NSA Denies Everything About Latest Intercept Leak, Including Denying Something That Was Never Claimed
from the let's-play-word-games-with-the-NSA dept
The recent leaks published at Glenn Greenwald's new home, The Intercept, detailed the NSA's spread of malware around the world, with a stated goal of sabotaging "millions" of computers. As was noted then, the NSA hadn't issued a comment. The GCHQ, named as a co-conspirator, had already commented, delivering the usual spiel about legality, oversight and directives -- a word salad that has pretty much replaced "no comment" in the intelligence world.
The NSA has now issued a formal statement on the leaks, denying everything -- including something that wasn't even alleged. In what has become the new "no comment" on the NSA side, the words "appropriate," "lawful" and "legitimate" are trotted out, along with the now de rigueur accusations that everything printed (including, apparently, its own internal documents) is false.
Recent media reports that allege NSA has infected millions of computers around the world with malware, and that NSA is impersonating U.S. social media or other websites, are inaccurate. NSA uses its technical capabilities only to support lawful and appropriate foreign intelligence operations, all of which must be carried out in strict accordance with its authorities. Technical capability must be understood within the legal, policy, and operational context within which the capability must be employed.First off, for the NSA to claim that loading up "millions" of computers with malware is somehow targeted (and not "indiscriminate") is laughable. As for its "national security directive," it made a mockery of that when it proudly announced in its documents that "we hunt sys admins." Targeting telco and ISP systems administrators goes well outside the bounds of "national security." These people aren't suspected terrorists. They're just people inconveniently placed between the NSA and its goal of "collecting it all."
NSA's authorities require that its foreign intelligence operations support valid national security requirements, protect the legitimate privacy interests of all persons, and be as tailored as feasible. NSA does not use its technical capabilities to impersonate U.S. company websites. Nor does NSA target any user of global Internet services without appropriate legal authority. Reports of indiscriminate computer exploitation operations are simply false.
Last, but not least, the NSA plays semantic games to deny an accusation that was never made, calling to mind Clapper's denial of a conveniently horrendous translation of a French article on its spying efforts there.
NSA does not use its technical capabilities to impersonate U.S. company websites.This "denial" refers to this portion of The Intercept's article.
In some cases the NSA has masqueraded as a fake Facebook server, using the social media site as a launching pad to infect a target’s computer and exfiltrate files from a hard drive...The NSA's own documents say that QUANTUMHAND "exploits the computer of a target that uses Facebook." The man-on-the-side attack impersonates a server, not the site itself. The NSA denies impersonating sites, but that's not what The Intercept said or what its own documents state. This animated explanation, using the NSA's Powerpoint presentation, shows what the attack does -- it tips the TURBINE servers, which then send the malware payload before the Facebook servers can respond. To the end user, it looks as though Facebook is just running slowly.
In one man-on-the-side technique, codenamed QUANTUMHAND, the agency disguises itself as a fake Facebook server. When a target attempts to log in to the social media site, the NSA transmits malicious data packets that trick the target’s computer into thinking they are being sent from the real Facebook. By concealing its malware within what looks like an ordinary Facebook page, the NSA is able to hack into the targeted computer and covertly siphon out data from its hard drive.
When the NSA says it doesn't impersonate sites, it truly doesn't. It injects malware by beating Facebook server response time. It doesn't serve up faux Facebook pages; it simply grabs the files and data from compromised computers. The exploit is almost wholly divorced from Facebook itself. The social media site is an opportunity for malware deployment, and the NSA doesn't need to impersonate a site to achieve its aims. This is the NSA maintaining deniability in the face of damning allegations -- claiming something was said that actually wasn't and resorting to (ultimately futile) attempts to portray journalists as somehow less trustworthy than the agency.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: denial, injections, malware, man on the side, nsa, surveillance
Companies: facebook
Reader Comments
Subscribe: RSS
View by: Time | Thread
Denial = Confirmation?
At this point, the mere fact that the NSA denies doing something is almost enough to convince me that they are doing it.
I'm trying not to be paranoid. They just make it so difficult.
[ link to this | view in chronology ]
Re: Denial = Confirmation?
By now you have to assume the worst when it comes to them, and once the truth comes out it tends to paint and even worse picture then what you could imagine.
And there is still the question if facebook and similar sites might be at least funded, if not run by intelligence agencies alltogether. If that is the case that would put this denial in an entirely different light. It would read "We don't impersonate companies. We ARE the companies."...
[ link to this | view in chronology ]
[ link to this | view in chronology ]
The NSA has already spent its creditability. It wasted it on previous claims of absolutely not doing this or that, followed by days later it being revealed, yeah it did.
