NSA Issues Non-Denial Denial Of Infiltrating Google & Yahoo's Networks

from the here-we-go dept

While NSA boss Keith Alexander issued a misleading denial of this morning's report of how the NSA has infiltrated Yahoo and Google's networks by hacking into their private network connections between datacenters, the NSA has now come out with its official statement which is yet another typical non-denial denial. They deny things that weren't quite said while refusing to address the actual point:
NSA has multiple authorities that it uses to accomplish its mission, which is centered on defending the nation. The Washington Post's assertion that we use Executive Order 12333 collection to get around the limitations imposed by the Foreign Intelligence Surveillance Act and FAA 702 is not true.

The assertion that we collect vast quantities of US persons' data from this type of collection is also not true. NSA applies attorney general-approved processes to protect the privacy of US persons – minimizing the likelihood of their information in our targeting, collection, processing, exploitation, retention, and dissemination.

NSA is a foreign intelligence agency. And we're focused on discovering and developing intelligence about valid foreign intelligence targets only.
Note what is missing from all of this. They do not deny hacking into the data center connection lines outside of the US. They do not deny getting access to all that data, especially on non-US persons. As for the claim that they're protecting the privacy of US persons, previous statements from Robert Litt, the general counsel for the Office of the Director of National Intelligence, have already made it clear that if they collect info on Americans, they're going to use this loophole to search them:
"If we're validly targeting foreigners and we happen to collect communications of Americans, we don't have to close our eyes to that," Litt said. "I'm not aware of other situations where once we have lawfully collected information, we have to go back and get a warrant to look at the information we've already collected."
So, for all the claims that this kind of information will be "minimized," it certainly looks like they've already admitted they don't do that.

Meanwhile, that Guardian article that has the NSA's response also has responses from the 3 other players in this drama. There's the UK's GCHQ, who apparently has partnered with the NSA in breaking into Google and Yahoo. It didn't want to say a damn thing:
"We are aware of the story but we don't have any comment."
Google, however, was reasonably furious about this story.
In a statement, Google's chief legal officer, David Drummond, said the company was "outraged" by the latest revelations.

"We have long been concerned about the possibility of this kind of snooping, which is why we have continued to extend encryption across more and more Google services and links, especially the links in the slide," he said.

"We do not provide any government, including the US government, with access to our systems. We are outraged at the lengths to which the government seems to have gone to intercept data from our private fiber networks, and it underscores the need for urgent reform."
Yahoo's response, unfortunately, was a lot more restrained and not particularly on point.
"We have strict controls in place to protect the security of our data centers, and we have not given access to our data centers to the NSA or to any other government agency."
Yeah, but the story is how the NSA got around your security. Yahoo should be a lot angrier about this. One hopes that once the technical people talk to management, the company will realize just how bad this situation is.

Hopefully, this means that Google and Yahoo will stop just focusing on getting more "transparency" out of the government concerning NSA surveillance, and will start taking a much more active role. This includes: (1) pushing back hard against government surveillance, including going to court to stop it and (2) building much more secure systems that cannot be easily compromised by the NSA.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: executive order 12333, gchq, infiltrate, keith alexander, networks, nsa, nsa surveillance, section 702
Companies: google, yahoo


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Anonymous Coward, 30 Oct 2013 @ 3:05pm

    I long ago decided neither Google, Bing, nor Yahoo was a search engine I wanted to use. Unlike ootb, I know what to do about it besides bitch.

    link to this | view in thread ]

  2. identicon
    Anonymoose, 30 Oct 2013 @ 3:10pm

    Insider trading?

    I'm still shocked no one has thought to invoke the SEC in all of this.

    Given the vast amounts of searchable, private, and no doubt high percentage of public company email and attachment info NSA employees have at their searchable disposal (with no meaningful insider oversight), how many trades by employees and contractors were based on insider information?

    Or does the agency itself maintain shell accounts?

