Categories
Intelwars national security policy NSA

Michael Ellis as NSA General Counsel

Over at Lawfare, Susan Hennessey has an excellent primer on how Trump loyalist Michael Ellis got to be the NSA General Counsel, over the objections of NSA Director Paul Nakasone, and what Biden can and should do about it.

While important details remain unclear, media accounts include numerous indications of irregularity in the process by which Ellis was selected for the job, including interference by the White House. At a minimum, the evidence of possible violations of civil service rules demand immediate investigation by Congress and the inspectors general of the Department of Defense and the NSA.

The moment also poses a test for President-elect Biden’s transition, which must address the delicate balance between remedying improper politicization of the intelligence community, defending career roles against impermissible burrowing, and restoring civil service rules that prohibit both partisan favoritism and retribution. The Biden team needs to set a marker now, to clarify the situation to the public and to enable a new Pentagon general counsel to proceed with credibility and independence in investigating and potentially taking remedial action upon assuming office.

The NSA general counsel is not a Senate-confirmed role. Unlike the general counsels of the CIA, Pentagon and Office of the Director of National Intelligence (ODNI), all of which require confirmation, the NSA’s general counsel is a senior career position whose occupant is formally selected by and reports to the general counsel of the Department of Defense. It’s an odd setup — ­and one that obscures certain realities, like the fact that the NSA general counsel in practice reports to the NSA director. This structure is the source of a perennial legislative fight. Every few years, Congress proposes laws to impose a confirmation requirement as more appropriately befits an essential administration role, and every few years, the executive branch opposes those efforts as dangerously politicizing what should be a nonpolitical job.

While a lack of Senate confirmation reduces some accountability and legislative screening, this career selection process has the benefit of being designed to eliminate political interference and to ensure the most qualified candidate is hired. The system includes a complex set of rules governing a selection board that interviews candidates, certifies qualifications and makes recommendations guided by a set of independent merit-based principles. The Pentagon general counsel has the final call in making a selection. For example, if the panel has ranked a first-choice candidate, the general counsel is empowered to choose one of the others.

Ryan Goodman has a similar article at Just Security.

Share
Categories
backdoors Intelwars national security policy NSA privacy Surveillance Terrorism

The NSA is Refusing to Disclose its Policy on Backdooring Commercial Products

Senator Ron Wyden asked, and the NSA didn’t answer:

The NSA has long sought agreements with technology companies under which they would build special access for the spy agency into their products, according to disclosures by former NSA contractor Edward Snowden and reporting by Reuters and others.

These so-called back doors enable the NSA and other agencies to scan large amounts of traffic without a warrant. Agency advocates say the practice has eased collection of vital intelligence in other countries, including interception of terrorist communications.

The agency developed new rules for such practices after the Snowden leaks in order to reduce the chances of exposure and compromise, three former intelligence officials told Reuters. But aides to Senator Ron Wyden, a leading Democrat on the Senate Intelligence Committee, say the NSA has stonewalled on providing even the gist of the new guidelines.

[…]

The agency declined to say how it had updated its policies on obtaining special access to commercial products. NSA officials said the agency has been rebuilding trust with the private sector through such measures as offering warnings about software flaws.

“At NSA, it’s common practice to constantly assess processes to identify and determine best practices,” said Anne Neuberger, who heads NSA’s year-old Cybersecurity Directorate. “We don’t share specific processes and procedures.”

Three former senior intelligence agency figures told Reuters that the NSA now requires that before a back door is sought, the agency must weigh the potential fallout and arrange for some kind of warning if the back door gets discovered and manipulated by adversaries.

The article goes on to talk about Juniper Networks equipment, which had the NSA-created DUAL_EC PRNG backdoor in its products. That backdoor was taken advantage of by an unnamed foreign adversary.

Juniper Networks got into hot water over Dual EC two years later. At the end of 2015, the maker of internet switches disclosed that it had detected malicious code in some firewall products. Researchers later determined that hackers had turned the firewalls into their own spy tool here by altering Juniper’s version of Dual EC.

Juniper said little about the incident. But the company acknowledged to security researcher Andy Isaacson in 2016 that it had installed Dual EC as part of a “customer requirement,” according to a previously undisclosed contemporaneous message seen by Reuters. Isaacson and other researchers believe that customer was a U.S. government agency, since only the U.S. is known to have insisted on Dual EC elsewhere.

Juniper has never identified the customer, and declined to comment for this story.

Likewise, the company never identified the hackers. But two people familiar with the case told Reuters that investigators concluded the Chinese government was behind it. They declined to detail the evidence they used.

Okay, lots of unsubstantiated claims and innuendo here. And Neuberger is right; the NSA shouldn’t share specific processes and procedures. But as long as this is a democratic country, the NSA has an obligation to disclose its general processes and procedures so we all know what they’re doing in our name. And if it’s still putting surveillance ahead of security.

Share
Categories
China hacking Intelwars NSA vulnerabilities

NSA Advisory on Chinese Government Hacking

The NSA released an advisory listing the top twenty-five known vulnerabilities currently being exploited by Chinese nation-state attackers.

This advisory provides Common Vulnerabilities and Exposures (CVEs) known to be recently leveraged, or scanned-for, by Chinese state-sponsored cyber actors to enable successful hacking operations against a multitude of victim networks. Most of the vulnerabilities listed below can be exploited to gain initial access to victim networks using products that are directly accessible from the Internet and act as gateways to internal networks. The majority of the products are either for remote access (T1133) or for external web services (T1190), and should be prioritized for immediate patching.

Share
Categories
Edward Snowden google Intelwars national security policy NSA privacy searches Surveillance

Google Responds to Warrants for “About” Searches

One of the things we learned from the Snowden documents is that the NSA conducts “about” searches. That is, searches based on activities and not identifiers. A normal search would be on a name, or IP address, or phone number. An about search would something like “show me anyone that has used this particular name in a communications,” or “show me anyone who was at this particular location within this time frame.” These searches are legal when conducted for the purpose of foreign surveillance, but the worry about using them domestically is that they are unconstitutionally broad. After all, the only way to know who said a particular name is to know what everyone said, and the only way to know who was at a particular location is to know where everyone was. The very nature of these searches requires mass surveillance.

The FBI does not conduct mass surveillance. But many US corporations do, as a normal part of their business model. And the FBI uses that surveillance infrastructure to conduct its own about searches. Here’s an arson case where the FBI asked Google who searched for a particular street address:

Homeland Security special agent Sylvette Reynoso testified that her team began by asking Google to produce a list of public IP addresses used to google the home of the victim in the run-up to the arson. The Chocolate Factory [Google] complied with the warrant, and gave the investigators the list. As Reynoso put it:

On June 15, 2020, the Honorable Ramon E. Reyes, Jr., United States Magistrate Judge for the Eastern District of New York, authorized a search warrant to Google for users who had searched the address of the Residence close in time to the arson.

The records indicated two IPv6 addresses had been used to search for the address three times: one the day before the SUV was set on fire, and the other two about an hour before the attack. The IPv6 addresses were traced to Verizon Wireless, which told the investigators that the addresses were in use by an account belonging to Williams.

Google’s response is that this is rare:

While word of these sort of requests for the identities of people making specific searches will raise the eyebrows of privacy-conscious users, Google told The Register the warrants are a very rare occurrence, and its team fights overly broad or vague requests.

“We vigorously protect the privacy of our users while supporting the important work of law enforcement,” Google’s director of law enforcement and information security Richard Salgado told us. “We require a warrant and push to narrow the scope of these particular demands when overly broad, including by objecting in court when appropriate.

“These data demands represent less than one per cent of total warrants and a small fraction of the overall legal demands for user data that we currently receive.”

Here’s another example of what seems to be about data leading to a false arrest.

According to the lawsuit, police investigating the murder knew months before they arrested Molina that the location data obtained from Google often showed him in two places at once, and that he was not the only person who drove the Honda registered under his name.

