This article originally appeared in TidBITS on 2014-03-13 at 8:09 a.m.
The permanent URL for this article is: http://tidbits.com/article/14585
Include images: Off

Keeping Up with the Snoops 4: When the Going Gets Weird…

by Josh Centers

Things are getting weird in Spyville as we once again keep up with the snoops. How weird? In a word: UFOs. No, I’m not kidding.

As reported by The Intercept [1], the new media partnership between reporter Glenn Greenwald and billionaire eBay founder Pierre Omidyar, the GCHQ (the British counterpart to the NSA) has been actively falsifying information to discredit targets who haven’t even been charged with a crime. The techniques, called Online Covert Action (OCA), involve writing fake blog posts claiming to be victims of the target, emailing and texting those close to the target, changing the target’s photos on social media sites, and ruining business relationships. OCA is based around the four D’s: Deny, Disrupt, Degrade, Deceive. While it’s not known if the NSA engages in these tactics, these GCHQ slides were presented to the NSA.

The presentation, called “The Art of Deception,” features something even stranger: several pictures of UFOs [2], with no explanatory text. Nigel Watson, author of the Haynes UFO Investigations Manual, told Yahoo News that the images are likely not proof of alien visitations, but rather evidence that spy agencies use fear of UFOs to scare the public. (Of course, it’s more likely these slides were just illustrating something the speaker was saying, perhaps about how people grasp for meaning when faced with inexplicable facts. After all, another slide is a photo of a Whole Foods sale poster; no one is suggesting that Whole Foods is a GHCQ front.)

But things get even stranger. Did you know that the NSA has its own advice columnist [3]? The column, called “Ask Zelda!” has been distributed on the agency’s intranet since 2010. In a twist of bizarre irony, one of the letters to Zelda is from an NSA employee concerned about his boss spying on him and his coworkers. Zelda advises “Silenced in SID” that such snooping is inappropriate, and that he should confront his boss about it.

Those in charge of U.S. intelligence agencies apparently don’t read Zelda’s column, as the Associated Press reports that they are planning a system to implement continuous monitoring of employees [4] with security clearances. The computerized system would scan “private credit agencies, law enforcement databases and threat lists, military and other government records, licenses, data services, and public record repositories” for “unusual behavior patterns.”

On the legal front, the New York Times explains how the secret rulings of the FISA court paved the way for mass surveillance [5]. The key is the so-called “Raw Take” order from 2002, which loosened restrictions on sharing “unfiltered personal information” with interior agencies and foreign governments.

Meanwhile, The Intercept broke another major story about how the NSA is planning to infect millions of computers with malware [6], codenamed TURBINE, to enable “industrial-scale exploitation.” Apart from the obvious concerns here (Industrial-scale malware? Really? Like that could never get out of control.), Mikko Hypponen of Finnish security firm F-Secure warns that TURBINE could inadvertently undermine the security of the Internet by potentially creating new vulnerabilities on affected systems, thus making them more susceptible to attack by third parties.

But of all the intelligence-related developments, the brewing battle between the Senate Intelligence Committee and the Central Intelligence Agency might be both the strangest and the most consequential.

The tussle revolves around the 6,300-page, $40-million report [7] by the Senate Intelligence Committee on the CIA’s use of torture during the Bush administration. The CIA classified the document, which reportedly lambastes the CIA’s use of torture for being ineffective, barring it from public release. Part of the reason the report cost so much was that Senate investigators had to travel to a special CIA facility to view the relevant documents on CIA-approved computers.

At some point, Senate investigators obtained a copy of the CIA’s internal review on the use of torture, which the CIA claims it did not intend for the Intelligence Committee’s eyes. In return, the CIA searched the computers provided to the Senate, along with a separate network drive containing Senate staffers’ work and internal messages. As a result, the Senate Intelligence Committee and the CIA have accused each other of wrongdoing; both cases now have been referred to the Justice Department.

Senator Dianne Feinstein, who has in the past been a staunch defender of the intelligence community, is hopping mad about the CIA’s actions. On 11 March 2014, Feinstein delivered a long, scathing speech [8], accusing the CIA of tampering with the Senate’s work.

The key question in the dispute revolves around who owns the computers. The CIA says it owns the computers [9]. However, Feinstein claims that the computers are the property of the Senate, and Senator Ron Wyden has backed up her claim [10], even stating that the CIA has admitted as such in a recent (unspecified) court filing. The Guardian reports that a 2009 agreement between the Senate Intelligence Committee and the CIA stated that the committee staffers’ records and the provided computers would remain their own.

The broader question is why there were documents related to torture that the Senate panel wasn’t supposed to see in the first place. But more troubling is the even broader implication for U.S. government in general.

