NSA Official Uses LiveJournal-Like Board To Brag About 'Hunting SysAdmins'

from the one-way-to-do-things dept

Fri, Mar 21st 2014 7:35am — Mike Masnick

The latest news from The Intercept involves yet another Snowden leaked document, in which an NSA official uses what certainly looks like LiveJournal (complete with "current mood" lines at the end of posts) to informally and gleefully discuss targeting sys admins in order to get access to the networks they maintain. It's not a secret that the NSA does this. That became clear last fall, when earlier Snowden docs revealed how GCHQ and NSA had targeted a Belgacom sysadmin to get access to important Belgacom clients, including the EU Parliament. What's interesting here is the breezy dismissive discussion by this NSA guy -- and the fact that it looks like LiveJournal really gives you this parallel universe view. The tone and arrogance on display isn't particularly different from various private sector hackers. It's just that this guy has access to more powerful tools and the government behind him. Take, for example, this early post in which he brags about how totally cool it is that the NSA collects way more data than it needs:

That's fairly incredible. He's flat out admitting (unlike all the public statements from NSA defenders) that it's great to have all that excess data way beyond what the NSA needs, because you can find all sorts of extra stuff. That's exactly the concern plenty of people have raised -- and which the NSA and its defenders have dismissed.

As The Intercept report notes, the guy admits that he targets sysadmins merely as a means to an end -- to reach the people who use various systems. But, there's no indication that he avoids targeting American sysadmins (he does limit his focus to those outside the US, but the NSA isn't supposed to track even Americans outside the US). The NSA guy talks about how he basically goes fishing around to find sysadmins' non-work emails (preferably Facebook accounts) to then make use of the NSA's QUANTUM injection techniques. He notes that you can go after official addresses, but it's much harder to trick sysadmins that way.

Either way, the rather cavalier attitude towards hacking into sysadmins' accounts should raise some eyebrows.

Separately, I'm sure some folks will note that the slides appear to have a stamp on them that say "Copyright! Do not reuse this image!" Apparently that was in the original image (not added by The Intercept). The Intercept does note that this guy had been a contractor before joining the NSA. If he was a contractor when he wrote this, even thought it was written for the government, then he could claim a copyright over it. However, if he was an employee of the NSA, then as a work of the federal government, he could not. Of course, either way it doesn't matter. If he actually did have the copyright on it, he'd have to reveal himself as the copyright holder (the Intercept keeps him anonymous) and do something about it (issue a takedown, sue, etc.). It seems unlikely he'd expose himself in that manner. Also, media publications discussing the documents also would have a fairly strong fair use defense to any such claim (and, further, it's almost 100% certain that he did not register the copyright, meaning he'd be limited to just actual damages, of which there are unlikely to be... well... any). All that is kind of a meaningless ramble over something that won't happen, but figured we might as well cover it since we often talk about copyright issues here too.

I Hunt Sys Admins (PDF)I Hunt Sys Admins (Text)

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: livejournal, nsa, surveillance, sysadmins

28 Comments

If you liked this post, you may also be interested in...

Reader Comments

The First Word

“

Lies and Truths

"We don�t have the technical insights in the United States. In other words, you have to have something to intercept, or some way of doing that either by going to a service provider with a warrant or you have to be collecting in that area. We�re not authorized to do that, nor do we have the equipment in the United States to collect that kind of information."
- Gen. Alexander

"One of the coolest things about it is *how much* data we have at our fingertips. if we *only* collected the data we knew we wanted... yeah, we'd fill some of our requirements, but htis is a whole world of possibilities we'd be missing!"
- Random immature NSA employee

—edpo

”

Subscribe: RSS

View by: Time | Thread

BentFranklin (profile), 21 Mar 2014 @ 7:24am

And of course, inspecting packet headers going to and from these routers is just metadata, so no big deal right?
[ link to this | view in chronology ]
- BentFranklin (profile), 21 Mar 2014 @ 7:26am
  
  Re:
  Also, how do they get access to all those packets into and out of those routers?
  [ link to this | view in chronology ]
Anonymous Coward, 21 Mar 2014 @ 7:46am

"just plain awesome", "downright cool"

How old are these kids?

They disgust me.
[ link to this | view in chronology ]
John Fenderson (profile), 21 Mar 2014 @ 8:04am

Chilling
With the other documents, there was at least a pretense of professionalism. With this, there is none. This is just a pure expression of joy at being able to spy for the sake of spying. To see something like this written, with not one iota of the gravity of the actions, indicates a culture and mindset that the infamous "smiley face" only hinted at. A culture and mindset that is fundamentally at odds with the notions of freedom and liberty.

