Exclusive: Top secret court order requiring Verizon to hand over all call data shows scale of domestic surveillance under Obama

Under the terms of the order, the numbers of both parties on a call are handed over, as is location data and the time and duration of all calls. Photograph: Matt Rourke/AP

The National Security Agency is currently collecting the telephone records of millions of US customers of Verizon, one of America’s largest telecoms providers, under a top secret court order issued in April.

The order, a copy of which has been obtained by the Guardian, requires Verizon on an “ongoing, daily basis” to give the NSA information on all telephone calls in its systems, both within the US and between the US and other countries.

The document shows for the first time that under the Obama administration the communication records of millions of US citizens are being collected indiscriminately and in bulk – regardless of whether they are suspected of any wrongdoing.

The secret Foreign Intelligence Surveillance Court (Fisa) granted the order to the FBI on April 25, giving the government unlimited authority to obtain the data for a specified three-month period ending on July 19.

Under the terms of the blanket order, the numbers of both parties on a call are handed over, as is location data, call duration, unique identifiers, and the time and duration of all calls. The contents of the conversation itself are not covered.

The disclosure is likely to reignite longstanding debates in the US over the proper extent of the government’s domestic spying powers.

Under the Bush administration, officials in security agencies had disclosed to reporters the large-scale collection of call records data by the NSA, but this is the first time significant and top-secret documents have revealed the continuation of the practice on a massive scale under President Obama.

The unlimited nature of the records being handed over to the NSA is extremely unusual. Fisa court orders typically direct the production of records pertaining to a specific named target who is suspected of being an agent of a terrorist group or foreign state, or a finite set of individually named targets.

The Guardian approached the National Security Agency, the White House and the Department of Justice for comment in advance of publication on Wednesday. All declined. The agencies were also offered the opportunity to raise specific security concerns regarding the publication of the court order.

The court order expressly bars Verizon from disclosing to the public either the existence of the FBI’s request for its customers’ records, or the court order itself.

“We decline comment,” said Ed McFadden, a Washington-based Verizon spokesman.

The order, signed by Judge Roger Vinson, compels Verizon to produce to the NSA electronic copies of “all call detail records or ‘telephony metadata’ created by Verizon for communications between the United States and abroad” or “wholly within the United States, including local telephone calls”.

The order directs Verizon to “continue production on an ongoing daily basis thereafter for the duration of this order”. It specifies that the records to be produced include “session identifying information”, such as “originating and terminating number”, the duration of each call, telephone calling card numbers, trunk identifiers, International Mobile Subscriber Identity (IMSI) number, and “comprehensive communication routing information”.

The information is classed as “metadata”, or transactional information, rather than communications, and so does not require individual warrants to access. The document also specifies that such “metadata” is not limited to the aforementioned items. A 2005 court ruling judged that cell site location data – the nearest cell tower a phone was connected to – was also transactional data, and so could potentially fall under the scope of the order.

While the order itself does not include either the contents of messages or the personal information of the subscriber of any particular cell number, its collection would allow the NSA to build easily a comprehensive picture of who any individual contacted, how and when, and possibly from where, retrospectively.

It is not known whether Verizon is the only cell-phone provider to be targeted with such an order, although previous reporting has suggested the NSA has collected cell records from all major mobile networks. It is also unclear from the leaked document whether the three-month order was a one-off, or the latest in a series of similar orders.

The court order appears to explain the numerous cryptic public warnings by two US senators, Ron Wyden and Mark Udall, about the scope of the Obama administration’s surveillance activities.

For roughly two years, the two Democrats have been stridently advising the public that the US government is relying on “secret legal interpretations” to claim surveillance powers so broad that the American public would be “stunned” to learn of the kind of domestic spying being conducted.

Because those activities are classified, the senators, both members of the Senate intelligence committee, have been prevented from specifying which domestic surveillance programs they find so alarming. But the information they have been able to disclose in their public warnings perfectly tracks both the specific law cited by the April 25 court order as well as the vast scope of record-gathering it authorized.

Julian Sanchez, a surveillance expert with the Cato Institute, explained: “We’ve certainly seen the government increasingly strain the bounds of ‘relevance’ to collect large numbers of records at once — everyone at one or two degrees of separation from a target — but vacuuming all metadata up indiscriminately would be an extraordinary repudiation of any pretence of constraint or particularized suspicion.” The April order requested by the FBI and NSA does precisely that.

The law on which the order explicitly relies is the so-called “business records” provision of the Patriot Act, 50 USC section 1861. That is the provision which Wyden and Udall have repeatedly cited when warning the public of what they believe is the Obama administration’s extreme interpretation of the law to engage in excessive domestic surveillance.

