New light on NSA spying

*A former Internet expert for the FCC concludes that a secret AT&T installation was most
likely used for government surveillance.*

*By Kim Zetter*

Jun. 23, 2006 | A federal court in California released a previously sealed 40-page
document on Thursday in the Electronic Frontier Foundation's lawsuit against AT&T, which
bolsters allegations that the telecommunications giant built secret rooms to allow the
National Security Agency to conduct widespread surveillance of Internet traffic. The
document also paints a detailed scenario of how the NSA may be conducting the top-secret
operation, which closely matches information given to Salon
<http://www.salon.com/news/feature/2006/06/21/att_nsa/> by a former AT&T employee who
worked at the company's network operations center in Bridgeton, Mo.

The document, <http://www.eff.org/legal/cases/att/marcus-decl-redact.pdf> a statement by
J. Scott Marcus, a former senior advisor for Internet technology to the Federal
Communications Commission, was filed under seal on April 5 on behalf of the EFF to
support its class-action suit against AT&T, which alleges that the company violated a
number of federal laws in aiding the government's domestic spying operation against AT&T
customers. The court sealed the document because it contained proprietary AT&T
information, then ordered AT&T and EFF to work together to produce a redacted version to
place in the public record, which they did on Thursday.

EFF asked Marcus to examine records from a former AT&T technician in California named
Mark Klein that describe how AT&T reconfigured its network in San Francisco and installed
special computer systems in a secret room, allegedly to divert and collect Internet
traffic to help the NSA conduct warrantless surveillance. Were the records authentic and
was it feasible that they described a government surveillance program, or could the
reconfiguration and systems have been put in place for more innocuous uses?

Marcus concludes in his statement that the documents are authentic and, after considering
a number of possible reasons for the reconfiguration -- such as legitimate network
monitoring and maintenance -- writes that the system AT&T installed in a secret San
Francisco room, and likely other cities, was "exceptionally well suited to a massive,
distributed surveillance activity" and that "no other application provides as good an
explanation for the combination of engineering choices that were made."

He considered that the system might be set up to accommodate lawful traffic intercepts
under the Communications Assistance for Law Enforcement Act, but deemed this not a
credible scenario, since there are far simpler and less expensive solutions for meeting
CALEA, which required Internet service providers to make their networks wiretap-ready. He
also concludes that given how cash strapped AT&T was in 2002 and 2003 when the expensive
changes and additions to the system were made, it is "exceedingly unlikely" that AT&T
financed the project on its own. "I therefore conclude that it is highly probable that
funding came from an outside source, and consider the U.S. Government to be the most
likely source," he writes in the document.

Over several pages that are redacted at key points, Marcus discusses technical details in
the Klein documents that have previously been unavailable. (The Klein documents are under
seal, and although some of them have made it to the Internet, others, judging by details
revealed by Marcus, have never been made public.) According to Marcus, the Klein
documents refer to a "private ... backbone network, which appears to partition from
AT&T's main Internet backbone." This suggests the presence of a private network, Marcus
writes, whose existence is "not consistent with normal AT&T practice."

"The most plausible inference is that this was a covert network that was used to ship
data of interest to one or more central locations for still more intensive analysis,"
Marcus writes.

The most interesting aspect of the Marcus statement is the clear, though speculative,
scenario he provides for how the National Security Agency is likely conducting its
surveillance and data collection through that network. Marcus, currently a consultant
with WIK-Consult GmbH in Bad Honnef, Germany, was unavailable for comment. But in the
statement, he suggests that the secret San Francisco room is connected to two separate
networks -- the regular commercial network on which e-mail, Web surfing and voice-over
Internet Protocol traffic runs, and the second private, covert network that is
partitioned off from the regular network and is used to divert traffic that has been
copied and sent back to a central collection place. He suggests that massive amounts of
data are collected at 15 to 20 locations around the country, where it is automatically
screened and winnowed down to only "data of interest" by a special system installed in
San Francisco (and likely elsewhere) before it is shipped off to one or two central
collection points, where it is processed by powerful computers and analyzed by skilled
staff.

This agrees with what several sources told Salon this week. A former AT&T network
technician who is well acquainted with AT&T's common backbone and asked to remain
anonymous, told Salon about a secret, heavily secured room located in AT&T's Bridgeton
facility, where the company runs its technical command center from which it manages all
of its backbone. From that facility, the company could send commands to any of its 1,500
to 2,000 routers around the country to filter and divert traffic from those locations. To
do that, the technician said, AT&T would need to physically place network "sniffers" at
key points in the company's backbone. "There are 10 or 15 data centers located in major
cities around the country," he said. "So they would need to stick [a sniffer] in each of
those data centers to capture all the information." Then the company could easily send
commands from the Bridgeton room to the routers in those locations. The commands would
indicate what data to collect and where to divert it afterward.

Marcus writes that although the configuration in San Francisco was deployed in early
2003, given AT&T processes, the planning for it was probably underway six to 12 months
earlier. This coincides with the timing of the Bridgeton Network Operation Center, which
was put in place about eight months before the San Francisco room was configured and was
the place from which the work order for the secret room in San Francisco originated.

The Bridgeton room, guarded with a high-tech mantrap with retinal and fingerprint
scanners, is restricted to government workers and AT&T employees with top-secret security
clearances and is likely just used for remotely monitoring and maintaining the secret
rooms around the country and sending commands. Russ Tice, a former NSA officer and senior
analyst until last year, told Salon that the data once collected is probably not sent to
Bridgeton but instead is diverted to an NSA facility where powerful processing equipment
can analyze it.