    Seems like a good source of funding. And a potential avenue of investigation...

    link to this | view in thread ]

  3. identicon
    Anonymous Coward, 30 Oct 2013 @ 3:11pm

    All network traffic should start having end-to-end encryption, even if it is something as simple as a 'ping' it should all be encrypted.

    link to this | view in thread ]

  4. This comment has been flagged by the community. Click here to show it
    identicon
    out_of_the_blue, 30 Oct 2013 @ 3:37pm

    Google doesn't say gov't doesn't get the data!

    Just this carefully mis-leading "We do not provide any government, including the US government, with access to our systems." -- RIGHT, Google just delivers to them the DATA those systems glean.

    The Google-Borg. Assimilating your privacy since 1998.

    11:37:11[m-370-2]

    link to this | view in thread ]

  5. This comment has been flagged by the community. Click here to show it
    identicon
    out_of_the_blue, 30 Oct 2013 @ 3:41pm

    Re: "I know what to do about it besides bitch."

    Anonymous Coward, Oct 30th, 2013 @ 3:05pm

    I long ago decided neither Google, Bing, nor Yahoo was a search engine I wanted to use. Unlike ootb, I know what to do about it besides bitch.


    What exactly do you do? Inquiring minds want to know!

    And why, since you clearly agree with me about the invasion from those mega-corporations, the vague but unnecessary dig?

    link to this | view in thread ]

  6. identicon
    Anonymous Coward, 30 Oct 2013 @ 3:46pm

    Very disappointed in Marissa Mayer. Last I checked she seemed scared shitless about doing anything against NSA, because "she might go to prison".

    Give me a break. They wouldn't send the CEO's of Yahoo or Google to prison for not allowing them to do mass surveillance. If they did, then you'd have proof US is a totalitarian state, where they can send anyone they want on a whim to prison.

    link to this | view in thread ]

  7. icon
    John Fenderson (profile), 30 Oct 2013 @ 4:01pm

    Re:

    You can't encrypt a ping -- it's at the wrong network layer. Also, it's pointless to do so. A ping packet contains no sensitive information, and every router between you and the destination machine has to be able to look at the contents of the ping packet in order for pinging to work.

    link to this | view in thread ]

  8. identicon
    Anonymous Coward, 30 Oct 2013 @ 4:04pm

    Re: Re: "I know what to do about it besides bitch."

    He has the mental capacity to use the many available alternatives and get on with his meaningful life.

    link to this | view in thread ]

  9. identicon
    Anonymous Coward, 30 Oct 2013 @ 4:05pm

    'the company will realize just how bad this situation is.'

    you dont think receiving an unprecedented number of complaints might work? how about an unprecedented number of people telling Yahoo to take a hike?

    link to this | view in thread ]

  10. identicon
    Anonymous Coward, 30 Oct 2013 @ 4:56pm

    Re: Re:

    That's not just ping but all ICMP traffic.

    link to this | view in thread ]

  11. identicon
    Anonymous Coward, 30 Oct 2013 @ 5:13pm

    Re: Re:

    Actually you can encrypt pings and every other packet using IPSec and other encrypted VPN technologies.

    link to this | view in thread ]

  12. identicon
    Anonymous Coward, 30 Oct 2013 @ 6:02pm

    You raise a good point Mike. The NSA will just intercept American communications using foreign allies.

    If I were the NSA, I'd just outsource American data collecting to the GCHQ or Israel.

    Then all the spy agencies can just share information with each other, under the infinity-eyes agreement.

    link to this | view in thread ]

  13. icon
    OldMugwump (profile), 30 Oct 2013 @ 6:59pm

    Finally, Google is getting angry

    Actually I think they've been angry for a while, but have been holding it in for the sake of getting along with the US Government (who, after all, has their nuts in a vise).

    But, at last, they're getting public about their anger.