Avondale police knew almost two months before they arrested Molina that another man ­ his stepfather ­ sometimes drove Molina’s white Honda. On October 25, 2018, police obtained records showing that Molina’s Honda had been impounded earlier that year after Molina’s stepfather was caught driving the car without a license.

Data obtained by Avondale police from Google did show that a device logged into Molina’s Google account was in the area at the time of Knight’s murder. Yet on a different date, the location data from Google also showed that Molina was at a retirement community in Scottsdale (where his mother worked) while debit card records showed that Molina had made a purchase at a Walmart across town at the exact same time.

Molina’s attorneys argue that this and other instances like it should have made it clear to Avondale police that Google’s account-location data is not always reliable in determining the actual location of a person.

“About” searches might be rare, but that doesn’t make them a good idea. We have knowingly and willingly built the architecture of a police state, just so companies can show us ads. (And it is increasingly apparent that the advertising-supported Internet is heading for a crash.)

Share
Categories
amazon Intelwars NSA privacy Surveillance

Former NSA Director Keith Alexander Joins Amazon’s Board of Directors

This sounds like a bad idea.

Share
Categories
cyberespionage Cybersecurity Espionage FBI implants Intelwars Malware NSA Russia

Drovorub Malware

The NSA and FBI have jointly disclosed Drovorub, a Russian malware suite that targets Linux.

Detailed advisory. Fact sheet. News articles. Reddit thread.

Share
Categories
Cybersecurity geolocation Intelwars Military NSA riskassessment risks Smartphones tracking

The NSA on the Risks of Exposing Location Data

The NSA has issued an advisory on the risks of location data.

Mitigations reduce, but do not eliminate, location tracking risks in mobile devices. Most users rely on features disabled by such mitigations, making such safeguards impractical. Users should be aware of these risks and take action based on their specific situation and risk tolerance. When location exposure could be detrimental to a mission, users should prioritize mission risk and apply location tracking mitigations to the greatest extent possible. While the guidance in this document may be useful to a wide range of users, it is intended primarily for NSS/DoD system users.

The document provides a list of mitigation strategies, including turning things off:

If it is critical that location is not revealed for a particular mission, consider the following recommendations:

  • Determine a non-sensitive location where devices with wireless capabilities can be secured prior to the start of any activities. Ensure that the mission site cannot be predicted from this location.
  • Leave all devices with any wireless capabilities (including personal devices) at this non-sensitive location. Turning off the device may not be sufficient if a device has been compromised.
  • For mission transportation, use vehicles without built-in wireless communication capabilities, or turn off the capabilities, if possible.

Of course, turning off your wireless devices is itself a signal that something is going on. It’s hard to be clandestine in our always connected world.

News articles.

Share
Categories
Cryptography Cybersecurity Intelwars NSA securityanalysis VPN

NSA on Securing VPNs

The NSA’s Central Security Service — that’s the part that’s supposed to work on defense — has released two documents (a full and an abridged version) on securing virtual private networks. Some of it is basic, but it contains good information.

Maintaining a secure VPN tunnel can be complex and requires regular maintenance. To maintain a secure VPN, network administrators should perform the following tasks on a regular basis:

  • Reduce the VPN gateway attack surface
  • Verify that cryptographic algorithms are Committee on National Security Systems Policy (CNSSP) 15-compliant
  • Avoid using default VPN settings
  • Remove unused or non-compliant cryptography suites
  • Apply vendor-provided updates (i.e. patches) for VPN gateways and clients
Share
Categories
Barton Gellman believe their own lie Censored collectivism Conspiracy Fact and Theory conspiracy theorists correct deceive the public false beliefs FIRSTFRUIT Headline News incorrect. establishment media individual thoughts Intelwars James Corbett journalists Mainstream media Melissa Dykes NSA political lies propaganda ruling class spying lies

James Corbett: “The Most Effective Propagandists BELIEVE The Lies” That They Are Peddling

James Corbett of the Corbett report takes on the propagandists on a regular basis. In a recent video posted to YouTube, Corbett says that “the most effective propagandists BELIEVE the lies” that they are peddling.

People have become so convinced that other propagandists are telling them the truth that they fail to have any individual thoughts on their own, and peddle lies they believe to be true. In this example, Corbett looks specifically at Barton Gellman, an American journalist who helps deceive the public through his own false beliefs.  Gellman is with the Washington Post.

“We tend to think the propagandists are self-consciously lying to the public, but there are moments when the mask slips and we see that the most effective propagandists are the ones that actually believe their own lies,” reads the Corbett Report‘s description of this video. 

 

At 3:00 into the video, Corbett explains that a section of Gellman’s book has been very revealing about the levels of propaganda he’s willing to inundate readers with:

Apparently, even when “conspiracy theorists” are right, they are still wrong. Just as the government and mainstream media want everyone to believe. Gellman concluded that the NSA’s operation “FIRSTFRUIT” that was spying on journalists was just a crazy conspiracy theory and we should look away and not focus on it any longer.

However, Corbett sheds some light on this:

“This is about belief and the worldview, and this is what you get from these mainstream ‘respectable’ journalists, in fact, it’s what you get from every journalist of course, as I’ve talked about before. The myth of journalistic objectivity. But Gellman rides on that cloud of objectivity. He has the ‘objective viewpoint’…‘don’t think too deeply about that’…” –James Corbett

This reminds me of another quote I’ve had a hard time forgetting since hearing it:

The things that are going to be blocked are not going to be fake storiesThe things that are going to be blocked and censored, the things they are going to keep from people is going to be stuff they just don’t want you to focus on or know about.” – Melissa Dykes

Gellman’s take on accurate reporting from sources he just doesn’t like reveals something we should all be aware of:

“I think it does say something important about propaganda and how it BEST functions through establishment media mouthpieces. Again, it’s not that they have to hire liars who will knowingly know the truth but then go out and lie and propagandize for the lies and put those in front of the public as self-conscious lies. No. The most effective propagandists are people like Gellman who you know really deep down, really believe this propaganda construct that they are pushing out to others.James Corbett

“Perhaps the biggest conspiracy theory is that conspiracies don’t exist,” commented a random person on Corbett’s video. The truth in that statement, shouldn’t be lost on anyone who has been paying attention, especially lately.

Share
Categories
Books Intelwars NSA snowden Videos

Conspiracy Theorists Are Wrong!!! . . . Even When They’re Right! – #PropagandaWatch

We tend to think the propagandists are self-consciously lying to the public, but there are moments when the mask slips and we see that the most effective propagandists are the ones that actually believe their own lies. Today we look at one such moment of zen.

Share
Categories
Books edwardsnowden Intelwars NSA operationalsecurity privacy Surveillance

Bart Gellman on Snowden

Bart Gellman’s long-awaited (at least by me) book on Edward Snowden, Dark Mirror: Edward Snowden and the American Surveillance State, will finally be published in a couple of weeks. There is an adapted excerpt in the Atlantic.

It’s an interesting read, mostly about the government surveillance of him and other journalists. He speaks about an NSA program called FIRSTFRUITS that specifically spies on US journalists. (This isn’t news; we learned about this in 2006. But there are lots of new details.)

One paragraph in the excerpt struck me:

Years later Richard Ledgett, who oversaw the NSA’s media-leaks task force and went on to become the agency’s deputy director, told me matter-of-factly to assume that my defenses had been breached. “My take is, whatever you guys had was pretty immediately in the hands of any foreign intelligence service that wanted it,” he said, “whether it was Russians, Chinese, French, the Israelis, the Brits. Between you, Poitras, and Greenwald, pretty sure you guys can’t stand up to a full-fledged nation-state attempt to exploit your IT. To include not just remote stuff, but hands-on, sneak-into-your-house-at-night kind of stuff. That’s my guess.”

I remember thinking the same thing. It was the summer of 2013, and I was visiting Glenn Greenwald in Rio de Janeiro. This was just after Greenwald’s partner was detained in the UK trying to ferry some documents from Laura Poitras in Berlin back to Greenwald. It was an opsec disaster; they would have been much more secure if they’d emailed the encrypted files. In fact, I told them to do that, every single day. I wanted them to send encrypted random junk back and forth constantly, to hide when they were actually sharing real data.

