Slashdot Mirror
Wired Releases Full Text of AT&T NSA Document
ifitzgerald writes "This morning, Wired News released the full text of the AT&T NSA wiretap documents that are currently under court seal. From the article: 'AT&T claims information in the file is proprietary and that it would suffer severe harm if it were released.
Based on what we've seen, Wired News disagrees. In addition, we believe the public's right to know the full facts in this case outweighs AT&T's claims to secrecy.
As a result, we are publishing the complete text of a set of documents from the EFF's primary witness in the case, former AT&T employee and whistle-blower Mark Klein -- information obtained by investigative reporter Ryan Singel through an anonymous source close to the litigation. The documents, available on Wired News as of Monday, consist of 30 pages, with an affidavit attributed to Klein, eight pages of AT&T documents marked "proprietary," and several pages of news clippings and other public information related to government-surveillance issues.'"
Wired states in the article that this isn't illegal. The gag order is only on the EFF and AT&T. So Wired are fine in posting it. Also, since the document isn't the exact document under seal but an older version, it may not constitute the final evidence given by Klein. Wired is not doing anything legally brave here: they have made sure to cover their asses.
The article fails to mention what the consequences for the EFF are though... (assuming the EFF leaked it to Wired.)
Having looked through the documents that Wired provided, I didn't see anything that should qualify as a trade secret of AT&T. The documents do list a bunch of equipment that is located in AT&T's server rooms, including the splitter that lets 'Authorized persons' monitor the data flowing through the fiber optics cable- but it doesn't say how the equipment is connected to each other or what software programs the machines are running. This data is not enough for anyone to duplicate AT&T's network, not even in a small part. The only damage AT&T can expect to receive from the publication of these documents is even more of their customers convinced that they have been letting the NSA take all their information.
You are reading a copy of my copyrighted post.
You can get the files off bittorrent here: http://thepiratebay.org/details.php?id=3487747
Bush opponents and privacy advocates have been screaming about how illegal it is (4th amendment violation), and crying over the invasion of privacy. The problem is, it's not illegal. the Supreme Court has already ruled on the legality of such issues.
The Supreme Court held in Smith v. Maryland (1978) that government collection of phone numbers called does not violate the Fourth Amendment. The Court reasoned that callers cannot have a "reasonable expectation of privacy" in the numbers they dial:
[W]e doubt that people in general entertain any actual expectation of privacy in the numbers they dial. All telephone users realize that they must "convey" phone numbers to the telephone company, since it is through telephone company switching equipment that their calls are completed. All subscribers realize, moreover, that the phone company has facilities for making permanent records of the numbers they dial, for they see a list of their long-distance (toll) calls on their monthly bills. . . .
[E]ven if [a caller] did harbor some subjective expectation that the phone numbers he dialed would remain private, this expectation is not "one that society is prepared to recognize as 'reasonable.'" . . . This Court consistently has held that a person has no legitimate expectation of privacy in information he voluntarily turns over to third parties. . . . [W]hen [a caller] used his phone, [he] voluntarily conveyed numerical information to the telephone company and "exposed" that information to its equipment in the ordinary course of business. In so doing, [the caller] assumed the risk that the company would reveal to police the numbers he dialed.
But there is no need to stop at just phone numbers. There is a ton of information collected on you by others that the government can legally obtain and use under this ruling. Consumer data has become so valuable that companies known as data aggregators buy entire data banks from credit card companies, hotel chains, phone companies, etc., mix them with publicly available data from phone books or title companies and then sell access to their mega-database to marketing analysts seeking a comprehensive view of the American consumer.
Anyone with enough cash can find out what someone's mortgage payments are, what restaurants he frequents, what debts he owes and where he banks, whether he subscribes to American Rifleman or Martha Stewart Living, and whether he's more likely to visit Graceland or Greenland, among a thousand other features of his life. Acxiom, for example, the US's largest data aggregator, has 20 billion customer records covering 96 percent of U.S. households. That's a ton of data about you, me, everyone.
The Supreme Court has repeatedly said that the government may obtain business and other records held by third parties without warrant or probable cause, because those records are no longer private . Law enforcement officials may subpoena records, or request that they be provided voluntarily, or may simply purchase data repositories on the market like any other player in the digital economy.
Got that? The NSA could buy records from Acxiom (and all the other aggregators) and mine the shiznit out of it for whatever they want and it's all perfectly legal. From these third parties, they could know an astonishing amount about any one of us. I mean a breathtaking amount. Add in programs like Carnivore and Echelon (and probably and hundred other still classified ones) and you can be sure if the government wants to know everything there is to know about you, they know it. And they got it all legally.