    Now - fight back. Put a request on some of that nice white space at http://google.com asking their customers to call their congressmen and senators.

    link to this | view in thread ]

  14. icon
    OldMugwump (profile), 30 Oct 2013 @ 7:01pm

    Re: Finally, Google is getting angry

    Oh - and ask for Ed Snowden to get the Presidential Medal of Freedom, too.

    link to this | view in thread ]

  15. identicon
    Anonymous Coward, 30 Oct 2013 @ 8:05pm

    Re:

    ever heard of echelon? They already farm it out.

    link to this | view in thread ]

  16. identicon
    Anonymous Coward, 31 Oct 2013 @ 2:35am

    Re: Re: Re:

    And you can use IPSEC without making it a VPN (IPSEC has "transport mode" which only encrypts/authenticates, but does not encapsulate).

    There is only one thing you cannot encrypt: IKE, which does the IPSEC key negotiation (and has its own built-in encryption). As a consequence, you cannot also encrypt some ICMP traffic related to your IKE traffic.

    link to this | view in thread ]

  17. identicon
    Anonymous Coward, 31 Oct 2013 @ 2:40am

    The difference between Google and Yahoo

    There is one important difference between Google and Yahoo which can explain the different visible reaction: from what I have heard, at Google the engineers are much closer to the management. The top management itself is a pair of computer scientists. So when the Google engineers "exploded in profanity", as mentioned in a previous post, some of that leaks through the management.

    link to this | view in thread ]

  18. icon
    Ninja (profile), 31 Oct 2013 @ 4:51am

    Tell that to raging engineers engaged in all sorts of profanities... I do hope such profanities are converted into large difficulties to the NSA. If anything Google is pissed off enough to give the middle finger to quite a few players out there including but not limited to the US Govt, the MAFIAA etc

    link to this | view in thread ]

  19. icon
    Chris in Utah (profile), 31 Oct 2013 @ 5:11am

    mmm....

    Become more aware and going to court? Build better security?

    Since its Halloween here in the states and Blade is a favorite of mine... "... Who do you think let them in asshole!?!?"

    I praise ya for looking for solutions to issues Mike, I truly truly do and yet ya might want dig a little deeper in corporate sovereignty and ask something pretty relevant to this topic;

    Have they ever done ither of those to things?
    And possibly a secondary question... why support a company that has basic bent over?

    link to this | view in thread ]

  20. icon
    The Groove Tiger (profile), 31 Oct 2013 @ 8:26am

    Re: Re: "I know what to do about it besides bitch."

    I thought vague but unnecessary dig was your middle name :D

    link to this | view in thread ]

  21. identicon
    Anonymous Coward, 31 Oct 2013 @ 8:59am

    " NSA applies [an] approved processes to protect the privacy of US persons – minimizing the likelihood of their information in our targeting, collection, processing, exploitation, retention, and dissemination. "

    Uhm, I've heard of the NSA tapdancing around being honest, but now they've upped their game to contradicting themselves in the same sentence?!?

    Let's protect the privacy of Americans by targeting, collecting, processing, exploiting[!], and retaining private information!!!

    link to this | view in thread ]

  22. icon
    John Fenderson (profile), 31 Oct 2013 @ 10:15am

    Re: Re: Re:

    Yes, I was oversimplifying a bit. This stuff get hard to discuss with brevity and clarity.

    If you're encapsulating (such as through a VPN), then the entire stream is encrypted. This isn't logically relevant to my point, though. You can tunnel traffic (including ICMP) through a VPN, but the encapsulating layer itself is then the "real" network, and you can't encrypt ICMP there unless you also run that through a VPN, in which case the upper-level encapsulator becomes the "real" network, and you can't encrypt ICMP there, and so on and so forth.

    My point is that ultimately, at some level, you must have ICMP and control structures (packet headers, etc.) sent in the clear in order for the routers and other machinery to work.

    link to this | view in thread ]

  23. icon
    John Fenderson (profile), 31 Oct 2013 @ 11:03am

    Re:

    They wouldn't send the CEO's of Yahoo or Google to prison for not allowing them to do mass surveillance.


    Why do you think that? It's exactly what they did to to Joseph Nacchio, the CEO of Qwest, for not allowing them to do mass surveillance.

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.