ISP CEO Explains What Happens When The NSA Shows Up At Your Door
from the police-state dept
As a bunch of folks have been sending in, Buzzfeed has the incredible story from the CEO of independent ISP XMission, Pete Ashdown (who, by the way, has also run for Senator in Utah, and has a really good take on copyright law), talking about what happened when the NSA knocked on his door. Ashdown talks about how the company deals with various law enforcement warrants it gets, and how what they get from the FISA court is different, because, as he notes, "I have a hard time with secret courts." However, the time they got one -- with an order to monitor one single customer -- his lawyers told him they couldn't fight back, and the NSA said that they needed to install their own box on his network.It was also different [from other warrants] because it was for monitoring. They wanted to come in and put in equipment on my network to monitor a single customer. The customer they were monitoring was a particular website that was very benign. It seems ridiculous to me. It was beyond absurd. It wasn’t like a guns and ammo website.He talks about employees asking about it, and him not really being able to tell them. He also notes that the whole thing was totally open-ended, with the NSA never saying when the monitoring would end. He also notes that there's more he could tell, but it would likely violate the gag order (in fact, he wonders if what he wrote for Buzzfeed violates the gag order already). Ashdown, then, rightly points out just how ridiculous this gag order is:
They came in and showed me papers. It was a court order from the FISC (Foreign Intelligence Surveillance Court) for the intercept, with the agent’s name… and the court’s information. I think it was three or four pages of text. They wouldn’t let met me copy them. They let me take notes in regards to technical aspects of what they wanted to do.
We had to facilitate them to set up a duplicate port to tap in to monitor that customer’s traffic. It was a 2U (two-unit) PC that we ran a mirrored ethernet port to.
[What we ended up with was] a little box in our systems room that was capturing all the traffic to this customer. Everything they were sending and receiving.
These programs that violate the Bill of Rights can continue because people can’t go out and say, “This is my experience, this is what happened to me, and I don’t think it is right.”He notes that this particular monitoring experience ended about two years ago, and he wonders if he'll hear from them for talking about the experience, but he's willing to face up to that. Of course, there are very, very few ISP owners who are willing to stand up and talk like this. Beyond Ashdown, the short list includes Nicholas Merrill and I'm not sure who else. If more internet companies were willing to speak up, it would help bring more clarity to what's going on, even if they faced some significant backlash in doing so.
There is absolutely [a] need for secrecy when you are dealing with a criminal investigation. You don’t want to tip off criminals being monitored. But you can’t say, “You can never talk about this ever, for the rest of your life.”
The FISA court should be a public court, and documents should be sealed for a set period of time, [to] let people audit the actions later.
Also, wouldn't it have been really nice if Ashdown had won his Senate race last time around and been in the Senate right now instead of Orrin Hatch. While all these surveillance stories have been going down, what has Hatch been up to, other than trying to give his friends in Hollywood more power to negotiate trade agreements that benefit themselves?
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: black box, fisa court, gag orders, nsa, nsa surveillance, pete ashdown, secrecy
Companies: xmission
Reader Comments
Subscribe: RSS
View by: Time | Thread
has a really good take on copyright law
[ link to this | view in thread ]
Other people, they give envelopes of cash. Or stock options.
And then pieces like this create ambiguity. NSA had what passes for legal authority, and only one person tapped, so actually the notion of all being legitimate and limited is planted, instead of the "police-state" sub-title...
[Call me contrarian if you like, but I am no contrarian.]
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: has a really good take on copyright law
[ link to this | view in thread ]
Re: Other people, they give envelopes of cash. Or stock options.
Actually agree with you on this point, apathy, like entropy always increases
[ link to this | view in thread ]
If he had won his race for Senate, I wonder if he could have talked about his experience on the floor of the Senate.
[ link to this | view in thread ]
Placing a piece of equipment within an ISP?
Presumably this device has to initiate its own 'phone home' to the NSA mother ship?
Might it be generating other local traffic within the ISP's network in addition to or instead of capturing it?
Might it be snooping on all packets it can intercept? (This is mitigated by use of switches instead of hubs.)
Is the device attached on an ethernet port that has only that customer's traffic?
If it is a mirror port on the same switch as the customer, can the NSA possibly manipulate the switch to 'mirror' other traffic that is not covered by the warrant?
While NSA creatures are on the premises, can they potentially sneak in other equipment not authorized by the warrant? Are they carefully watched at all times?
Is there other intelligence information the NSA could learn merely by visiting an ISP's property that could enable them to later penetrate the ISP's network? (Make / model of various equipment. More information about internal network layout than might generally be published by the ISP.)
Is this device an internal 'beachhead' within the ISP from whence attacks can be launched? Can attacks be launched that leverage the ISP's own equipment and infrastructure to gain unauthorized access to data not described in the warrant and materials represented to the owner of the ISP?
How many ways can this process of putting a piece of equipment at an ISP be abused?
[ link to this | view in thread ]
WTF?