As soon as I saw their house I realized exactly what Ledgett said. I remember standing outside the house, looking into the dense forest for TEMPEST receivers. I didn’t see any, which only told me they were well hidden. I assumed black-bag teams from various countries had been all over the house when they were out for dinner, and wondered what would have happened if teams from different countries bumped into each other. I assumed that all the countries Ledgett listed above — plus the US and a few more — had a full take of what Snowden gave the journalists. These journalists against those governments just wasn’t a fair fight.

I’m looking forward to reading Gellman’s book. I’m kind of surprised no one sent me an advance copy.

Share
Categories
authority Barack Obama Big Government Carter Page Christopher Steele desperation Donald Trump Dossier exonerated FBI FISA Headline News Intelwars James Comey Michael Flynn Mike Rogers NSA Obamagate political surveillance power corrupts preparing defenses Russiagate hoax Tucker Carlson tyranny United States

“OBAMAGATE!” Trump Tweets Tucker Carlson’s Crushing Breakdown Why The Former President Should Be Panicking

This article was originally published by Tyler Durden at ZeroHedge. 

Why is former President Obama calling forth all his defensive resources now?  Why did former national security advisor Susan Rice write her CYA letter?  Why have republicans in congress not been willing to investigate the true origins of political surveillance?  What is the reason for so much anger, desperation, and opposition from a variety of interests?

In a single word in a single tweet tonight, President Trump explained it perfectly – with help from Fox News’ Tucker Carlson’s detailed breakdown” “OBAMAGATE!”

As around 2:15 in the clip above, Carlson explains that then-president of the United States Barack Obama turned to the head of the FBI – the most powerful law enforcement official in America, and said: “Continue to secretly investigate my chief political rival so I can act against him.”

Comey’s response? “Yes, sir.”

Having watched that clip in detail, here is ‘sundance’ from TheConservativeTreehouse.com laying out the details surrounding political surveillance in the era of President Obama…

With the release of recent transcripts and the declassification of material from within the IG report, the Carter Page FISA, and Flynn documents showing FBI activity, there is a common misconception about why the intelligence apparatus began investigating the Trump campaign in the first place.  Why was Donald Trump considered a threat?

In this outline we hope to provide some fully cited deep source material that will explain the origin; and specifically why those inside the Intelligence Community began targeting Trump and using Confidential Human Sources against campaign officials.

During the time-frame of December 2015 through April 2016 the NSA database was being exploited by contractors within the intelligence community doing unauthorized searches.

On March 9, 2016, oversight personnel doing a review of FBI system access were alerted to thousands of unauthorized search queries of specific U.S. persons within the NSA database.

NSA Director Admiral Mike Rogers was made aware.

Subsequently, NSA Director Rogers initiated a full compliance review of the system to identify who was doing the searches; & what searches were being conducted.

On April 18, 2016, following the preliminary audit results, Director Rogers shut down all FBI contractor access to the database after he learned FISA-702 “about”(17) and “to/from”(16) search queries were being done without authorization. Thus begins the first discovery of a much bigger background story.

When you compile the timeline with the people involved; and the specific wording of the resulting review, which was then delivered to the FISA court; and overlay the activity that was taking place in the GOP primary; what we discover is a process where the metadata collected by the NSA was being searched for political opposition research and surveillance.

Additionally, tens-of-thousands of searches were identified by the FISA court as likely extending much further than the compliance review period: “while the government reports it is unable to provide a reliable estimate of the noncompliant queries since 2012, there is no apparent reason to believe the November 2015 [to] April 2016 period coincided with an unusually high error rate”.

In short, during the Obama administration, the NSA database was continually used to conduct surveillance. This is the critical point that leads to understanding the origin of “Spygate”, as it unfolded in the Spring and Summer of 2016.

It was the discovery of the database exploitation and the removal of access as a surveillance tool that created their initial problem. Here’s how we can tell.

Initially, in December 2015 there were 17 GOP candidates, and all needed to be researched.

However, when Donald Trump won New Hampshire, Nevada, and South Carolina the field was significantly whittled. Trump, Cruz, Rubio, Kasich, and Carson remained.

On Super Tuesday, March 2, 2016, Donald Trump won seven states (VT, AR, VA, GA, AL, TN, MA) it was then clear that Trump was the GOP frontrunner with momentum to become the presumptive nominee. On March 5th, Trump won Kentucky and Louisiana; and on March 8th Trump won Michigan, Mississippi, and Hawaii.

The next day, March 9th, NSA security alerts warned internal oversight personnel that something sketchy was going on.

This timing is not coincidental. As FISA Judge Rosemary Collyer later wrote in her report, “many of these non-compliant queries involved the use of the same identifiers over different date ranges.” Put another way: attributes belonging to a specific individual(s) were being targeted and queried, unlawfully. Given what was later discovered, it seems obvious the primary search target, over multiple date ranges, was Donald Trump.

There were tens-of-thousands of unauthorized search queries; and as Judge Collyer stated in her report, there is no reason to believe the 85% noncompliant rate was any different from the abuse of the NSA database going back to 2012.

As you will see below the NSA database was how political surveillance was being conducted during Obama’s second term in office. However, when the system was flagged, and when NSA Director Mike Rogers shut down “contractor” access to the system, the system users needed to develop another way to get access.

Mike Rogers shuts down access on April 18, 2016. On April 19, 2016, Fusion-GPS founder Glenn Simpson’s wife, Mary Jacoby visits the White House. Immediately thereafter, the DNC and Clinton campaign contract Fusion GPS… who then hired Christopher Steele.

Knowing it was federal “contractors”, outside government with access to the system, doing the unauthorized searches, the question becomes: who were the contractors?

The possibilities are quite vast. Essentially anyone the FBI or intelligence apparatus was using could have participated. Crowdstrike was a known FBI contractor; they were also contracted by the DNC. Shawn Henry was the former head of the FBI office in DC and is now the head of Crowdstrike; a rather dubious contractor for the government and a politically connected data security and forensic company. James Comey’s special friend Daniel Richman was an unpaid FBI “special employee” with security access to the database. Nellie Ohr began working for Fusion-GPS on the Trump project in November 2015 and she was a CIA contractor, and it’s entirely likely Glenn Simpson or people within his Fusion-GPS network were also contractors for the intelligence community.

Remember the Sharyl Attkisson computer intrusions? It’s all part of this same network; Attkisson even names Shawn Henry as a defendant in her ongoing lawsuit.

All of the aforementioned names, and so many more, held a political agenda in 2016.

It seems likely if the NSA flags were never triggered then the contracted system users would have continued exploiting the NSA database for political opposition research; which would then be funneled to the Clinton team. However, once the unauthorized flags were triggered, the system users (including those inside the official intelligence apparatus) needed to find another back-door to continue… Again, the timing becomes transparent.

Immediately after NSA flags were raised March 9th; the same intelligence agencies began using confidential human sources (CHS’s) to run into the Trump campaign. By activating intelligence assets like Joseph Mifsud and Stefan Halper the IC (CIA, FBI) and system users had now created an authorized way to continue the same political surveillance operations.

When Donald Trump hired Paul Manafort on March 28, 2016, it was a perfect scenario for those doing the surveillance. Manafort was a known entity to the FBI and was previously under investigation. Paul Manafort’s entry into the Trump orbit was perfect for Glenn Simpson to sell his prior research on Manafort as a Trump-Russia collusion script two weeks later.

The shift from “unauthorized exploitation of the NSA database” to legally authorized exploitation of the NSA database was now in place. This was how they continued political surveillance. This is the confluence of events that originated “Spygate”, or what officially blossomed into the FBI investigation known as “Crossfire Hurricane” on July 31.

If the NSA flags were never raised; and if Director Rogers had never initiated the compliance audit; and if the political contractors were never blocked from access to the database; they would never have needed to create a legal back-door, a justification to retain the surveillance. The political operatives/contractors would have just continued the targeted metadata exploitation.