In a letter to attorney general Eric Holder last year, they argued that “there is now a significant gap between what most Americans think the law allows and what the government secretly claims the law allows.”

“We believe,” they wrote, “that most Americans would be stunned to learn the details of how these secret court opinions have interpreted” the “business records” provision of the Patriot Act.

Privacy advocates have long warned that allowing the government to collect and store unlimited “metadata” is a highly invasive form of surveillance of citizens’ communications activities. Those records enable the government to know the identity of every person with whom an individual communicates electronically, how long they spoke, and their location at the time of the communication.

Such metadata is what the US government has long attempted to obtain in order to discover an individual’s network of associations and communication patterns. The request for the bulk collection of all Verizon domestic telephone records indicates that the agency is continuing some version of the data-mining program begun by the Bush administration in the immediate aftermath of the 9/11 attack.

The NSA, as part of a program secretly authorized by President Bush on 4 October 2001, implemented a bulk collection program of domestic telephone, internet and email records. A furore erupted in 2006 when USA Today reported that the NSA had “been secretly collecting the phone call records of tens of millions of Americans, using data provided by AT&T, Verizon and BellSouth” and was “using the data to analyze calling patterns in an effort to detect terrorist activity.” Until now, there has been no indication that the Obama administration implemented a similar program.

These recent events reflect how profoundly the NSA’s mission has transformed from an agency exclusively devoted to foreign intelligence gathering, into one that focuses increasingly on domestic communications. A 30-year employee of the NSA, William Binney, resigned from the agency shortly after 9/11 in protest at the agency’s focus on domestic activities.

In the mid-1970s, Congress, for the first time, investigated the surveillance activities of the US government. Back then, the mandate of the NSA was that it would never direct its surveillance apparatus domestically.

At the conclusion of that investigation, Frank Church, the Democratic senator from Idaho who chaired the investigative committee, warned: “The NSA’s capability at any time could be turned around on the American people, and no American would have any privacy left, such is the capability to monitor everything: telephone conversations, telegrams, it doesn’t matter.”

Additional reporting by Ewen MacAskill and Spencer Ackerman

The Guardian, Thursday 6 June 2013

Find this story at 6 June 2013

© 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

Der Spiegel meldt verder dat de Amerikaanse geheime dienst zo’n vijf jaar geleden ook heeft geprobeerd het Justus Lipsius-gebouw in Brussel af te luisteren.

JustusLipsiusVijf jaar geleden zou de NSA pogingen hebben ondernomen om de telecomverbindingen van het Justus Lipsius-gebouw in Brussel af te luisteren, zo meldt Der Spiegel. Het Justus Lipsius- gebouw is het belangrijkste gebouw van de Europese Raad, waar de delegaties van de Europese landen onderhandelen over bijna alle zaken van de Europese Raad. Politici, waaronder de voorzitter van het Europees Parlement Martin Schultz spreken van een groot schandaal en eisen opheldering van de Verenigde Staten.

lees meer

There’s so much data available on the internet that even government cyberspies need a little help now and then to sift through it all. So to assist them, the National Security Agency produced a book to help its spies uncover intelligence hiding on the web.

The 643-page tome, called Untangling the Web: A Guide to Internet Research (.pdf), was just released by the NSA following a FOIA request filed in April by MuckRock, a site that charges fees to process public records for activists and others.

The book was published by the Center for Digital Content of the National Security Agency, and is filled with advice for using search engines, the Internet Archive and other online tools. But the most interesting is the chapter titled “Google Hacking.”

Say you’re a cyberspy for the NSA and you want sensitive inside information on companies in South Africa. What do you do?

Search for confidential Excel spreadsheets the company inadvertently posted online by typing “filetype:xls site:za confidential” into Google, the book notes.

Want to find spreadsheets full of passwords in Russia? Type “filetype:xls site:ru login.” Even on websites written in non-English languages the terms “login,” “userid,” and “password” are generally written in English, the authors helpfully point out.

Misconfigured web servers “that list the contents of directories not intended to be on the web often offer a rich load of information to Google hackers,” the authors write, then offer a command to exploit these vulnerabilities — intitle: “index of” site:kr password.

“Nothing I am going to describe to you is illegal, nor does it in any way involve accessing unauthorized data,” the authors assert in their book. Instead it “involves using publicly available search engines to access publicly available information that almost certainly was not intended for public distribution.” You know, sort of like the “hacking” for which Andrew “weev” Aurenheimer was recently sentenced to 3.5 years in prison for obtaining publicly accessible information from AT&T’s website.

