operations in the directive is not limited to retaliatory action but vaguely framed as advancing "US national objectives around the world". The revelation that the US is preparing a specific target list for offensive cyber-action is likely to reignite previously raised concerns of security researchers and academics, several of whom have warned that large-scale cyber operations could easily escalate into full-scale military conflict.
But the domestic implications of the Obama directive also put the Internet within the United States at peril, with the potential for overseas "enemies" once again threatening – as with the so-called "Patriot Act" – domestic freedom:
Earlier this year, the Pentagon publicly accused China for the first time of being behind attacks on the US. The Washington Post reported last month that Chinese hackers had gained access to the Pentagon's most advanced military programs.
The director of national intelligence, James Clapper, identified cyber threats in general as the top national security threat.Obama officials have repeatedly cited the threat of cyber-attacks to advocate new legislation that would vest the US government with greater powers to monitor and control the internet as a means of guarding against such threats.
One such bill currently pending in Congress, the Cyber Intelligence Sharing and Protection Act (Cispa), has prompted serious concerns from privacy groups, who say that it would further erode online privacy while doing little to enhance cyber security.
So the threat of cyber-attacks from abroad is being used to leverage passage of legislation that would tighten government control over the Internet within the United States.
It is widely believed that the US and Israel jointly launched the Stuxnet cyber-attack on Iranian's nuclear program, in specific its centrifuges. And there is widespread speculation that cyber-attacks on a smaller scale are already being undertaken by US intelligence agencies.
This is likely occurring even as the US is accusing China of using cyber assaults and hacking to retrieve both military and corporate secrets from US servers. As with drones, this cyber warfare is dependent upon a technological knowledge and capability that the United States cannot keep from spreading. This means that the possibilities for blowback against our own security are highly probable.
As for assurances that Americans will not be the targets of cyber-attacks, Greenwald and his co-author are hardly optimistic:
The directive provides that any cyber-operations "intended or likely to produce cyber effects within the United States" require the approval of the president, except in the case of an "emergency cyber action". When such an emergency arises, several departments, including the department of defense, are authorized to conduct such domestic operations without presidential approval.
So we have a president who has an assassination list and decides or delegates who shall live and who shall die; we have a president who has authorized the vast intelligence apparatus of the United States government to gather private data and communication records of American citizens; and now courtesy of the Guardian UK, we discover that we may be subject to cyber-attacks without even presidential approval when there is an "emergency."
Who is to say that this won't be used against environmentalists, whistleblowers, the Occupy Movement, journalists and any person or organization that advocates for changing the status quo.
Is the surveillance and cyber-attack state being built to protect the citizens of the United State or to protect the corporate/political ruling elite from the citizens of the United States?
The evidence keeps mounting that it is the latter, incrementally creeping in upon us like a dark blinding fog.
by seemslikeadream » Tue Jun 18, 2013 6:00 pm
Has U.S. started an Internet war?
By Bruce Schneier, Special to CNN
June 18, 2013 -- Updated 1446 GMT (2246 HKT)
(CNN) -- Today, the United States is conducting offensive cyberwar actions around the world.
More than passively eavesdropping, we're penetrating and damaging foreign networks for both espionage and to ready them for attack. We're creating custom-designed Internet weapons, pre-targeted and ready to be "fired" against some piece of another country's electronic infrastructure on a moment's notice.
This is much worse than what we're accusing China of doing to us. We're pursuing policies that are both expensive and destabilizing and aren't making the Internet any safer. We're reacting from fear, and causing other countries to counter-react from fear. We're ignoring resilience in favor of offense.
Bruce Schneier
Welcome to the cyberwar arms race, an arms race that will define the Internet in the 21st century.
Presidential Policy Directive 20, issued last October and released by Edward Snowden, outlines U.S. cyberwar policy. Most of it isn't very interesting, but there are two paragraphs about "Offensive Cyber Effect Operations," or OCEO, that are intriguing:
"OECO can offer unique and unconventional capabilities to advance U.S. national objectives around the world with little or no warning to the adversary or target and with potential effects ranging from subtle to severely damaging. The development and sustainment of OCEO capabilities, however, may require considerable time and effort if access and tools for a specific target do not already exist.
"The United States Government shall identify potential targets of national importance where OCEO can offer a favorable balance of effectiveness and risk as compared with other instruments of national power, establish and maintain OCEO capabilities integrated as appropriate with other U.S. offensive capabilities, and execute those capabilities in a manner consistent with the provisions of this directive."
Opinion: Cyber arms control? Forget about it
Obama: NSA programs are transparent Releasing NSA leaks: A public service? NSA fallout could be 'harmful' Could the NSA leaker defect to China?
These two paragraphs, and another paragraph about OCEO, are the only parts of the document classified "top secret." And that's because what they're saying is very dangerous.