Once they created the surveillance door, Fusion-GPS was then needed to get the FBI known commodity of Chris Steele activated as a pipeline. Into that pipeline, all system users pushed opposition research. However, one mistake from the NSA database extraction during an “about” query shows up as a New Yorker named Michael Cohen in Prague.

That misinterpreted data from a FISA-702 “about query” is then piped to Steele and turns up inside the dossier; it was the wrong Michael Cohen. It wasn’t Trump’s lawyer, it was an art dealer from New York City with the same name; the same “identifier”.

A DEEP DIVE – How Did It Work?

Start by reviewing the established record from the 99-page FISC opinion rendered by Presiding Judge Rosemary Collyer on April 26, 2017. Review the details within the FISC opinion.

I would strongly urge everyone to read the FISC report (full pdf below) because Judge Collyer outlines how the DOJ, which includes the FBI, had an “institutional lack of candor” in responses to the FISA court. In essence, the Obama administration was continually lying to the FISA court about their activity and the rate of fourth amendment violations for illegal searches and seizures of U.S. persons’ private information for multiple years.

Unfortunately, due to intelligence terminology, Judge Collyer’s brief and ruling is not an easy read for anyone unfamiliar with the FISA processes. That complexity also helps the media avoid discussing it, and as a result, most Americans have no idea the scale and scope of the Obama-era surveillance issues. So we’ll try to break down the language.

Top Secret FISA Court Order… by The Conservative Treehouse on Scribd:

For the sake of brevity and common understanding CTH will highlight the most pertinent segments showing just how systemic and troublesome the unlawful electronic surveillance was.

Early in 2016, NSA Director Admiral Mike Rogers was alerted of a significant uptick in FISA-702(17) “About” queries using the FBI/NSA database that holds all metadata records on every form of electronic communication.

The NSA compliance officer alerted Admiral Mike Rogers who then initiated a full compliance audit on/around March 9th, 2016, for the period of November 1st, 2015, through May 1st, 2016.

While the audit was ongoing, due to the severity of the results that were identified, Admiral Mike Rogers stopped anyone from using the 702(17) “about query” option and went to the extraordinary step of blocking all FBI contractor access to the database on April 18, 2016 (keep these dates in mind).

Here are some significant segments:

The key takeaway from these first paragraphs is how the search query results were exported from the NSA database to users who were not authorized to see the material. The FBI contractors were conducting searches and then removing, or ‘exporting’, the results. Later on, the FBI said all of the exported material was deleted.

Searching the highly classified NSA database is essentially a function of filling out search boxes to identify the user-initiated search parameter and get a return on the search result.

? FISA-702(16) is a search of the system returning a U.S. person (“702”); and the “16” is a check box to initiate a search based on “To and From“. Example, if you put in a date and a phone number and check “16” as the search parameter the user will get the returns on everything “To and From” that identified phone number for the specific date. Calls, texts, contacts etc. Including results for the inbound and outbound contacts.

? FISA-702(17) is a search of the system returning a U.S. person (702); and the “17” is a check box to initiate a search based on everything “About” the search qualifier. Example, if you put a date and a phone number and check “17” as the search parameter the user will get the returns of everything about that phone. Calls, texts, contacts, geolocation (or gps results), account information, user, service provider etc. As a result, 702(17) can actually be used to locate where the phone (and user) was located on a specific date or sequentially over a specific period of time which is simply a matter of changing the date parameters.

And that’s just from a phone number.

Search an ip address “about” and read all data into that server; put in an email address and gain everything about that account. Or use the electronic address of a GPS enabled vehicle (about) and you can withdraw more electronic data and monitor it in real-time. Search a credit card number and get everything about the account including what was purchased, where, when, etc. Search a bank account number, get everything about transactions and electronic records, etc. Just about anything and everything can be electronically searched; everything has an electronic ‘identifier’.

The search parameter is only limited by the originating field filled out. Names, places, numbers, addresses, etc. By using the “About” parameter there may be thousands or millions of returns. Imagine if you put “@realdonaldtrump” into the search parameter? You could extract all following accounts who interacted on Twitter, or Facebook, etc. You are only limited by your imagination and the scale of the electronic connectivity.

As you can see below, on March 9th, 2016, internal auditors noted the FBI was sharing “raw FISA information, including but not limited to Section 702-acquired information”.

In plain English, the raw search returns were being shared with unknown entities without any attempt to “minimize” or redact the results. The person(s) attached to the results were named and obvious. There was no effort to hide their identity or protect their 4th amendment rights of privacy, and database access was from the FBI network:

But what’s the scale here? This is where the story really lies.

Read this next excerpt carefully.

The operators were searching “U.S Persons”. The review of November 1, 2015, to May 1, 2016, showed “eighty-five percent of those queries” were unlawful or “noncompliant”.

85% !! “representing [redacted number]”.

We can tell from the space of the redaction the number of searches was between 10,000 and 99,999 [six digits]. If we take the middle number of 50,000 – a noncompliant rate of 85 percent means 42,500 unlawful searches out of 50,000.

The [six digits] amount (more than 10,000, less than 99,999), and 85% error rate, was captured in a six month period, November 2015 to April 2016.

Also, notice this very important quote: “many of these non-compliant queries involved the use of the same identifiers over different date ranges.” This tells us the system users were searching the same phone number, email address, electronic identifier, repeatedly over different dates.

Specific person(s) were being tracked/monitored.

Additionally, notice the last quote: “while the government reports it is unable to provide a reliable estimate of” these unlawful searches “since 2012, there is no apparent reason to believe November 2015 [to] April 2016 coincided with an unusually high error rate”.

That means the 85% unlawful FISA-702(16)(17) database abuse has likely been happening since 2012.

2012 is an important date in this database abuse because a network of specific interests is assembled that also shows up in 2016/2017:

  • Who was the 2012 FBI Director? Robert Mueller, who was selected by the FBI group to become a special prosecutor in 2017.
  • Who was Mueller’s chief-of-staff? Aaron Zebley, who became one of the lead lawyers on the Mueller special counsel.
  • Who was the 2012 CIA Director? John Brennan (remember the ouster of Gen Petraeus)
  • Who was ODNI? James Clapper.
  • Remember, the NSA is inside the Pentagon (Defense Dept) command structure. Who was Defense Secretary? Ash Carter

Who wanted NSA Director Mike Rogers fired in 2016? Brennan, Clapper, and Carter.

And finally, who wrote and signed-off-on the January 2017 Intelligence Community Assessment and then lied about the use of the Steele Dossier? The same John Brennan, and James Clapper along with James Comey.

Tens of thousands of searches over four years (since 2012), and 85% of them are illegal. The results were extracted for?…. (I believe this is all political opposition use, and I’ll explain why momentarily.)

OK, that’s the stunning scale; but who was involved?

Private contractors with access to “raw FISA information that went well beyond what was necessary to respond to FBI’s requests“:

And as noted, the contractor access was finally halted on April 18th, 2016.

[Coincidentally (or likely not), the wife of Fusion-GPS founder Glenn Simpson, Mary Jacoby, goes to the White House the very next day on April 19th, 2016.]

None of this is a conspiracy theory.

All of this is laid out inside this 99-page opinion from FISC Presiding Judge Rosemary Collyer who also noted that none of this FISA abuse was accidental in a footnote on page 87: “deliberate decisionmaking“:

This specific footnote, if declassified, could be a key. Note the phrase: “([redacted] access to FBI systems was the subject of an interagency memorandum of understanding entered into [redacted])”, this sentence has the potential to expose an internal decision; withheld from congress and the FISA court by the Obama administration; that outlines a process for access and distribution of surveillance data.

Note: “no notice of this practice was given to the FISC until 2016“, that is important.

Summary:

The FISA court identified and quantified tens-of-thousands of search queries of the NSA/FBI database using the FISA-702(16)(17) system. The database was repeatedly used by persons with contractor access who unlawfully searched and extracted the raw results without redacting the information and shared it with an unknown number of entities.