Stealing intelligence on the internet that others don’t want you to have might not be illegal, but it does come with other risks, the authors note: “It is critical that you handle all Microsoft file types on the internet with extreme care. Never open a Microsoft file type on the internet. Instead, use one of the techniques described here,” they write in a footnote. The word “here” is hyperlinked, but since the document is a PDF the link is inaccessible. No word about the dangers that Adobe PDFs pose. But the version of the manual the NSA released was last updated in 2007, so let’s hope later versions cover it.

…

By Kim Zetter05.08.132:37 PM

Find this story at 8 May 2013

Untangling the Web: A Guide to Internet Research

Wired.com © 2013 Condé Nast.

TULSA, Okla. — Jim Thavisay is secretly stalking one of his classmates. And one of them is spying on him.

“I have an idea who it is, but I’m not 100% sure yet,” said Thavisay, a 25-year-old former casino blackjack dealer.

Stalking is part of the curriculum in the Cyber Corps, an unusual two-year program at the University of Tulsa that teaches students how to spy in cyberspace, the latest frontier in espionage.

Students learn not only how to rifle through trash, sneak a tracking device on cars and plant false information on Facebook. They also are taught to write computer viruses, hack digital networks, crack passwords, plant listening devices and mine data from broken cellphones and flash drives.

It may sound like a Jason Bourne movie, but the little-known program has funneled most of its graduates to the CIA and the Pentagon’s National Security Agency, which conducts America’s digital spying. Other graduates have taken positions with the FBI, NASA and the Department of Homeland Security.

The need for stronger cyber-defense — and offense — was highlighted when Defense Secretary Leon E. Panetta warned in an Oct. 11 speech that a “a cyber-terrorist attack could paralyze the nation,” and that America needs experts to tackle the growing threat.

“An aggressor nation or extremist group could gain control of critical switches and derail passenger trains, or trains loaded with lethal chemicals,” Panetta said. “They could contaminate the water supply in major cities, or shut down the power grid across large parts of the country.”

Panetta said the Pentagon spends more than $3 billion annually for cyber-security. “Our most important investment is in skilled cyber-warriors needed to conduct operations in cyberspace,” he said.

That’s music to the ears of Sujeet Shenoi, a naturalized citizen from India who founded the cyber program in 1998. He says 85% of the 260 graduates since 2003 have gone to the NSA, which students call “the fraternity,” or the CIA, which they call “the sorority.”

Shenoi subjects his students to both classroom theory and practical field work. Each student is assigned to a Tulsa police crime lab on campus and uses digital skills to help uncover evidence — most commonly child pornography images — from seized devices. Several students have posed as children online to lure predators. In 2003, students helped solve a triple homicide by cracking an email account linking the perpetrator to his victims.

“I throw them into the deep end,” Shenoi said. “And they become fearless.”

The Secret Service has also tapped the Cyber Corps. Working from a facility on campus, students help agents remove evidence from damaged cellphones, GPS units and other devices.

“Working alongside U.S. Secret Service agents, Tulsa Cyber Corps students have developed techniques for extracting evidence from burned or shattered cellphones,” Hugh Dunleavy, who heads the Secret Service criminal division, said in a written statement. More than 5,000 devices have been examined at the facility, he added.

In 2007, California’s secretary of state, Debra Bowen, hired the University of California to test the security of three electronic voting systems used in the state, and Shenoi and several students joined one of the “red” teams assigned to try to hack the voting machines. They succeeded. One of the students, who now works at the NSA, showed that someone could use an off-the-shelf device with Bluetooth connectivity to change all the votes in a given machine, Shenoi said.

“All our results were provided to the companies so they could fix the machines to the extent possible,” Shenoi said.

In May, the NSA named Tulsa as one of four national centers of academic excellence in cyber-operations. The others were Northeastern University in Boston, Naval Postgraduate School in Monterey, Calif., and Dakota State University in Madison, S.D.

“Tulsa students show up to NSA with a lot of highly relevant hands-on experience,” said Neal Ziring, a senior NSA official who visited the school recently to consult about the curriculum and to interview students for jobs and internships. “There are very few schools that are like Tulsa in terms of having participation with law enforcement, with industry, with government.”

Shenoi’s students have ranged in age from 17 to 63. Many are retired from the military, or otherwise starting second careers. They are usually working toward degrees in computer science, engineering, law or business. About two-thirds get a cyber-operations certification on their diplomas, or what Shenoi calls a “cyber-ninja” designation “because they have to be super techie.”

To be accepted into the corps, applicants must be U.S. citizens with the ability to obtain a security clearance of “top secret” or higher. But not all of them spend their careers in government.