No wonder the Ex-CIA/NSA boss is so psychotic. They have set up themselves as the "guards" of the world, with everyone else in the world as the "prisoners" in a huge "jail" game.
[ link to this | view in thread ]
1 word
[ link to this | view in thread ]
Third and Fourth Amendments anyone?
3. No Soldier shall, in time of peace be quartered in any house, without the consent of the Owner, nor in time of war, but in a manner to be prescribed by law.
4. No person shall be held to answer for a capital, or otherwise infamous crime, unless on a presentment or indictment of a Grand Jury, except in cases arising in the land or naval forces, or in the Militia, when in actual service in time of War or public danger; nor shall any person be subject for the same offense to be twice put in jeopardy of life or limb; nor shall be compelled in any criminal case to be a witness against himself, nor be deprived of life, liberty, or property, without due process of law; nor shall private property be taken for public use, without just compensation.
How is the NSA's "telepresence" functionally different from and NSA "soldier" actually being there?
Is the NSA compensating for electricity, cooling and bandwidth of their telepresenced agents(s)??
.
[ link to this | view in thread ]
Re: Third and Fourth Amendments anyone?
As to the quartering argument, the NSA will probably claim it is part of a "War on Crime". Their actions are actually prescribed by law. (Which is why this is so scary to most of us; it would be far easier to deal with rogue agents breaking laws, than a systemic corruption of civic liberties.)
[ link to this | view in thread ]
Re: Re: Third and Fourth Amendments anyone?
I think it would be reasonable to interpret "war" as used in the Constitution as a war declared by Congress. This means the US has not been at war since World War 2 ended.
[ link to this | view in thread ]
My response to Mikey's denial: http://www.techdirt.com/articles/20130716/16411823827/judge-aereo-case-was-decided-incorrectly-becau se-i-dont-like-previous-ruling.shtml#c2298
Will Mike ever address directly why all my posts were being routed to the spam filter? Stay tuned!
[ link to this | view in thread ]
Response to: Anonymous Coward on Jul 22nd, 2013 @ 5:05pm
[ link to this | view in thread ]
It's a huge slap in the face to the founding fathers and what this great nation used to stand for.
[ link to this | view in thread ]
Re: Third and Fourth Amendments anyone?
So, how about #8? ("Excessive bail shall not be required, nor excessive fines imposed, nor cruel and unusual punishments inflicted.")
[ link to this | view in thread ]
Re: Re: Third and Fourth Amendments anyone?
What about the crime they're committing by violating the Constitution? There is no exception stating that the government may override our rights for security, because the framers knew that the only possible reason to try and infringe our rights is to take them away. Ironically, despite their "security" claims, this puts us in far greater danger.
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re:
> being routed to the spam filter? Stay tuned!
Why is spam routed to the spam filter? Because nobody wants your spam.
[ link to this | view in thread ]
Re: Other people, they give envelopes of cash. Or stock options.
Still as he said the site was benign or something. I'm willing to bet it's some kind of critical of the Govt or some religious site focused on Islam.
Overall there's a lot of wisdom in your comment. It may as well be the case.
[ link to this | view in thread ]
ISPs
Here in my section of Michigan we have either Comcast or satellite. That's it.
In the words of Bobby Singer, "Balls!"
[ link to this | view in thread ]
Re: has a really good take on copyright law
[ link to this | view in thread ]
Patriotic Disobedience
[ link to this | view in thread ]
What about it?
Good ol' #8. Sounds good, means nothing.
[ link to this | view in thread ]
Re: Patriotic Disobedience
[ link to this | view in thread ]
Re:
> have talked about his experience on the floor of the Senate.
Note the introductory phrase: "in all Cases, *except* Treason, Felony and Breach of the Peace..."
Violating the gag order is a felony, so this provision would not protect someone who did it, even on the floor of Congress.
[ link to this | view in thread ]
Re: What about it?
Scalia once opined that since the Constitution requires that a punishment be both cruel *and* unusual-- instead of cruel *or* unusual-- that it had to be both to violate the 8th Amendment, and further, since no punishment that had ever been argued before the Court was unique in human history-- in other words, every punishment someone claimed to be unusual had in fact been imposed on people in the past somewhere on earth-- that he had yet to see a punishment that could accurately be described as "unusual".
[ link to this | view in thread ]
Re: Re:
1) except Treason, Felony and Breach of the Peace, be privileged from Arrest during their Attendance at the Session of their respective Houses, and in going to and returning from the same; and
2) for any Speech or Debate in either House, they shall not be questioned in any other Place
[ link to this | view in thread ]
Re: has a really good take on copyright law
Neither would anybody in congress want him to become president, because most of congress (which probably is manipulated and controlled to a certain degree) wants to control the people so that they can make more money from their campaigns and their fundraisers.
America's political system is so fucked up that you'd need a REALLY thorough colon cleansing in order to clean it up. And the media... holy shit. The media controls the masses. What a sad, sad situation.
[ link to this | view in thread ]
Punishments that are commonly done within all those that are punished
[ link to this | view in thread ]