If you don't like that, I can understand - I'm not sure I do either and it would be healthy to have a debate over that topic. However, constantly insisting that laws were broken only shows that you've never put any thought or research into the position you've taken and exposes you for a fool that is probably best ignored.
And for that, I have incredible respect for their editors, allowing such actions to continue, indeed showing that they are willing to take a stand against the assault on press freedoms that have been a regular marching call of the current administration.
Not that I didn't have a lot of respect for Wired before... but if there is a preemtive legal fund, let me know where to contribute.
I know /. probably isn't the right place to say "Thank You" to Wired, but I'll do it here first, and then email them next.
Excuse my speling.
Making The Bar Project
Good job reading the cover page. Next time, try reading the full article, which continues on with:
... document ... lists the circuit IDs of key Peering Links which were "cut-in" in February 2003, including ConXion, Verio, XO, Genuity, Qwest, PAIX, Allegiance, AboveNet, Global Crossing, C&W, UUNET, Level 3, Sprint, Telia, PSINet and Mae West.
Another
MAE-West is the main interconnect for backbone providers on the west coast. Another key interconnect on the east coast (MAE-East). Klein's document provides solid information that this "secret room" setup was being duplicated at many other AT&T locations, and AT&T is (of course) a member of the MAE-East exchange as well.
So yeah, they are tapping into pretty much all of the US-based internet.
Now, you were saying something about mindlessness?
Actually, AT&T owns a big portion of the backbone lines. There's a good chance that, pretty much no matter where your packets are going, they hit an AT&T controlled line at some point.
Everything I need to know I learned by killing smart people and eating their brains.
Don't you realize that ATT is a backbone, and that a whole lot of the world's internet traffic passes over ATT fiber? They're capable of sniffing a hell of a lot more than their own WorldNet service...
Thanks to the War on Drugs, it's easier to buy meth than it is to buy cold medicine!
Since I don't know how long this will be up at Wired, I have mirrored it on my site at http://jaduncan.net/mark-kleins-att-statement-in-t he-eff-case
The HTML and the PDF are both there, and all in one page since I don't have to care about ad views. And no, a nastygram wouldn't make me take it down.
"To any truly impartial person, it would be obvious that I am right."
The ACLU would disagree with you
If someone doesn't want information about a crime committed out in the open
Not all information is relevant to the commission of an alleged crime. Oops, sorry. In this case what you were doing was legal but you won't be able to do it anymore since the folks who actually were committing a crime have changed their tactics.
Treason is treason, and violating one's oath to uphold the Constitution is treasonous
RTFM. Go back and read the Constitution again. Look at Article III, Section 3.
If someone had a program in place to identify and prosecute those who would injure American citizens, and someone else decided to render that program unusable, whom do you think would be more likely guilty of treason?
I never want a judge or a federal official telling me what I can and can't say. Ever. I don't care what people think their right is in a fair trial, but my right to speak my conscience or reveal information about others should be protected from government infringement.
I disagree. You can say whatever you want, but be prepared to face the consequences. Many of the laws restricting speech serve a very necessary purpose. Here are some examples:
There are plenty of other legitimate reasons to limit free speech. I'm less convinced of the need for "trade secrets" and certainly it does not trump revealing political corruption and illegal actions by government officials (the most highly protected form of free speech). In this instance there is little to no justification and the executive branch has absolutely no authority to suppress this speech because of national security concerns.
The immorality of what the NSA and AT&T have done is worse that the illegality of it. I see no reason why the ultimate penalty should not be paid by the government officials who created this beast. Treason is treason, and violating one's oath to uphold the Constitution is treasonous.
I'd argue that what they are doing is illegal and unethical, but not necessarily immoral. But it is the letter of the law that needs to be upheld to insure that we continue to be a nation of law. I would also consider these people to be oathbreakers, violating their oaths to uphold the constitution, but then, so is pretty much every member of congress and every person in the armed forces. The constitution and bill of rights is just a speaking point these days, and is in no way enforced. The federal government is just what the founding fathers tried to prevent. The issue is what to do about it. In this day and age of mass media can an opponent win on the reform platform? I thinks so, but without a lot of money behind them and certainly not from within either mainstream political party.
Having just read through the documents, and being a network operator for a small network, this looks exactly like the installation thay ANY large network provider would implement to comply with the Lawful Intercept program mandated in CALEA.