One former student, Philip McAllister, worked after graduation at the Naval Research Laboratory, which does scientific research and development for the Navy and Marines. He later moved to San Francisco and worked at several startup companies before he joined Instagram, which developed a photo-sharing mobile application, early this year. Facebook purchased Instagram, which had only 13 employees, for $1 billion three months later.

“Sujeet gets incredibly talented people,” said Richard “Dickie” George, who retired last year after a three-decade career at the NSA.

…

November 22, 2012|By Ken Dilanian, Washington Bureau

Find this story at 22 November 2012

ken.dilanian@latimes.com

Copyright 2012 Los Angeles Times

University of Tulsa’s Cyber Corps programme is training students to write viruses, hack networks, crack passwords and mine data
The little known course has been named as one of four ‘centres of excellence’ and places 85 per cent of graduates with the NSA or CIA

Not your average student: The University of Tulsa is training students in the fundamentals of cyber-espionage, with many taking jobs in the CIA

A university is offering a two-year course in cyber-espionage, with recruits going on to jobs with the CIA, the National Security Agency and the Secret Service.

Students at the University of Tulsa, Oklahoma, are learning how to write computer viruses, hack networks, crack passwords and mine data from a range of digital devices.

The little-known Cyber Corps programme already places 85 per cent of its graduates with the NSA – known to students as ‘the fraternity – or the CIA – which they call ‘the sorority’.

Sujeet Shenoi, an Indian immigrant to the U.S., founded the programme at Tulsa’s Institute for Information Security in 1998 and continues to lead the teaching, the LA Times reported.

Students are taught with a mixture of classroom theory and practical field work, he said, with each assigned to a police crime lab on campus to apply their skills to help recover evidence from digital devices.

‘I throw them into the deep end,’ Mr Shenoi told the LA Times. ‘And they become fearless.’

Much of their work involves gathering evidence against paedophiles, with several students having posed as children on the internet to lure predators into stings.

But his students in 2003 also helped solve a triple murder case by cracking an email account that linked the killer with his victims and, working alongside the Secret Service, they have developed new techniques for extracting data from damged smartphones, GPS devices and other digital devices.

The NSA in May named Tulsa as one of four centres of academic excellence in cyber operations, alongside Northeastern University in Boston, the Naval Postgraduate School in Monterey, California, and Dakota State University in Madison, South Dakota.

Neal Ziring, a senior NSA official who visited the school recently, told LA Times: ‘Tulsa students show up to NSA with a lot of highly relevant hands-on experience.

‘There are very few schools that are like Tulsa in terms of having participation with law enforcement, with industry, with government.’

Centre of excellence: Tulsa was in May named by the NSA alongside four other schools as important centres for training cyber-security operatives
WIRETAPPING THE INTERNET

New eavesdropping technology could allow government agencies to ‘silently record’ conversations on internet chat services like Skype in real time.

Until now, so called voice over internet protocol (VoIP) services have been difficult for police to tap into, because of the way they send information over the web.

The services convert analogue audio signals into digital data packets, which are then sent in a way that is costly and complex for third parties to intercept.

But now a California businessman has obtained a patent for a ‘legal intercept’ technology he says ‘would allow governments to “silently record” VoIP communications’.

Dennis Chang, president of VoIP-PAL, an chat service similar to Skype, claims his system would allow authorities to identify and monitor suspects merely by accessing their username and subscriber data.

Applicants to Tulsa’s programme, who have ranged in age from 17 to 63, must be U.S. citizens eligible for security clearance of ‘top secret’ or higher.

Many are military veterans or others looking to start second careers, usually people who are working towards degrees in computer science, engineering, law or business.

…

By Damien Gayle

PUBLISHED: 09:41 GMT, 26 November 2012 | UPDATED: 14:15 GMT, 26 November 2012

Find this story at 26 November 2012

Published by Associated Newspapers Ltd

Part of the Daily Mail, The Mail on Sunday & Metro Media Group
© Associated Newspapers Ltd

Did spies posing as Microsofties write malware in Redmond? How do you spell ‘phooey’ in C#?

June 18, 2012, 2:46 PM — A leading security researcher has suggested Microsoft’s core Windows and application development programming teams have been infiltrated by covert programmer/operatives from U.S. intelligence agencies.

If it were true it would be another exciting twist to the stories of international espionage, sabotage and murder that surround Stuxnet, Duqu and Flame, the most successful cyberwar weapons deployed so far, with the possible exception of Windows itself.