The outlined process certainly points toward a political spying and surveillance operation, and we are not the only one to think that’s what this system is being used for.

Back in 2017 when House Intelligence Committee Chairman Devin Nunes was working to reauthorize the FISA legislation, Nunes wrote a letter to ODNI Dan Coats about this specific issue:

SIDEBAR:

To solve the issue, well, actually attempt to ensure it never happened again, NSA Director Admiral Mike Rogers eventually took away the “About” query option permanently in 2017. NSA Director Rogers said the abuse was so inherent there was no way to stop it except to remove the process completely. [SEE HERE] Additionally, the NSA database operates as a function of the Pentagon, so the Trump administration went one step further. On his last day as NSA Director Admiral Mike Rogers -together with ODNI Dan Coats- put U.S. cyber-command, the database steward, fully into the U.S. military as a full combatant command. [SEE HERE] Unfortunately it didn’t work as shown by the 2018 FISC opinion rendered by FISC Judge James Boasberg [SEE HERE]

There is little doubt the FISA-702(16)(17) database system was used by Obama-era officials, from 2012 through April 2016, as a way to spy on their political opposition.

Quite simply there is no other intellectually honest explanation for the scale and volume of database abuse that was taking place, and keep in mind these searches were all ruled to be unlawful. Searches for repeated persons over a period of time that were not authorized.

When we reconcile what was taking place and who was involved, then the actions of the exact same principle participants take on a jaw-dropping amount of clarity.

All of the actions taken by CIA Director Brennan, FBI Director Comey, ODNI Clapper, and Defense Secretary Ashton Carter make sense. Including their effort to get NSA Director Mike Rogers fired.

Everything after March 9th, 2016, had a dual purpose: (1) done to cover up the weaponization of the FISA database. [Explained Here] Spygate, Russia-Gate, the Steele Dossier, and even the 2017 Intelligence Community Assessment (drawn from the dossier and signed by the above) were needed to create a cover-story and protect themselves from the discovery of this four-year weaponization, political surveillance and unlawful spying. Even the appointment of Robert Mueller as special counsel makes sense; he was FBI Director when this began. And (2) they needed to keep the surveillance going.

The beginning decision to use FISA(702) as domestic surveillance and political spy mechanism appears to have started in/around 2012. Perhaps sometime shortly before the 2012 presidential election and before John Brennan left the White House and moved to CIA. However, there was an earlier version of the data assembly that preceded this effort.

Political spying 1.0 was actually the weaponization of the IRS. This is where the term “Secret Research Project” originated as a description from the Obama team. It involved the U.S. Department of Justice under Eric Holder and the FBI under Robert Mueller. It never made sense why Eric Holder requested over 1 million tax records via CD ROM until overlaying the timeline of the FISA abuse:

The IRS sent the FBI “21 disks constituting a 1.1 million page database of information from 501(c)(4) tax exempt organizations, to the Federal Bureau of Investigation.” The transaction occurred in October 2010 (link)

Why disks? Why send a stack of DISKS to the DOJ and FBI when there’s a pre-existing financial crimes unit within the IRS. All of the evidence within this sketchy operation came directly to the surface in early spring 2012.

The IRS scandal was never really about the IRS, it was always about the DOJ asking the IRS for the database of information. That is why it was transparently a conflict when the same DOJ was tasked with investigating the DOJ/IRS scandal. Additionally, Obama sent his chief-of-staff Jack Lew to become Treasury Secretary; effectively placing an ally to oversee/cover-up any issues. Treasury Secretary Lew did just that.

Lesson Learned – It would appear the Obama administration learned a lesson from attempting to gather a large opposition research database operation inside a functioning organization large enough to have some good people that might blow the whistle.

The timeline reflects a few months after realizing the “Secret Research Project” was now worthless (June 2012), they focused more deliberately on a smaller network within the intelligence apparatus and began weaponizing the FBI/NSA database. If our hunch is correct, that is what will be visible in footnote #69:

How this all comes together in 2019/2020

Fusion GPS was not hired in April 2016 just to research Donald Trump. As shown in the evidence provided by the FISC, the intelligence community was already doing surveillance and spy operations. The Obama administration already knew everything about the Trump campaign and was monitoring everything by exploiting the FISA database.

However, after the NSA alerts in/around March 9th, 2016, and particularly after the April 18th shutdown of contractor access, the Obama intelligence community needed Fusion GPS to create a legal albeit ex post facto justification for the pre-existing surveillance and spy operations. Fusion GPS gave them that justification in the Steele Dossier.

That’s why the FBI small group, which later transitioned into the Mueller team, were so strongly committed to and defending the formation of the Steele Dossier and its dubious content.

The Steele Dossier, an outcome of the Fusion contract, contains three insurance policy purposes: (1) the cover-story and justification for the pre-existing surveillance operation (protect Obama); and (2) facilitate the FBI counterintelligence operation against the Trump campaign (assist Clinton); and (3) continue the operation with a special counsel (protect both).

An insurance policy would be needed. The Steele Dossier becomes the investigative virus the FBI wanted inside the system. To get the virus into official status, they used the FISA application as the delivery method and injected it into Carter Page. The FBI already knew Carter Page; essentially Carter Page was irrelevant, what they needed was the FISA warrant and the Dossier in the system {Go Deep}.

The Obama intelligence community needed Fusion GPS to give them a plausible justification for already existing surveillance and spy operations. Fusion-GPS gave them that justification and evidence for a FISA warrant with the Steele Dossier.

Ultimately that’s why the Steele Dossier was so important; without it, the FBI would not have a tool that Mueller needed to continue the investigation of President Trump. In essence by renewing the FISA application, despite them knowing the underlying dossier was junk, the FBI was keeping the surveillance gateway open for Team Mueller to exploit later on.

Additionally, without the Steele Dossier, the DOJ and FBI are naked with their FISA-702 abuse as outlined by John Ratcliffe.

Thankfully we know U.S. Attorney John Durham has talked to NSA Director Mike Rogers. In this video, Rogers explains how he was notified of what was happening and what he did after the notification.

After tonight’s tweets from President Trump, we should expect a full-court press from ‘the resistance’ to distract from the cracks appearing in the former President’s halo of invincibility…

Share
Categories
aes Encryption Intelwars internetandsociety keys NSA securityengineering videoconferencing

Secure Internet Videoconferencing Apps: Zoom and Others

The NSA just published a survey of video conferencing apps. So did Mozilla.

Zoom is on the good list, with some caveats. The company has done a lot of work addressing previous security concerns. It still has a bit to go on end-to-end encryption. Matthew Green looked at this. Zoom does offer end-to-end encryption if 1) everyone is using a Zoom app, and not logging in to the meeting using a webpage, and 2) the meeting is not being recorded in the cloud. That’s pretty good, but the real worry is where the encryption keys are generated and stored. According to Citizen Lab, the company generates them.

The Zoom transport protocol adds Zoom’s own encryption scheme to RTP in an unusual way. By default, all participants’ audio and video in a Zoom meeting appears to be encrypted and decrypted with a single AES-128 key shared amongst the participants. The AES key appears to be generated and distributed to the meeting’s participants by Zoom servers. Zoom’s encryption and decryption use AES in ECB mode, which is well-understood to be a bad idea, because this mode of encryption preserves patterns in the input.

The algorithm part was just fixed:

AES 256-bit GCM encryption: Zoom is upgrading to the AES 256-bit GCM encryption standard, which offers increased protection of your meeting data in transit and resistance against tampering. This provides confidentiality and integrity assurances on your Zoom Meeting, Zoom Video Webinar, and Zoom Phone data. Zoom 5.0, which is slated for release within the week, supports GCM encryption, and this standard will take effect once all accounts are enabled with GCM. System-wide account enablement will take place on May 30.

There is nothing in Zoom’s latest announcement about key management. So: while the company has done a really good job improving the security and privacy of their platform, there seems to be just one step remaining.