Cyberattacks have the potential to be both immediate and devastating. They can disrupt communications systems, disable national infrastructure, or, as in the case of Stuxnet, destroy nuclear reactors; but only if they've been created and targeted beforehand. Before launching cyberattacks against another country, we have to go through several steps.
We have to study the details of the computer systems they're running and determine the vulnerabilities of those systems. If we can't find exploitable vulnerabilities, we need to create them: leaving "back doors" in hacker speak. Then we have to build new cyberweapons designed specifically to attack those systems.
Sometimes we have to embed the hostile code in those networks, these are called "logic bombs," to be unleashed in the future. And we have to keep penetrating those foreign networks, because computer systems always change and we need to ensure that the cyberweapons are still effective.
Like our nuclear arsenal during the Cold War, our cyberweapons arsenal must be pretargeted and ready to launch.
That's what Obama directed the U.S. Cyber Command to do. We can see glimpses in how effective we are in Snowden's allegations that the NSA is currently penetrating foreign networks around the world: "We hack network backbones -- like huge Internet routers, basically -- that give us access to the communications of hundreds of thousands of computers without having to hack every single one."
The NSA and the U.S. Cyber Command are basically the same thing. They're both at Fort Meade in Maryland, and they're both led by Gen. Keith Alexander. The same people who hack network backbones are also building weapons to destroy those backbones. At a March Senate briefing, Alexander boasted of creating more than a dozen offensive cyber units.
Longtime NSA watcher James Bamford reached the same conclusion in his recent profile of Alexander and the U.S. Cyber Command (written before the Snowden revelations). He discussed some of the many cyberweapons the U.S. purchases:
"According to Defense News' C4ISR Journal and Bloomberg Businessweek, Endgame also offers its intelligence clients -- agencies like Cyber Command, the NSA, the CIA, and British intelligence -- a unique map showing them exactly where their targets are located. Dubbed Bonesaw, the map displays the geolocation and digital address of basically every device connected to the Internet around the world, providing what's called network situational awareness. The client locates a region on the password-protected web-based map, then picks a country and city -- say, Beijing, China. Next the client types in the name of the target organization, such as the Ministry of Public Security's No. 3 Research Institute, which is responsible for computer security -- or simply enters its address, 6 Zhengyi Road. The map will then display what software is running on the computers inside the facility, what types of malware some may contain, and a menu of custom-designed exploits that can be used to secretly gain entry. It can also pinpoint those devices infected with malware, such as the Conficker worm, as well as networks turned into botnets and zombies -- the equivalent of a back door left open...
"The buying and using of such a subscription by nation-states could be seen as an act of war. 'If you are engaged in reconnaissance on an adversary's systems, you are laying the electronic battlefield and preparing to use it' wrote Mike Jacobs, a former NSA director for information assurance, in a McAfee report on cyberwarfare. 'In my opinion, these activities constitute acts of war, or at least a prelude to future acts of war.' The question is, who else is on the secretive company's client list? Because there is as of yet no oversight or regulation of the cyberweapons trade, companies in the cyber-industrial complex are free to sell to whomever they wish. "It should be illegal,' said the former senior intelligence official involved in cyberwarfare. 'I knew about Endgame when I was in intelligence. The intelligence community didn't like it, but they're the largest consumer of that business.'"
That's the key question: How much of what the United States is currently doing is an act of war by international definitions? Already we're accusing China of penetrating our systems in order to map "military capabilities that could be exploited during a crisis." What PPD-20 and Snowden describe is much worse, and certainly China, and other countries, are doing the same.
All of this mapping of vulnerabilities and keeping them secret for offensive use makes the Internet less secure, and these pre-targeted, ready-to-unleash cyberweapons are destabalizing forces on international relationships. Rooting around other countries' networks, analyzing vulnerabilities, creating back doors, and leaving logic bombs could easily be construed as an act of war. And all it takes is one over-achieving national leader for this all to tumble into actual war.
It's time to stop the madness. Yes, our military needs to invest in cyberwar capabilities, but we also need international rules of cyberwar, more transparency from our own government on what we are and are not doing, international cooperation between governments and viable cyberweapons treaties. Yes, these are difficult. Yes, it's a long slow process. Yes, there won't be international consensus, certainly not in the beginning. But even with all of those problems, it's a better path to go down than the one we're on now.
We can start by taking most of the money we're investing in offensive cyberwar capabilities and spend them on national cyberspace resilience. MAD, mutually assured destruction, made sense because there were two superpowers opposing each other. On the Internet there are all sorts of different powers, from nation-states to much less organized groups. An arsenal of cyberweapons begs to be used, and, as we learned from Stuxnet, there's always collateral damage to innocents when they are. We're much safer with a strong defense than with a counterbalancing offense.
Users browsing this forum: No registered users and 177 guests