“This is kind of death of the Republic kind of stuff,” said MSNBC’s Rachel Maddow [11], who has often served as a cheerleader of the Obama administration. And that’s not just the media talking. “I have grave concerns that the CIA search may well have violated the separation of powers principle in the U.S. Constitution,” Senator Feinstein said in her speech [12].

Even more chilling is that intelligence leaders are pushing for legislation that could criminally punish journalists [13] for publishing government leaks. “I am an optimist. I think if we make the right steps on the media leaks legislation, then cyber legislation will be a lot easier,” said outgoing NSA chief General Keith Alexander. President Obama has nominated Vice Admiral Michael Rogers to replace Alexander, but Rogers has his work cut out for him [14].

On the other side of the fence, Edward Snowden submitted 12 pages of testimony [15] to the European Parliament’s Civil Liberties, Justice and Home Affairs committee. There isn’t much new there, but it’s a fascinating read, and Snowden counters critics by stating that he attempted to address issues about mass surveillance to “more than ten distinct officials,” but his superiors ignored him. Both Snowden [16] and Julian Assange [17] of WikiLeaks held remote panels at this year’s SXSW Interactive conference. Again, nothing new, but they make for interesting viewing.

Speaking of conference panels, yours truly has been invited to moderate one at this year’s Macworld/iWorld, titled “The NSA and You [18].” We have a fantastic guest lineup: Parker Higgins [19] of the Electronic Frontier Foundation, our own Joe Kissell (author of “Take Control of Your Online Privacy [20]”) and Rich Mogull (whose day job is as a security consultant for Securosis [21]), Kim Zetter [22] of Wired, and Quinn Norton — who has in the past been embedded with Occupy Wall Street and Anonymous, and who was recently invited to speak with the Office of the Director of National Intelligence [23]. It’s sure to be a lively discussion, so swing by if you’ll be in town. And if you have questions for the panel, send them my way! In the meantime, you can watch my MacVoices interview with Chuck Joiner [24] about the panel [25].

[1]: https://firstlook.org/theintercept/2014/02/24/jtrig-manipulation/
[2]: http://uk.news.yahoo.com/mysterious-flying-saucer-slides-found-in-documents-leaked-by-edward-snowden-063618185.html
[3]: https://firstlook.org/theintercept/article/2014/03/07/nsa-advice-columnist-seriously/
[4]: http://abcnews.go.com/Technology/wireStory/us-plans-scan-workers-secret-clearances-22842685?singlePage=true
[5]: http://www.nytimes.com/2014/03/12/us/how-a-courts-secret-evolution-extended-spies-reach.html
[6]: https://firstlook.org/theintercept/article/2014/03/12/nsa-plans-infect-millions-computers-malware/
[7]: http://www.nytimes.com/2014/03/08/us/politics/behind-clash-between-cia-and-congress-a-secret-report-on-interrogations.html
[8]: http://www.c-span.org/video/?c4486712/sen-feinstein-accuses-cia-searching-congressional-computers
[9]: http://online.wsj.com/news/articles/SB10001424052702304250204579433032003802464
[10]: http://www.wyden.senate.gov/news/press-releases/wyden-statement-on-cia-search-of-computers-used-by-senate-intelligence-committee
[11]: http://www.rawstory.com/rs/2014/03/05/rachel-maddow-cia-spying-on-congress-is-death-of-the-republic-stuff/
[12]: http://www.theguardian.com/world/2014/mar/11/dianne-feinstein-cia-senate-committee-live
[13]: http://theblot.com/u-s-spy-boss-journalists-threaten-national-security-7716659
[14]: http://www.nytimes.com/2014/03/11/world/admiral-set-to-face-confirmation-to-lead-nsa.html
[15]: http://www.techdirt.com/articles/20140307/05485226476/snowden-gives-testimony-to-european-parliament-inquiry-into-mass-surveillance-asks-eu-asylum.shtml
[16]: https://www.youtube.com/watch?v=UIhS9aB-qgU
[17]: https://www.youtube.com/watch?v=ZMZzPCFJ8xw
[18]: http://www.macworldiworld.com/macworldiworld-schedule/cf832-the-nsa-you/
[19]: http://tid.bl.it/tco-online-privacy-tidbits
[20]: https://securosis.com/
[21]: https://www.eff.org/about/staff/parker-higgins
[22]: http://www.wired.com/threatlevel/author/kimzetter/
[23]: https://medium.com/quinn-norton/dbc0669aa9ca
[24]: http://www.macvoices.com/wordpress/macvoices-mv14062-road-macworld-josh-centers-leads-panel-discussion-nsa/
[25]: http://www.youtube.com/watch?v=5Nqf6EfJVdg