Passive E-Mail Monitoring Leads To Arrest
www.2advanced.net writes "The world's first arrest resulting from passive monitoring of electronic communications is being reported by Globe Technology. In the article, sources reveal that 'an e-mail message intercepted by NSA spies precipitated a massive investigation by intelligence officials in several countries that culminated in the arrest of nine men in Britain and one in suburban Orleans, Ont. -- 24-year-old software developer Mohammed Momin Khawaja, who has since been charged with facilitating a terrorist act and being part of a terrorist group.'"
I know this story is probably going to get a lot of people riled up. However, it is still my understanding that the NSA goes to great pains to avoid intercepting any communication that comes from a U.S. citizen. They are strictly prohibited from doing so.
If you are a U.S. citizen, your main privacy concerns should be with the FBI and the DoJ with their powers granted by the Patriot Act.
Actually... it has apparently been declassified:
s ting-people/200110/msg00157.html
From http://www.interesting-people.org/archives/intere
Out of curiosity I went hunting for info on the United States Signals
Intelligence Directives (USSIDs) I had to be aware of in a former line of work.
Much to my surprise, USSID 18, which outlines procedures for the NSA's
collection of data on "U.S. persons" was declassified just over a year ago.
I thought the document might be of interest to IPers, especially at this time.
An introduction, and links to the archives can be found at:
http://cipherwar.com/news/00/nsa_surveillance.htm
(From the site above:)
In the aftermath of revelations in the 1970s about NSA interception of the
communications of anti-war and other political activists new procedures
were established governing the interception of communications involving
Americans. The version of USSID 18 currently in force was issued in July
1993 and "prescribes policies and procedures and assigns responsibilities
to ensure that the missions and functions of the United States SIGINT
System (USSS) are conducted in a manner that safeguards the constitutional
rights of U.S. persons."
(And a bit from USSID 18, itself - any errors in transcription are my fault:)
SECTION 1 - PREFACE
1.1. (U) The Fourth Amendment ot the Unites States Constitution protects
all U.S. persons anywhere in the world and all persons within the United
States from unreasonable searches and seizures by any person or agency
acting on behalf of the U.S. Government. The Supreme Court has ruled that
the interception of electronic communications is a search and seizure
within the meaning of the Fourth Amendment. It is therefore mandatory that
signals intelligence (SIGINT) operations be conducted pursuant to
procedures which meet the reasonableness requirements of the fourth
amendment.
1.2. (U) In determining whether United States SIGING System (USSS)
operations are "reasonable," it is necessary to balance the U.S.
Government's need for foreign intelligence information and the privacy
interests of persons protected by the Fourth Amendment. Striking that
balance has consumed much time and effort by all branches of the United
States Government. The results of that effort are reflected in the
references listed in Section 2 below. Together, these references require
the minimization of U.S. person information collected, processed, retained
or disseminated by the USSS. The purpose of this document is to implement
these minimization requirements.
1.3. (U) Several themes run throughout this USSID. The most important is
that intelligence operation and the protection of constitutional rights are
not incompatible. It is not necessary to deny legitimate foreign
intelligence collection or suppress legitimate foreign intelligence
information to protect the Fourth Amendment rights of U.S. Persons.
1.4. (U) Finally, these minimization procedures implement the
constitutional principle of "reasonableness" by giving different categories
of individuals and entities different levels of protection. These levels
range from the stringent protection accorded U.S. citizens and permanent
resident aliens in the United States to provisions relating to foreign
diplomats in the U.S. These differences reflect yet another main theme of
these procedures, that is, that the focus of all foreign intelligence
operation is on foreign entities and persons.
With the state of current encryption systems, it is very unlikely... The best approach to break encryption is by breaking the weakest link in the protocol, not the encryption algorithm.
Once they suspect illegal activities and start an investigation, there is a lot of way to access the plain text without having to break the encryption algorithm. One easy way, is to break into the target computer and install a key logger. This requires a lot less efforts.
Note that to suspect illegal activities, they can just do some traffic analysis. If they find some pattern (an e-mail is sent from A in CA to B in the UK, then shortly after another e-mail is sent from B in the UK to C in Pakistan, then you have the same path in reverse and the pattern repeat a lot) that trigger their alert, they will monitor A, B and C a little more closely and dig a little deeper to see if it looks suspucious enough for an investigation. Then they start to do active spying and they build their case.
The passive monitoring in that case does not requires an breaking of encryption... it does not even requires to know the plaintext (if the traffic is encrypted).