Finally — I use Zoom all the time. I finished my Harvard class using Zoom; it’s the university standard. I am having Inrupt company meetings on Zoom. I am having professional and personal conferences on Zoom. It’s what everyone has, and the features are really good.

Share
Categories
intelligence Intelwars Metadata nationalsecuritypolicy NSA Phones

Newly Declassified Study Demonstrates Uselessness of NSA’s Phone Metadata Program

The New York Times is reporting on the NSA’s phone metadata program, which the NSA shut down last year:

A National Security Agency system that analyzed logs of Americans’ domestic phone calls and text messages cost $100 million from 2015 to 2019, but yielded only a single significant investigation, according to a newly declassified study.

Moreover, only twice during that four-year period did the program generate unique information that the F.B.I. did not already possess, said the study, which was produced by the Privacy and Civil Liberties Oversight Board and briefed to Congress on Tuesday.

[…]

The privacy board, working with the intelligence community, got several additional salient facts declassified as part of the rollout of its report. Among them, it officially disclosed that the system has gained access to Americans’ cellphone records, not just logs of landline phone calls.

It also disclosed that in the four years the Freedom Act system was operational, the National Security Agency produced 15 intelligence reports derived from it. The other 13, however, contained information the F.B.I. had already collected through other means, like ordinary subpoenas to telephone companies.

The report cited two investigations in which the National Security Agency produced reports derived from the program: its analysis of the Pulse nightclub mass shooting in Orlando, Fla., in June 2016 and of the November 2016 attack at Ohio State University by a man who drove his car into people and slashed at them with a machete. But it did not say whether the investigations into either of those attacks were connected to the two intelligence reports that provided unique information not already in the possession of the F.B.I.

This program is legal due to the USA FREEDOM Act, which expires on March 15. Congress is currently debating whether to extend the authority, even though the NSA says it’s not using it now.

Share
Categories
4th amendment Congress CURRENT EVENTS Intelwars NSA Patriot Act section 215 Surveillance

A Primer on Domestic Spying

A pernicious piece of legislation is slowly and silently making its way through Congress. It is a renewal of Section 215 of the Patriot Act.

The Patriot Act of 2001 has three sections that are scheduled to expire on March 15. One of those sections is the infamous 215, which authorizes the federal government to capture without a warrant all records of all people in America held by third parties.

Do we really want the federal government to spy without warrants? How can Congress, which has sworn to preserve, protect and defend the Constitution, legislate such a blatant violation of it? Here is the backstory.

After the Constitution was ratified in 1789, it was soon amended to recognize the existence of natural rights and to keep the government from interfering with them. As Justice Brandeis wrote 140 years afterward, the most comprehensive of those rights was the right to be let alone, which today we call privacy.

To secure that right, the Fourth Amendment was ratified. The purpose of the Fourth Amendment was to prevent the government from utilizing general warrants and to require judicially authorized search warrants issued under narrow circumstances. James Madison, who drafted the Constitution and the Bill of Rights, shared the hatred that colonists-turned-Americans had for general warrants.

A general warrant was a document issued by a secret court in London authorizing the bearer of the document, usually a British soldier or intelligence agent, to search wherever he wished and to seize whatever he found. The applicant for the warrant needed to demonstrate to the court only that the warrant was intended to unearth something that the government wanted. Because these warrants did not specify the object of the search, there was no limit to them.

Hence Madison’s language in the Fourth Amendment preserving privacy but permitting the government to invade it only upon a showing, under oath, of probable cause of crime, and then requiring the warrant to specify in writing the place to be searched or the person or thing to be seized.

After 9/11, in the collective spirit of fear, timidity and subservience to the presidency, and in utter disregard for its members’ oaths to uphold the Constitution, Congress enacted the Patriot Act. It permits one federal agent to authorize another federal agent to search and seize whatever the latter wishes to look at and capture so long as it is in the possession of third-party financial institutions.

Over the years, the definition of “financial institution” has been radically expanded by both legislation and presidential executive orders so as to include nearly every conceivable entity that has any records about any person in America — from banks to hospitals to lawyers to merchants to credit card issuers to telecoms and computer service providers and even the post office.

At the same time that the Patriot Act was being expanded, the National Security Agency — America’s 60,000-person strong domestic spy apparatus — was not even pretending to follow legislation. We know from Edward Snowden’s revelations — which have never been disputed by the government — that since 2003, the NSA has captured not only the records of Americans held by third parties but also the records of every keystroke touched by every person in America and every telephone call transmitted over fiber optic cable. That includes every email, text message and piece of data — even what was deleted. This warrantless mass surveillance continues today unabated.

Also unabated and equally unlawful and unconstitutional is the government’s use of cell towers as monitors of movement. Whenever anyone travels with a mobile device in the U.S., the nearest cell tower picks up signals from the mobile device, even turned off. The government, which either owns the cell towers or under Section 215, captures all the data the towers amass, can effectively follow any person with a mobile device in real-time.

How does the government get away with this?

The feds have labored mightily to keep all of these constitutional violations as far from judicial scrutiny as they can. They rightly fear — they know — that all of this violates the Fourth Amendment. If their nefarious behavior, which we know they have used on the president of the United States and on the Supreme Court, comes under judicial scrutiny, the feds will argue that the Fourth Amendment only pertains to criminal prosecutions and not to domestic spying; thus, they can ignore it when they spy.

They have made up this argument out of thin air. There is neither a hint in the language of the amendment nor a whiff in its history to support that argument.

Has the government lost sight of our birthright? It is life, liberty and the pursuit of happiness — not to mention getting into Heaven. How can we do any of this if the government we have hired to preserve our liberty is surreptitiously destroying it?

Brandeis’ language about being let alone was written in 1928, in a dissent to a Supreme Court opinion that failed to recognize the right to privacy. Today, his dissent is the law of the land, but the feds ignore it. He wrote that there is more to life than owning material goods. There is the fulfillment of spiritual, intellectual and cultural goals and the achievement of intimate aspirations, none of which are the government’s business.

Why do we permit the government to assault our most basic freedoms, under the law or under the table?

Share
Categories
CIA Cryptography Encryption hacking Intelwars NSA

A New Clue for the Kryptos Sculpture

Jim Sanborn, who designed the Kryptos sculpture in a CIA courtyard, has released another clue to the still-unsolved part 4. I think he’s getting tired of waiting.

Did we mention Mr. Sanborn is 74?

Holding on to one of the world’s most enticing secrets can be stressful. Some would-be codebreakers have appeared at his home.

Many felt they had solved the puzzle, and wanted to check with Mr. Sanborn. Sometimes forcefully. Sometimes, in person.

Elonka Dunin, a game developer and consultant who has created a rich page of background information on the sculpture and oversees the best known online community of thousands of Kryptos fans, said that some who contact her (sometimes also at home) are obsessive and appear to have tipped into mental illness. “I am always gentle to them and do my best to listen to them,” she said.

Mr. Sanborn has set up systems to allow people to check their proposed solutions without having to contact him directly. The most recent incarnation is an email-based process with a fee of $50 to submit a potential solution. He receives regular inquiries, so far none of them successful.

The ongoing process is exhausting, he said, adding “It’s not something I thought I would be doing 30 years on.”

Another news article.

EDITED TO ADD (2/13): Another article.

Share
Categories
4th amendment Court Cases CURRENT EVENTS FISA Intelwars NSA Section 702 spying Surveillance United States v. Hasbajrami

Federal Appeals Court: Warrantless Data Collection Is Constitutional

The Second Circuit Court of Appeals issued an opinion that domestic data gobbled up by the National Security Agency (NSA) under Section 702 of the Foreign Intelligence Surveillance Act (FISA) and PRISM are are not covered by the Fourth Amendment and their collection by the government is usually constitutional.

The court held that the data gathered via electronic query in pursuance of the case against Agron Hasbajrami did not violate the Fourth Amendment’s prohibition of unwarranted searches and seizures, stating that, “The ‘incidental collection’ of communications (that is, the collection of the communications of individuals in the United States acquired in the course of the surveillance of individuals without ties to the United States and located abroad) is permissible under the Fourth Amendment.”

