NSA Official Uses LiveJournal-Like Board To Brag About 'Hunting SysAdmins'
from the one-way-to-do-things dept
The latest news from The Intercept involves yet another Snowden leaked document, in which an NSA official uses what certainly looks like LiveJournal (complete with “current mood” lines at the end of posts) to informally and gleefully discuss targeting sys admins in order to get access to the networks they maintain. It’s not a secret that the NSA does this. That became clear last fall, when earlier Snowden docs revealed how GCHQ and NSA had targeted a Belgacom sysadmin to get access to important Belgacom clients, including the EU Parliament. What’s interesting here is the breezy dismissive discussion by this NSA guy — and the fact that it looks like LiveJournal really gives you this parallel universe view. The tone and arrogance on display isn’t particularly different from various private sector hackers. It’s just that this guy has access to more powerful tools and the government behind him. Take, for example, this early post in which he brags about how totally cool it is that the NSA collects way more data than it needs:
As The Intercept report notes, the guy admits that he targets sysadmins merely as a means to an end — to reach the people who use various systems. But, there’s no indication that he avoids targeting American sysadmins (he does limit his focus to those outside the US, but the NSA isn’t supposed to track even Americans outside the US). The NSA guy talks about how he basically goes fishing around to find sysadmins’ non-work emails (preferably Facebook accounts) to then make use of the NSA’s QUANTUM injection techniques. He notes that you can go after official addresses, but it’s much harder to trick sysadmins that way.
Either way, the rather cavalier attitude towards hacking into sysadmins’ accounts should raise some eyebrows.
Separately, I’m sure some folks will note that the slides appear to have a stamp on them that say “Copyright! Do not reuse this image!” Apparently that was in the original image (not added by The Intercept). The Intercept does note that this guy had been a contractor before joining the NSA. If he was a contractor when he wrote this, even thought it was written for the government, then he could claim a copyright over it. However, if he was an employee of the NSA, then as a work of the federal government, he could not. Of course, either way it doesn’t matter. If he actually did have the copyright on it, he’d have to reveal himself as the copyright holder (the Intercept keeps him anonymous) and do something about it (issue a takedown, sue, etc.). It seems unlikely he’d expose himself in that manner. Also, media publications discussing the documents also would have a fairly strong fair use defense to any such claim (and, further, it’s almost 100% certain that he did not register the copyright, meaning he’d be limited to just actual damages, of which there are unlikely to be… well… any). All that is kind of a meaningless ramble over something that won’t happen, but figured we might as well cover it since we often talk about copyright issues here too.
Filed Under: livejournal, nsa, surveillance, sysadmins
Comments on “NSA Official Uses LiveJournal-Like Board To Brag About 'Hunting SysAdmins'”
And of course, inspecting packet headers going to and from these routers is just metadata, so no big deal right?
Re: Re:
Also, how do they get access to all those packets into and out of those routers?
“just plain awesome”, “downright cool”
How old are these kids?
They disgust me.
Chilling
With the other documents, there was at least a pretense of professionalism. With this, there is none. This is just a pure expression of joy at being able to spy for the sake of spying. To see something like this written, with not one iota of the gravity of the actions, indicates a culture and mindset that the infamous “smiley face” only hinted at. A culture and mindset that is fundamentally at odds with the notions of freedom and liberty.
This document sends more chills up my spine than any of the others I’ve seen yet.
Re: Chilling
Is a reference to the Stasi too close to Godwin’s Law for comfort?
If you can't beat them...
join them.
all they have proven
is they are traitors
But it's so hard!
It’s so hard to get those warrenty things and just spy on bad guys. It’s really hard!! It makes us want to go poopy. 🙁
Lies and Truths
“We don?t have the technical insights in the United States. In other words, you have to have something to intercept, or some way of doing that either by going to a service provider with a warrant or you have to be collecting in that area. We?re not authorized to do that, nor do we have the equipment in the United States to collect that kind of information.”
– Gen. Alexander
“One of the coolest things about it is *how much* data we have at our fingertips. if we *only* collected the data we knew we wanted… yeah, we’d fill some of our requirements, but htis is a whole world of possibilities we’d be missing!”
– Random immature NSA employee
Perfected cynicism
He’s a perfect example of a mind-set I’ve discussed elsewhere.
People in the NSA aren’t like you or I. If I became suspicious of John Doe, I would look at various information and make a decision as to whether or not my suspicions are founded. For people of this mindset of this NSA author, they look at all the data they have related to John Doe…and if they find nothing to confirm their suspicions then that is proof that they do not have enough data. These people are perfected cynics.
Because they must have “all data” to confirm their cynical suspicions, it is useless to assume that the national security apparati acquire anything less than what it is feasible (technically and financially) to acquire. Figures I did, and similar figures by Brewster Khale establish it is feasible technically and financially for the NSA to record all phone calls in the United States (and even the world, now) and to keep the recordings permanently.
Therefore, they are doing so: Assuming anything less fails to take into account their mindset. Which is always to keep everything, and keep it permanently.