Nevertheless, according to Mikko Hypponen, chief research officer of antivirus and security software vendor F-Secure, the scenario that would make it simplest for programmers employed by U.S. intelligence agencies to create the Stuxnet, Duqu and Flame viruses and compromise Microsoft protocols to the extent they could disguise downloads to Flame as patches through Windows Update is that Microsoft has been infiltrated by members of the U.S. intelligence community.

[ FREE DOWNLOAD: 68 great ideas for running a security department ]

Having programmers, spies and spy-supervisors from the NSA, CIA or other secret government agencies infiltrate Microsoft in order to turn its technology to their own evil uses (rather than Microsoft’s) is the kind of premise that would get any writer thrown out of a movie producer’s office for pitching an idea that would put the audience to sleep halfway through the first act.

Not only is it unlikely, the “action” most likely to take place on the Microsoft campus would be the kind with lots of tense, acronymically dense debates in beige conference rooms and bland corporate offices.

The three remarkable bits of malware that attacked Iranian nuclear-fuel development facilities and stole data from its top-secret computer systems – Flame Duqu and Stuxnet – show clear signs of having been built by the same teams of developers, over a long period of time, Hypponen told PC Pro in the U.K.

Flame used a counterfeit Microsoft security certificates to verify its trustworthiness to Iranian users, primarily because Microsoft is among the most widely recognized and trusted computer companies in the world, Hypponen said.

Faking credentials from Microsoft would give the malware far more credibility than using certificates from other vendors, as would hiding updates in Windows Update, Hypponen said.

The damage to Microsoft’s reputation and suspicion from international customers that it is a puppet of the CIA would be enough to keep Microsoft itself from participating in the operation, even if it were asked.

That doesn’t mean it didn’t happen.

“It’s plausible that if there is an operation under way and being run by a US intelligence agency it would make perfect sense for them to plant moles inside Microsoft to assist in pulling it off, just as they would in any other undercover operation,” Hypponen told PC Pro. “It’s not certain, but it would be common sense to expect they would do that.”

The suggestion piqued the imaginations of conspiracy theorists, but doesn’t have a shred of evidence to support it.

It does have a common-sense appeal, however. Planting operatives inside Microsoft would probably be illegal, would certainly be unethical and could have a long-range disadvantage by making Microsofties look like tools of the CIA rather than simply tools.

“No-one has broken into Microsoft, but by repurposing the certificate and modifying it with unknown hash collision technologies, and with the power of a supercomputer, they were able to start signing any program they wanted as if it was from Microsoft,” Hypponen said. “If you combine that with the mechanism they were using to spoof MS Update server they had the crown jewels.”

Hypponen is one of a number of security experts who have said Stuxnet and Duqu have the hallmarks of software written by traditionally minded software engineers accustomed to working in large, well-coordinated teams.

After studying the code for Duqu, security researchers at Kaspersky Labs said the malware was most similar to the kind of work done by old-school programmers able to write code for more than one platform at a time, do good quality control to make sure the modules were able to install themselves and update in real time, and that the command-and-control components ahd been re-used from previous editions.

“All the conclusions indicate a rather professional team of developers, which appear to be reusing older code written by top “old school” developers,” according to Kaspersky’s analysis. “Such techniques are normally seen in professional software and almost never in today’s malware. Once again, these indicate that Duqu, just like Stuxnet, is a ‘one of a kind’ piece of malware which stands out like a gem from the large mass of “dumb” malicious program we normally see.”

Earlier this month the NYT ran a story detailing two years worth of investigations during which a range of U.S. officials, including, eventually, President Obama, confirmed the U.S. had been involved in writing the Stuxnet and Flame malware and siccing them on Iran.

That’s far from conclusive proof that the NSA has moved its nonexistent offices to Redmond, Wash. It doesn’t rule it out either, however.

Very few malware writers are able to write such clean code that can install on a variety of hardware systems, assess their new environments and download the modules they need to successfully compromise a new network, Kaspersky researchers said.

Stuxnet and Flame are able to do all these things and to get their own updates through Windows Update using a faked Windows Update security certificate.

No other malware writer, hacker or end user has been able to do that before. Knowing it happened this time makes it more apparent that the malware writers know what they are doing and know Microsoft code inside and out.

That’s still no evidence that Microsoft could be or has been infiltrated by spies from the U.S. or from other countries.

It does make sense, but so do a lot of conspiracy theories.

Until there’s some solid indication Flame came from inside Microsoft, not outside, it’s probably safer to write off this string of associative evidence.

Even in his own blog, Hypponen makes fun of those who make fun of Flame as ineffective and unremarkable, but doesn’t actually suggest moles at Microsoft are to blame.

…

Find this story at 18 June 2012

By Kevin Fogarty

© 1994 – 2012 ITworld. All rights reserved.