Furthermore, the court held that “the vast majority of the evidence detailed in the record was lawfully collected.”

In fairness, the court did opine that the federal government’s dragnet collection of the electronic data of Americans raises “novel constitutional questions” that could be addressed by another court.

For its part, the federal government argued that the Fourth Amendment doesn’t extend to private e-mails or phone-call data.

Here’s the background of the facts of the case, as printed in the opinion of the Second Circuit Court of Appeals:

Agron Hasbajrami was arrested at John F. Kennedy International Airport in September 2011 and charged with attempting to provide material support to a terrorist organization. After he pleaded guilty, the government disclosed, for the first time, that certain evidence involved in Hasbajrami’s arrest and prosecution had been derived from information obtained by the government without a warrant pursuant to its warrantless surveillance program under Section 702 of the FISA Amendments Act of 2008. Hasbajrami then withdrew his initial plea and moved to suppress any fruits of the Section 702 surveillance. The district court denied the motion to suppress and Hasbajrami again pleaded guilty, this time pursuant to a conditional guilty plea that allowed him to appeal the district court’s ruling denying his motion to suppress.

Remarkably, Hasbajrami’s lawyers seemed pleased by the decision. “We are gratified by the Court’s remand to resolve a critical factual and constitutional question in this case, as well as its recognition of the important constitutional issues that FISA section 702 raises for everyone. We look forward to the next stage of the litigation,” Hasbajrami’s lawyer Joshua Dratel said in a statement.

While the judges did hold that querying certain intelligence databases “could violate the Fourth Amendment, and thus require the suppression of evidence,” the decision was overall a victory for the surveillance state.

The PRISM program mentioned above was one of the surveillance programs revealed by Edward Snowden.

Under PRISM, the NSA and the FBI are “tapping directly into the central servers of nine leading U.S. Internet companies, extracting audio, video, photographs, e-mails, documents and connection logs that enable analysts to track a person’s movements and contacts over time,” as reported by the Washington Post.

One document in the Snowden revelations indicated that PRISM was “the number one source of raw intelligence used for NSA analytic reports.” Snowden claimed that the program was so invasive that the NSA and the FBI “quite literally can watch your ideas form as you type.”

That’s the sort of thing the Second Circuit Court of Appeals held was permissible under the Fourth Amendment.

The Founders would disagree.

The assault on our rights made by the NSA and other agencies within the federal surveillance apparatus is in every significant way identical to a tactic used by the British Empire in its own attempt to deprive Americans of their liberties some 250 years ago.

King George II (and his son and successor, George III) issued orders known as general writs of assistance. In simple terms, these writs authorized law enforcement and other representatives of the crown to enter buildings to search for contraband without obtaining a warrant. This did not sit well with American Englishmen, and they were determined to boldly declare their determination not to be subjected to searches that exceeded the constitutional authority of the king and Parliament.

Given the role that rebellion against these searches and seizures by government played in igniting the spark that lit the fires of armed resistance in America and the American War for Independence, it is remarkable that there aren’t more Americans advocating for the immediate abolition of all the agencies involved in the issuing and executing of these contemporary Writs of Assistance.

James Otis is a name that is almost completely forgotten by contemporary Americans, but he was once the most famous lawyer in the colonies, and it was his renowned recrimination of unreasonable searches in Boston that earned him fame and influenced his countrymen to resist the tyranny of these deprivations.

At a trial challenging the constitutionality of the General Writs of Assistance, Otis spoke eloquently and persuasively in favor of freedom from the unreasonable searches being carried out by 18th-century government agents:

Now, one of the most essential branches of English liberty is the freedom of one’s house. A man’s house is his castle; and whilst he is quiet, he is as well guarded as a prince in his castle. This writ, if it should be declared legal, would totally annihilate this privilege. Custom-house officers may enter our houses when they please; we are commanded to permit their entry. Their menial servants may enter, may break locks, bars, and everything in their way; and whether they break through malice or revenge, no man, no court can inquire. Bare suspicion without oath is sufficient.

This wanton exercise of this power is not a chimerical suggestion of a heated brain. I will mention some facts. Mr. Pew had one of these writs, and, when Mr. Ware succeeded him, he endorsed this writ over to Mr. Ware; so that these writs are negotiable from one officer to another; and so your Honors have no opportunity of judging the persons to whom this vast power is delegated. Another instance is this: Mr. Justice Walley had called this same Mr. Ware before him, by a constable, to answer for a breach of the Sabbath-day Acts, or that of profane swearing. As soon as he had finished, Mr. Ware asked him if he had done. He replied, “Yes.” “Well then,” said Mr. Ware, “I will show you a little of my power. I command you to permit me to search your house for uncustomed goods” — and went on to search the house from the garret to the cellar; and then served the constable in the same manner.

In the years prior to the ratification of the Constitution, those later involved in that process already had experience drafting documents to protect these precious liberties from the ever-grasping hand of government.

These men abhorred the violence to liberty done by those who were searching their homes and seizing their property without a warrant and on behalf of the Crown and Parliament, believing that “papers are often the dearest property a man can have” and that permitting the government to “sweep away all papers whatsoever,” without any legal justification, “would destroy all the comforts of society.”

In 1776, George Mason, the principal author of the Virginia Declaration of Rights — a document of profound influence on the construction of the federal Bill of Rights — upheld the right to be free from such searches, as well:

That general warrants, whereby any officer or messenger may be commanded to search suspected places without evidence of a fact committed, or to seize any person or persons not named, or whose offence is not particularly described and supported by evidence, are grievous and oppressive, and ought not to be granted.

The federal government relies on state agencies and officers to assist in the collection of data, so the surest way to stop the surveillance and gut the surveillance programs is for states to follow the advice of James Madison and refuse to “cooperate with officers of the union” when their actions exceed the constitutional limits of their authority.

EDITOR’S NOTE: This article was originally published at The New American Magazine and reposted here with permission from the author.

Share
Categories
FBI Fourth Amendment Intelwars NSA privacy Surveillance

All the Bad Stuff You’ve Heard About NSA Spying Confirmed

Recently declassified court documents confirmed all of our worst suspicions about NSA spying.

Many people view NSA spying as relatively harmless. They argue it doesn’t violate the Fourth Amendment because the agency doesn’t even look at most of the information it collects.

This is a fallacious argument. Virtually nobody would sit by and let federal agents come into their home, make photocopies of all their personal papers and then store them away with the promise of “we won’t look at them without a warrant.” Sweeping up and storing electronic data is no different.

Even if you buy these silly legal gymnastics, by storing phone calls, emails, location information, and web searches belonging to millions of Americans, the NSA facilitates unconstitutional, warrantless surveillance.

And a recently-declassified 138-page opinion by U.S. District Court Judge James E. Boasberg confirmed just that. It revealed that the FBI regularly accessed millions of Americans’ data that was unconstitutionally gathered and stored by the federal spy agency. The government is accessing this information. It is not obtaining warrants. And this does violate the Fourth Amendment.

ACLU staff attorney Patrick Toomey told The Intercept that the FBI used the information for “fishing expeditions.”

“These opinions reveal devastating problems with the FBI’s backdoor searches, which often resembled fishing expeditions through Americans’ personal emails and online messages. But the court did not go nearly far enough to fix those abuses. The Constitution requires FBI agents to get a warrant before they go combing through our sensitive communications.”

Documents leaked by Edward Snowden revealed the existence of warrantless dragnet surveillance programs run by the NSA. The court ruling centered around spying “authorized” under Sec. 702 of the Foreign Service Intelligence Act (FISA). Under this provision, the government can collect data on Americans who are communicating with non-U.S. citizens without a warrant.

As Andrew Napolitano explained, “the FISA-created process permits a secret court in Washington to issue general warrants based on the government’s need to gather intelligence about national security from foreigners among us. It pretends that the standard is probable cause of foreign agency, but this has now morphed into the issuance of general warrants whenever the government wants them.”