After all, you never know when John Doe’s guilt will be confirmed by something his great granddaddy said in a phone call.
Just in case you were wondering
That copyright tag was actually appended by the NSA source, not the first reporter (The Intercept) or Techdirt.
It’s extremely hilarious because government employees cannot copyright their work.
Re: Just in case you were wondering
We discussed all of that in the final paragraph.
I'd like to know who this is
Because this asshole is attacking my family.
How? Like most system admins, I don’t work a normal 40-hour week. I work whatever’s necessary, and I do some of it from home…from my own computers…on my own network…which I share with my family.
So when this asshole gleefully owns one of my systems, he’s got access to pictures of my children. He can reach my wife’s computer. He can see the sites my kids access, which means he can quickly figure out where they go to school. In his arrogance and hubris, he’s vacuuming up a LOT of date not just about me, not just about the systems and networks that I run, but about MY FAMILY.
I don’t even have the words to express my rage at this asshole and the threat he represents. He’s probably a serial rapist and a violent pedophile: he’s certainly a sociopath.
Re: I'd like to know who this is
Never mind him. Think about who employs this useful idiot.
Re: I'd like to know who this is
And this is what average_joe and darryl consider due process. Shameful.
Re: I'd like to know who this is
@AC10:12
Your post just turned on a light for me. After reading the story I had thought to myself, what kind of system admin has a Facebook account? I would have thought it would be fairly unusual, but in a family situation it certainly wouldn’t. And regardless of that, working at home and having your family involved does put an even more disgusting slant on the operation.
Wait a minute, if the government never lies and it says that they are not violating privacy but this guy also works for the government and he brags that they doOOOOOOOERRORLOGICALCONTRADICTION(;56^%^|?.’b?&,,!??
The slang is generic computer nerd slang from across several generations of computer nerds. While I don’t like the targeting of innocent people, I would caution against us from vilifying the language he used. This is nerd speak, and most of us here are nerds.
Re: Re:
It’s not generic nerd-speak. It’s language used primarily by two nerd subcultures: certain gamers and script kiddies. Further, this is adolescent language that is generally shed when maturity sets in.
I’m guessing, given the context, that the subculture in play here isn’t gamers.
General Benedict Arnold offered but failed to surrender West Point to the British. – Traitor.
General Keith Alexander offered and succeeded in selling one of our constitutional rights (the 4th amendment) to the British. – _______.
Fill in the blank.
Got to wonder what old General Washington would have thought of Keith.
This isn’t just something that looks like LJ: unless I’m very much mistaken, it’s the actual LJ platform or a very close variant. Which is open source, so that’s the one thing they haven’t done wrong.
NSA Official Uses LiveJournal-Like Board To Brag About 'Hunting SysAdmins'
http://www.slate.com/articles/arts/everyday_economics/2004/05/feed_the_worms_who_write_worms_to_the_worms.html
Long overdue. Time to make the United States a better place.
What’s the fuss? Spy agency targets admins. Seems like no brainer to me. That is their job. The only shocking part is that Petrobras or Belgacom would hire as admin someone who uses Windows and Facebook. Then they deserve to be nuked.
Missing part here is the usage of snatched data. If NSA shares it with, say Exxon or ATT, then we have serious problem of public agency being used for private greed.
When Bush was about to attack Iraq, NSA nuked all prospective hostile websites inside and outside USA. I see this issue missing from GGreenwald story.
Re: Re:
Missing part here is the usage of snatched data.
It will be used for whatever their political masters want, and they are owned by the corporations.
Re: Re:
“What’s the fuss? Spy agency targets admins. Seems like no brainer to me. That is their job.”
If those admins are in the US then it is not part of their job. In fact, it is specifically part of their job to not do it, since it’s against the law.
For sysadmins outside the US, it is imperative that they know they’re being specifically targeted so they can defend against it.
American Sysadmins
Where does it say that he targeted American sysadmins? Maybe I missed it, but I didn’t see that specified. Given that it’s contrary to law, why assume that he did.
Consider an analogy. If I said that I eat meat (actually, I do), would you then assume that I illegally eat human flesh?
Re: American Sysadmins
I assume they target US sysadmins because why wouldn’t they? They don’t have a problem targeting us citizens in other programs. In your analogy, they’ve already been caught eating human flesh in other recipes. Why would they avoid it in this one?
NSA Official Uses LiveJournal-Like Board To Brag About 'Hunting SysAdmins'
Does no-one else think this is just a bit too conveniently, blatantly, cartoonishly arrogant? The language is too open not to be considered as a possible JTRIG plant. It reads like a statement from a Bond villain written by a 10 yr old. This gets out, gets published, then the snoops and their shills get to discredit it quickly, easily & truthfully (just so they can try that on for a few minutes) and by spurious association undermine other information published on the same site. They are targeting sysadmins, there’s no reason to doubt that, a tactic it’s hard to imagine any impartial court finding legal under any circumstances, so efforts to discredit information that they’re doing so is credible as a priority for them.
It just reads kinda phoney to me.