This document sends more chills up my spine than any of the others I've seen yet.
[ link to this | view in chronology ]
- Jeff Woods (profile), 23 Mar 2014 @ 12:25pm
  
  Re: Chilling
  Is a reference to the Stasi too close to Godwin's Law for comfort?
  [ link to this | view in chronology ]
Anonymous Coward, 21 Mar 2014 @ 8:25am

If you can't beat them...
join them.
[ link to this | view in chronology ]
me@me.net, 21 Mar 2014 @ 8:28am

all they have proven
is they are traitors
[ link to this | view in chronology ]
Baron von Robber, 21 Mar 2014 @ 8:34am

But it's so hard!
It's so hard to get those warrenty things and just spy on bad guys. It's really hard!! It makes us want to go poopy. :(
[ link to this | view in chronology ]
edpo, 21 Mar 2014 @ 9:18am

Lies and Truths
"We don�t have the technical insights in the United States. In other words, you have to have something to intercept, or some way of doing that either by going to a service provider with a warrant or you have to be collecting in that area. We�re not authorized to do that, nor do we have the equipment in the United States to collect that kind of information."
- Gen. Alexander

"One of the coolest things about it is *how much* data we have at our fingertips. if we *only* collected the data we knew we wanted... yeah, we'd fill some of our requirements, but htis is a whole world of possibilities we'd be missing!"
- Random immature NSA employee
[ link to this | view in chronology ]
Coyne Tibbets (profile), 21 Mar 2014 @ 9:34am

Perfected cynicism
He's a perfect example of a mind-set I've discussed elsewhere.

People in the NSA aren't like you or I. If I became suspicious of John Doe, I would look at various information and make a decision as to whether or not my suspicions are founded. For people of this mindset of this NSA author, they look at all the data they have related to John Doe...and if they find nothing to confirm their suspicions then that is proof that they do not have enough data. These people are perfected cynics.

Because they must have "all data" to confirm their cynical suspicions, it is useless to assume that the national security apparati acquire anything less than what it is feasible (technically and financially) to acquire. Figures I did, and similar figures by Brewster Khale establish it is feasible technically and financially for the NSA to record all phone calls in the United States (and even the world, now) and to keep the recordings permanently.

Therefore, they are doing so: Assuming anything less fails to take into account their mindset. Which is always to keep everything, and keep it permanently.

After all, you never know when John Doe's guilt will be confirmed by something his great granddaddy said in a phone call.
[ link to this | view in chronology ]
Anonymous Coward, 21 Mar 2014 @ 10:01am

Just in case you were wondering
That copyright tag was actually appended by the NSA source, not the first reporter (The Intercept) or Techdirt.

It's extremely hilarious because government employees cannot copyright their work.
[ link to this | view in chronology ]
- Mike Masnick (profile), 21 Mar 2014 @ 11:48am
  
  Re: Just in case you were wondering
  We discussed all of that in the final paragraph.
  [ link to this | view in chronology ]
Anonymous Coward, 21 Mar 2014 @ 10:12am

I'd like to know who this is
Because this asshole is attacking my family.

How? Like most system admins, I don't work a normal 40-hour week. I work whatever's necessary, and I do some of it from home...from my own computers...on my own network...which I share with my family.

So when this asshole gleefully owns one of my systems, he's got access to pictures of my children. He can reach my wife's computer. He can see the sites my kids access, which means he can quickly figure out where they go to school. In his arrogance and hubris, he's vacuuming up a LOT of date not just about me, not just about the systems and networks that I run, but about MY FAMILY.

I don't even have the words to express my rage at this asshole and the threat he represents. He's probably a serial rapist and a violent pedophile: he's certainly a sociopath.
[ link to this | view in chronology ]
- Anonymous Coward, 21 Mar 2014 @ 10:32am
  
  Re: I'd like to know who this is
  Never mind him. Think about who employs this useful idiot.
  [ link to this | view in chronology ]
- Anonymous Coward, 21 Mar 2014 @ 6:19pm
  
  Re: I'd like to know who this is
  And this is what average_joe and darryl consider due process. Shameful.
  [ link to this | view in chronology ]
- Ole Juul (profile), 22 Mar 2014 @ 2:13am
  
  Re: I'd like to know who this is
  @AC10:12
  Your post just turned on a light for me. After reading the story I had thought to myself, what kind of system admin has a Facebook account? I would have thought it would be fairly unusual, but in a family situation it certainly wouldn't. And regardless of that, working at home and having your family involved does put an even more disgusting slant on the operation.
  [ link to this | view in chronology ]
Just Another Anonymous Troll, 21 Mar 2014 @ 10:15am