A typical FISA warrant authorizes government surveillance on all landlines, mobile devices and desktop computers in a given area. While the process was created to monitor foreign agents, it sweeps up reams of data belonging to Americans.

The Electronic Frontier Foundation explained the scope of FISA surveillance on Americans.

Section 702 allows the government to collect and store the communications of foreign intelligence targets outside of the U.S if a significant purpose is to collect “foreign intelligence” information.  Although the law contains some protections—for example, a prohibition on knowingly collecting communications between two U.S. citizens on U.S. soil—we have learned that the program actually does sweep up billions of communications involving people not explicitly targeted, including Americans. For example, a 2014 report by the Washington Post that reviewed of a “large cache of intercepted conversations” provided by Edward Snowden revealed that 9 out of 10 account holders “were not the intended surveillance targets but were caught in a net the agency had cast for somebody else.”

Congress renewed Sec 702 in 2018 with some minor reforms. But before approving a six-year extension, the House voted to kill an amendment that would have more significantly overhauled the surveillance program and addressed some privacy concerns. Provisions in the amendment would have required agents to get warrants in most cases before hunting for and reading Americans’ emails and other messages that get swept up under the program.

Then Congress had another opportunity to significantly rein in surveillance under Sec. 702 earlier this summer, but it voted down an amendment to an appropriations bill that would have effectively prohibited the warrantless collection of data from Americans.

According to the recently declassified court documents, the FBI was the agency most often accessing NSA data about “U.S. persons,” defined as any U.S. citizen or foreign national legally in the United States. The Intercept detailed the extent of the FBI’s data-mining.

Queries of this data are known as “backdoor searches.” In 2017, the FBI ran approximately 3.1 million searches related to U.S. persons, compared to 7,500 combined searches by the CIA and NSA during the same year. Many of the FBI’s searches were not legally justified because they did not involve a predicated criminal investigation or other proper justification for the search, as required by law, according to Boasberg’s FISA court.

The FBI often accesses NSA data using an investigative tool known as an “assessment.” The power was created after 9/11 and allows the agency to investigate anyone on evidence as flimsy as an anonymous tip. As The Intercept explained, “Because assessments are de facto national security inquiries, the FBI has viewed this as authority to search mass surveillance data for Americans’ communications.”

The court ruling also revealed evidence of “parallel construction.” Using this secretive process, police build cases on illegally obtained, warrantless data collected by the NSA and other federal agencies without anybody ever knowing. Once investigators have built a secret case on warrantless data, they obtain warrants bases on the illegally gathered information and create a parallel case with the illusion of constitutional legitimacy.

Former NSA technical director William Binney called parallel construction “the most threatening situation to our constitutional republic since the Civil War.”

As The Intercept explained, “Boasberg noted an example that fits this pattern as an inappropriate use of FISA data. On November 11, 2017, the FBI conducted a search of mass surveillance data on “a potential recipient of a FISA order.” In other words, the FBI was able to mine mass surveillance data to find out what evidence agents would discover if they went ahead and requested the FISA order.”

Congress will never rein in warrantless surveillance. It has had ample opportunity. In fact, Congress has had over 40 years to address these privacy issues. In 1975, Sen. Frank Church warned us about the surveillance state, saying it created the potential for ‘total tyranny.” That was before widespread public access to the Internet, before cellphones and before the proliferation of email.

Today, the technological capacity of the NSA and other federal agencies exceeds anything Church imagined. And yet 40 years later, Congress hasn’t done anything to rein in the surveillance. It never will. That’s why it’s up to states to take action. For more information on how, click HERE.

Share
Categories
CURRENT EVENTS Donald Trump FISA Intelwars NSA Patriot Act section 215 Surveillance

More Spying and Lying

While most of us have been thinking about the end of summer and while the political class frets over the Democratic presidential debates and the aborted visit of two members of Congress to Israel, the Trump administration has quietly moved to extend and make permanent the government’s authority to spy on all persons in America.

The president, never at a loss for words, must have been asked by the intelligence community he once reviled not to address these matters in public.

These matters include the very means and the very secret court about which he complained loud and long during the Mueller investigation. Now, he wants to be able to unleash permanently on all of us the evils he claims were visited upon him by the Obama-era FBI and by his own FBI. What’s going on?

Here is the backstory.

After the lawlessness of Watergate had been exposed — a president spying on his political adversaries without warrants in the name of national security — Congress enacted in 1978 the Foreign Intelligence Surveillance Act. It prescribed a means for surveillance other than that which the Constitution requires.

The Fourth Amendment to the Constitution — written in the aftermath of British soldiers and agents using general warrants obtained from a secret court in London to spy on whomever in the colonies they wished and to seize whatever they found — was ratified as part of the Bill of Rights to limit the government’s ability to intrude upon the privacy of all persons, thereby prohibiting those procedures used by the British.

Thus, we have the constitutional requirements that no searches and seizures can occur without a warrant issued by a judge based on a showing, under oath, of probable cause of crime. The courts have uniformly characterized electronic surveillance as a search.

I am not addressing eyesight surveillance on a public street. I am addressing electronic surveillance wherever one is when one sends or receives digital communications. FISA is an unconstitutional congressional effort to lower the standards required by the Fourth Amendment from probable cause of crime to probable cause of foreign agency.

Can Congress do that? Can it change a provision of the Constitution? Of course not. If it could, we wouldn’t have a Constitution.

It gets worse.

The court established by FISA — that’s the same court that President Donald Trump asserts authorized spying on him in 2015 and 2016 — has morphed the requirement of probable cause of being a foreign agent to probable cause of communicating with a foreign person as the standard for authorizing surveillance.

What was initially aimed at foreign agents physically present in the United States has secretly become a means to spy on innocent Americans. In Trump’s case, the FISA court used the foreign and irrelevant communications of two part-time campaign workers to justify surveillance on the campaign.

Add to all this the 2002 secret order of President George W. Bush directing the National Security Agency to spy on all in America all the time without warrants — this is what Edward Snowden exposed in 2013 — and one can see what has happened.

What happened?

What happened was the creation of a surveillance state in America that came about by secret court rulings and a once-secret presidential order. As a result of this, part of the government goes to the secret FISA court and obtains search warrants on flimsy and unconstitutional grounds and part of the government bypasses FISA altogether and spies on everyone in America and denies it and lies about it.

Bill Binney, the genius mathematician who once worked for the NSA and now is its harshest critic, has stated many times that, as unconstitutional as FISA is, it is a pretext to NSA spying on all persons in America all the time.

How pervasive is this unlawful spying? According to Binney, the NSA’s 60,000 domestic spies capture the content and the keystrokes of every communication transmitted on fiber optic cables into or out of or wholly within the United States. And they do so 24/7 — without warrants.

Now, back to that quiet late summer proposal by the Trump administration. Some of the statutes that govern who can go to the FISA court and under what circumstances they can go are about to expire. Inexplicably, the president once victimized by FISA wants to make these statutes permanent. And he wants to do so knowing that they are essentially a facade for spying. That would institutionalize the now decades-long federal assault on privacy and evasion of constitutional norms.

It would also place Trump in the same category as his two immediate predecessors, who regularly ordered government agents to violate the Fourth Amendment and then denied they had done so.

Some of my Fox colleagues joke with me that I am shoveling against the tide when it comes to defending the right to privacy. They claim that there is no more privacy. I disagree with them. As long as we still have a Constitution, it must be taken seriously and must mean what it says. And its intentionally stringent requirements for enabling the government to invade privacy remain the law of the land. The president has sworn to uphold the Constitution, not the NSA.

The late Supreme Court Justice George Sutherland once wrote that we cannot pick and choose which parts of the Constitution to follow and which to ignore. If we could, the Constitution would be meaningless.

Did he foresee our present woes when he wrote, “If the provisions of the Constitution be not upheld when they pinch as well as when they comfort, they may as well be abandoned”?

Is that where we are headed?

Share