I suspect it was regulatory compliance and security budget that funded this installation, but it is a little "above and beyond."
The whistle-blower, Klein, so far doesn't seem to have produced any evidence that AT&T and the NSA are actively spying without court orders, just that they could.
I agree, but this does look very suspicious and it is certainly worth investigating. We were commanded to be "eternally vigilant" against our own government. This should be investigated and NSA files and procedures reviewed to determine just what is occurring. I see no national security reason to keep this secret (aside from, possibly, the contents of some actual intercepted communications).
This is wrong, they can only read traffic that[sic] has been routed over their network, generally that means only traffic to, or from, one of their customers, as required by CALEA.
I take it you've never heard of transit traffic?
The major Internet backbone links are OC-192 and higher, the Narus system described in the document could only handle up to OC-48 (1/4 the speed of OC-192 circuits).
Yup, at any given time, although I doubt AT&T has their connection constantly maxed out, so we don't know the real traffic rate percentage this can monitor. We also have no idea what the capacity of the storage they are using for forensic analysis of this data is, nor how long they are keeping it. Hopefully the average load, the regexps matched (at least in general), and the procedures in place will shed some light on this.
Or at least that is the way NSA and the administration perceive the rules for foreign intercept.
The courts have not yet ruled on this (and I suspect they will find the NSA in violation) and I think the "reasonable expectation of privacy" of the average citizen is pretty clear here.
Another potential reason for NSA cleared individuals having access to the rooms is that NSA performs security clearance screening for telecommunications related lawful intercept employees.
That seems more than a little far-fetched to me.
In my mind, I don't know what they were doing, but I think the circumstantial evidence is rather strong. The problem is, I don't trust that a proper investigation will be performed, given the current and obvious corruption of our government. I would like to compliment you, however, on at least providing some of the only rational discourse in this thread.
Is now a good time to point out that Wired News and Wired the deadtree magazine are really separate entities? I'm not sure how much Wired News will notice your support by magazine subscription *shrug*
Build Your Own PVR/HTPC news, reviews, &
Most famously, there are the Pentagon Papers. In 1971, the New York Times published excerpts of Department of Defense documents leaked by Daniel Ellsberg. Roughly, the documents showed that the government had lied about the Vietnam War. The US government obtained an injunction against the Times, on national security grounds. The Supreme Court later overturned the injunction, but the decision, as my not-a-lawyer brain understands it, did not make it clear when the press can get away with this sort of thing.
This is not perfectly analogous to the current situation, because it is AT&T's documents that are being leaked, not the government's.
to quote hey!:
Which is why we've had such as bumper crop of semantic creativity out of Washington around the definitions of "unlawful combatant", "torture", "war" and "domestic surveillance". One way to change the law and the Constitution is alter the language out from under it.
FYI - The phrase you are looking for is "newspeak".
If you don't think this is Orwellian, just RTFA. Then think about what you could do with that hardware.
"I'm just here to regulate funkyness." - James Gandolfini, as Winston in The Mexican
>Let us all keep in mind that everything going on with the NSA is perfectly LEGAL.
SecurityFocus columnist Mark Rasch thinks the pen register statute applies, forbidding the collection of call records with a court order or a FISA warrant. His opinion is also that even with a warrant the surveillance has to be targeted. One loophole might be that the phone companies keep this kind of data as an inevitable part of their operations and can share it if they choose -- but 18 U.S.C. 2702(a)(3) forbids them to turn it over to the government. Customer Proprietary Network Information (CPNI) is also protected under 47 USC 222. Then there's the issue of breach of contract, or fraud, from the telcos violating their privacy policies. The remaining wiggle room is not enough to say "perfectly legal", let alone "perfectly LEGAL".
Mark Rasch is a former prosecutor and holds a Juris Doctor degree. He's former head of the Justice Department's computer crime unit.
While I'm not a Libertarian, and I don't have much use for the Ayn Rand crowd, I don't find it' particularly helpful to view Libertarians as strictly right-wing.
Viewing political ideologies as left-right is too simplistic. I like the Nolan chart or other spectrum approaches better.
Interpret that as you will. I will point out, however, that constitution limitations on the scope of a treason charge did not prevent lilly-levered members of congress from defining certain other acts as sedition.
Which of course makes it possible for the creative crypto-designer to work around this particular device type, if necessary. But I would think that any reasonably encrypted channel is immune to this automatic filtering.
Here is a good blog entry on the technical aspects of the AT&T-NSA scandal.