As for the kind of data collected, Marcus infers from the Klein documents that the
configuration in place in San Francisco would enable surveillance of "both overseas and
purely domestic traffic." But the Klein evidence suggests that only "off net" traffic was
being collected in San Francisco at the time the documents were written. "Off net" refers
to traffic sent between AT&T customers and customers of other ISPs; "on net" traffic is
sent strictly between one AT&T customer and another AT&T customer.

Still, this amounts to a lot of data, Marcus says. It would mean that any traffic that
passed through AT&T's network from another ISP or network would be intercepted. He
suggests the possibility, however, that authorities could conceivably weed out domestic
traffic to collect only international traffic exchanged between an AT&T customer and
noncustomer, given that software programs exist that can help distinguish domestic
Internet traffic from traffic that travels from outside the United States. But he writes
that even with such weeding, some purely domestic traffic would likely slip through the
filter.

A hearing on the EFF lawsuit against AT&T is being held in San Francisco Friday to
determine whether the case should be thrown out. The Department of Justice has interfered
in the case, calling on the court to dismiss it on grounds that national security secrets
would be exposed if a trial were to proceed.

"The Department of Justice has interfered in the case, calling on the court to dismiss it on grounds that national security secrets would be exposed if a trial were to proceed."

You can bet there ARE some secrets that the government doesn't want to leak out — THEIRS.

"national security secrets" = catch-all *justification* for our overreaching government to do whatever the hell it feels like doing; individual citizens' rights be damned

(Is there an emoticon available for cynicism and disgust?)

ATT's defense: "We did it for Nixon, too."

(Is there an emoticon available for cynicism and disgust?)

I suppose there should be one. There definately is an emoticon available for these kinds of articles.

Sure hope the outcome is the same as Nixon's.

National Security, Terrorism and Child Porn are all things our government needs to be concerned with.

When these terms become the root password bypassing the Constitution then the people need to be concerned with the government and how it is conducting its affairs. Vigilance is mandatory.

The same people who whave sworn an oath to uphold the Constitution now regard it as an obstacle to their agenda.

''The same people who whave sworn an oath to uphold the Constitution now regard it as an obstacle to their agenda.''

These same people that see it as an obstacle just change the rules to suit their agenda.
DISCLAIMER: This is just my opinion and should not be used for any other purpose.

They don't change the rules, the Constitution
while a living document is still pretty static in intent. They reintrepret the rules vis a stacked
SCOTUS. A subtle but important difference.

The seperation of powers invoked by our founders was a wonderful idea, practical to this day. Usurping it is not in our interest imho.

A perfect example would be " to secure for limited times to authors and inventors the exclusive right .. " etc. The foundation of copyright was a bargain between creators and the public domain. The publishers have bought our "representatives" and convinced SCOTUS to make this mean 'limited times'
means until Mickey Mouse goes out of copyright and Disney fails to pay us, 'authors and inventors' means the rights holders who extort as much as possible from the actual artists involved and the public domain? What public domain? We want to get paid and if that makes funding laws to make the everyday activities of 60 Million Americans illegal then so be it.

Alternatives are evolving between the artist and fan and the RIAA is not involved. At all.

Yes I realize this thread is about the executive
branch and my example was about the legislative and judicial branches but SOP is nonetheless important. What happens when Bush declares IP 'theft' economic terrorism?

"reinterpreting the rules through a stacked SCOTUS"

executive orders (new laws unilaterially written by the President and his staff)

sacrificing individual liberties for national security

the devious practice of 'paperclipping'

lobbyists and influential 'contributions' to legislators

exorbitant financial costs of campaigning (preventing many potentially good people from running for office)

politically groomed and well-funded primary candidates for state and national offices

(This is a partial list of things that work against government of, by, and for the people. All of them are alive and kicking in America.)

Also, the signing of international treaties which can have the authority to supercede a portion of our sovereign Constitution.

It's no wonder our system of government has been largely hijacked away from its citizenry.

Personally Im against membership in the United Nations... http://www.ncoic.com/un_usa2k.htm
and from http://www.petitiononline.com/usdeclar/
"we...
Demand the immediate removal of all foreign troops stationed on the sovereign soil of the united States of America.

Demand that the War Powers Act, the Emergency Powers Act and the Federal Reserve Act be rescinded.

Demand an end to the unconstitutional practice of Executive Orders which carry the force of law, and a rescission of all such Orders.

Demand any acts and agencies derived from the War Powers, Emergency Powers or Federal Reserve Acts or Executive Orders be dissolved.

Demand an immediate rescission of the "National Emergency" maintained in this nation by Executive Order.

Demand the immediate removal of the united States from the foreign body known as the "United Nations".

Demand an end to all United Nations funding both military programs and all other UN programs.

Demand a rescission to all acts, and legislation that in any way infringes on the right to keep and bear arms.

Demand a rescission to all acts, legislation and agencies that exceed the powers described in the constitution according to the 10th amendment..

Demand that all educational concerns be returned to the several states directly and that all federal involvement in the same cease.

Demand all local government and educational institutions to disavow the blackmail and social restructuring of federal funds. "


On a more positive note; somewhere I read that the NSA refused to hand over evidence of drug usage to the FBI because the information was collected under the Anti-Terrorist spying efforts. Smoke em if ya got em