Wait a minute, if the government never lies and it says that they are not violating privacy but this guy also works for the government and he brags that they doOOOOOOOERRORLOGICALCONTRADICTION(;56^%^|?.'b?&,,!?�
[ link to this | view in chronology ]
Anonymous Coward, 21 Mar 2014 @ 10:50am

The slang is generic computer nerd slang from across several generations of computer nerds. While I don't like the targeting of innocent people, I would caution against us from vilifying the language he used. This is nerd speak, and most of us here are nerds.
[ link to this | view in chronology ]
- John Fenderson (profile), 21 Mar 2014 @ 11:02am
  
  Re:
  It's not generic nerd-speak. It's language used primarily by two nerd subcultures: certain gamers and script kiddies. Further, this is adolescent language that is generally shed when maturity sets in.
  
  I'm guessing, given the context, that the subculture in play here isn't gamers.
  [ link to this | view in chronology ]
Anonymous Coward, 21 Mar 2014 @ 11:42am

General Benedict Arnold offered but failed to surrender West Point to the British. - Traitor.

General Keith Alexander offered and succeeded in selling one of our constitutional rights (the 4th amendment) to the British. - _______.

Fill in the blank.

Got to wonder what old General Washington would have thought of Keith.
[ link to this | view in chronology ]
observer, 21 Mar 2014 @ 1:04pm

This isn't just something that looks like LJ: unless I'm very much mistaken, it's the actual LJ platform or a very close variant. Which is open source, so that's the one thing they haven't done wrong.
[ link to this | view in chronology ]
Putin (profile), 21 Mar 2014 @ 4:22pm

NSA Official Uses LiveJournal-Like Board To Brag About 'Hunting SysAdmins'
http://www.slate.com/articles/arts/everyday_economics/2004/05/feed_the_worms_who_write_worms_to_the_ worms.html

Long overdue. Time to make the United States a better place.
[ link to this | view in chronology ]
Anonymous Coward, 21 Mar 2014 @ 7:33pm

What's the fuss? Spy agency targets admins. Seems like no brainer to me. That is their job. The only shocking part is that Petrobras or Belgacom would hire as admin someone who uses Windows and Facebook. Then they deserve to be nuked.

Missing part here is the usage of snatched data. If NSA shares it with, say Exxon or ATT, then we have serious problem of public agency being used for private greed.

When Bush was about to attack Iraq, NSA nuked all prospective hostile websites inside and outside USA. I see this issue missing from GGreenwald story.
[ link to this | view in chronology ]
- Anonymous Coward, 22 Mar 2014 @ 12:49am
  
  Re:
  Missing part here is the usage of snatched data.
  It will be used for whatever their political masters want, and they are owned by the corporations.
  [ link to this | view in chronology ]
- John Fenderson (profile), 22 Mar 2014 @ 1:04pm
  
  Re:
  "What's the fuss? Spy agency targets admins. Seems like no brainer to me. That is their job."
  
  If those admins are in the US then it is not part of their job. In fact, it is specifically part of their job to not do it, since it's against the law.
  
  For sysadmins outside the US, it is imperative that they know they're being specifically targeted so they can defend against it.
  [ link to this | view in chronology ]
MS, 22 Mar 2014 @ 6:01pm

American Sysadmins
Where does it say that he targeted American sysadmins? Maybe I missed it, but I didn't see that specified. Given that it's contrary to law, why assume that he did.

Consider an analogy. If I said that I eat meat (actually, I do), would you then assume that I illegally eat human flesh?
[ link to this | view in chronology ]
- John Fenderson (profile), 23 Mar 2014 @ 9:13am
  
  Re: American Sysadmins
  I assume they target US sysadmins because why wouldn't they? They don't have a problem targeting us citizens in other programs. In your analogy, they've already been caught eating human flesh in other recipes. Why would they avoid it in this one?
  [ link to this | view in chronology ]
j5, 23 Mar 2014 @ 2:26pm

NSA Official Uses LiveJournal-Like Board To Brag About 'Hunting SysAdmins'
Does no-one else think this is just a bit too conveniently, blatantly, cartoonishly arrogant? The language is too open not to be considered as a possible JTRIG plant. It reads like a statement from a Bond villain written by a 10 yr old. This gets out, gets published, then the snoops and their shills get to discredit it quickly, easily & truthfully (just so they can try that on for a few minutes) and by spurious association undermine other information published on the same site. They are targeting sysadmins, there's no reason to doubt that, a tactic it's hard to imagine any impartial court finding legal under any circumstances, so efforts to discredit information that they're doing so is credible as a priority for them.

It just reads kinda phoney to me.
[ link to this | view in chronology ]