I think we've reached the point that we realized that nothing the NSA says will have have the ring of truth about it, even when they are telling the truth.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
Onions of bullshit
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Read:
Nor does NSA target any user of global Internet services without having it rubberstamped by FISA court first.
FTFY.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
NSA Word-Smithing
"The question is," said Alice, "whether you can make words mean so many different things."
"The question is," said Humpty Dumpty, "which is to be master - that's all."
[ link to this | view in chronology ]
Re: NSA Word-Smithing
they WILL (metaphorically speaking) look you straight in the eye, piss on your leg, and INSIST it is raining; THEN fabricate evidence to 'prove' it was rain...
in my readings about the evil done in our name, with our money, *supposedly* to 'protect and serve' us, by the boys in black, you can NOT UNDERESTIMATE the most simplistic, and -to repeat myself- CHILDISH ways they will LIE AND DISSEMBLE...
they are scum, they are slime, they are NOT the best and the brightest, they are the worst and most immoral...
YOU CAN NOT OVERSTATE THEIR MORAL VACUITY...
we do NOT deserve these pieces of shit...
[ link to this | view in chronology ]
At what point will we start confronting these companies and pressuring them to discontinue such cooperation? I know it's no easy task, but just as much as the government is reeling from all the public pressure, so too will these companies if we press their hands. Make it affect their bottom line.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
more fun with words...
1: situated outside a place or country; especially : situated outside one's own country
2: born in, belonging to, or characteristic of some place or country other than the one under consideration
3: of, relating to, or proceeding from some other person or material thing than the one under consideration
4: alien in character : not connected or pertinent
5: related to or dealing with other nations
6a : occurring in an abnormal situation in the living body and often introduced from outside
b : not recognized by the immune system as part of the self
7: not being within the jurisdiction of a political unit (as a state)
[ link to this | view in chronology ]
is techdirt an hack target?
google
amazonaws
twitter
facebook
ajax.googleapis
techdirt
and install cookies from
techdirt
imigur
and request resources from
rp-api
vimeo
and install/use tracking beacons from
facebook connect
google +1
gravitar
nativo
quantcast
redit
repost.us
scorecard research beacon
twitter button.
...and who knows what else would run if all that was allowed to proceed. (I'm not going to run them to find out the 2nd level stuff)
for all the great reporting techdirt does on spying/tracking/privacy- you need to get you shit together already with this site; it seams like you're part of the problem. Please explain the technical facts as to why these same types of hacks couldn't be done to your readers through this clusterfuck of off site scripts/beacons/cookies/resources your forcing on people to ignorant to know how to block them.
kudos for keeping the site working without that crap- but ffs, having it on by default makes techdirt seam hypocritical at best.
[ link to this | view in chronology ]
Well, heck, that's easy. Since the computers of the sys admins are just means to an ends, simply define "target" in a way that excludes anyone whose computers are compromised as a means to an end.
[ link to this | view in chronology ]
http://www.forbes.com/sites/kashmirhill/2012/08/06/beware-tech-abandoners-people-without-faceboo k-accounts-are-suspicious/
http://www.dailymail.co.uk/news/article-2184658/Is-joining-Facebook-sign-y oure-psychopath-Some-employers-psychologists-say-suspicious.html
Are these possible signs that the NSA and GHCQ planted those stories?
[ link to this | view in chronology ]
Re:
I don' think the DM article was planted, I think it was just the Daily Mail being the Daily Mail.
[ link to this | view in chronology ]
hack target?- amend.
perhaps I was a bit harsh/ short sited.
Is there a way you can continue to do your excellent work, and have a reasonably profitable business model, without all those third parties spying on your readers, and the risks your current setup may incur?
[ link to this | view in chronology ]
Re: hack target?- amend.
However, it's also not underhanded -- everyone who doesn't block that stuff plainly sees the ads, social media buttons, and other visible manifestations of the various connections outside the site. It's also the same stuff you see on most major websites these days. Very few people are utterly ignorant about what's going on for very long. These issues are well and widely discussed. Blocking it all is very easy, and people who care pretty quickly learn how to do it.
My own elderly tech-ignorant mother, shortly after she discovered the web when playing with she shiny new computer, called me up to tell me about this awesome thing she found called AdBlock.
[ link to this | view in chronology ]
The fun has yet to really begin
[ link to this | view in chronology ]
Re: The fun has yet to really begin
Uhh, no.
Security patches already released are not being "withdrawn". If you've patched your OS, those patches will remain. There just won't be any new patches.
[ link to this | view in chronology ]
rere hack target-amend
[ link to this | view in chronology ]
I'm willing to bet the NSA doesn't consider Facebook a company. Companies sell products and services. Facebook is just a free website where users can create a profile.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Denials
Truth is a fragile thing.
[ link to this | view in chronology ]