NSA Official Uses LiveJournal-Like Board To Brag About 'Hunting SysAdmins'
from the one-way-to-do-things dept
The latest news from The Intercept involves yet another Snowden leaked document, in which an NSA official uses what certainly looks like LiveJournal (complete with "current mood" lines at the end of posts) to informally and gleefully discuss targeting sys admins in order to get access to the networks they maintain. It's not a secret that the NSA does this. That became clear last fall, when earlier Snowden docs revealed how GCHQ and NSA had targeted a Belgacom sysadmin to get access to important Belgacom clients, including the EU Parliament. What's interesting here is the breezy dismissive discussion by this NSA guy -- and the fact that it looks like LiveJournal really gives you this parallel universe view. The tone and arrogance on display isn't particularly different from various private sector hackers. It's just that this guy has access to more powerful tools and the government behind him. Take, for example, this early post in which he brags about how totally cool it is that the NSA collects way more data than it needs:As The Intercept report notes, the guy admits that he targets sysadmins merely as a means to an end -- to reach the people who use various systems. But, there's no indication that he avoids targeting American sysadmins (he does limit his focus to those outside the US, but the NSA isn't supposed to track even Americans outside the US). The NSA guy talks about how he basically goes fishing around to find sysadmins' non-work emails (preferably Facebook accounts) to then make use of the NSA's QUANTUM injection techniques. He notes that you can go after official addresses, but it's much harder to trick sysadmins that way.
Either way, the rather cavalier attitude towards hacking into sysadmins' accounts should raise some eyebrows.
Separately, I'm sure some folks will note that the slides appear to have a stamp on them that say "Copyright! Do not reuse this image!" Apparently that was in the original image (not added by The Intercept). The Intercept does note that this guy had been a contractor before joining the NSA. If he was a contractor when he wrote this, even thought it was written for the government, then he could claim a copyright over it. However, if he was an employee of the NSA, then as a work of the federal government, he could not. Of course, either way it doesn't matter. If he actually did have the copyright on it, he'd have to reveal himself as the copyright holder (the Intercept keeps him anonymous) and do something about it (issue a takedown, sue, etc.). It seems unlikely he'd expose himself in that manner. Also, media publications discussing the documents also would have a fairly strong fair use defense to any such claim (and, further, it's almost 100% certain that he did not register the copyright, meaning he'd be limited to just actual damages, of which there are unlikely to be... well... any). All that is kind of a meaningless ramble over something that won't happen, but figured we might as well cover it since we often talk about copyright issues here too.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: livejournal, nsa, surveillance, sysadmins
Reader Comments
The First Word
“Lies and Truths
"We don’t have the technical insights in the United States. In other words, you have to have something to intercept, or some way of doing that either by going to a service provider with a warrant or you have to be collecting in that area. We’re not authorized to do that, nor do we have the equipment in the United States to collect that kind of information."- Gen. Alexander
"One of the coolest things about it is *how much* data we have at our fingertips. if we *only* collected the data we knew we wanted... yeah, we'd fill some of our requirements, but htis is a whole world of possibilities we'd be missing!"
- Random immature NSA employee
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
How old are these kids?
They disgust me.
[ link to this | view in chronology ]
Chilling
This document sends more chills up my spine than any of the others I've seen yet.
[ link to this | view in chronology ]
Re: Chilling
[ link to this | view in chronology ]
If you can't beat them...
[ link to this | view in chronology ]
all they have proven
[ link to this | view in chronology ]
But it's so hard!
[ link to this | view in chronology ]
Lies and Truths
- Gen. Alexander
"One of the coolest things about it is *how much* data we have at our fingertips. if we *only* collected the data we knew we wanted... yeah, we'd fill some of our requirements, but htis is a whole world of possibilities we'd be missing!"
- Random immature NSA employee
[ link to this | view in chronology ]
Perfected cynicism
People in the NSA aren't like you or I. If I became suspicious of John Doe, I would look at various information and make a decision as to whether or not my suspicions are founded. For people of this mindset of this NSA author, they look at all the data they have related to John Doe...and if they find nothing to confirm their suspicions then that is proof that they do not have enough data. These people are perfected cynics.
Because they must have "all data" to confirm their cynical suspicions, it is useless to assume that the national security apparati acquire anything less than what it is feasible (technically and financially) to acquire. Figures I did, and similar figures by Brewster Khale establish it is feasible technically and financially for the NSA to record all phone calls in the United States (and even the world, now) and to keep the recordings permanently.
Therefore, they are doing so: Assuming anything less fails to take into account their mindset. Which is always to keep everything, and keep it permanently.
After all, you never know when John Doe's guilt will be confirmed by something his great granddaddy said in a phone call.
[ link to this | view in chronology ]
Just in case you were wondering
It's extremely hilarious because government employees cannot copyright their work.
[ link to this | view in chronology ]
Re: Just in case you were wondering
[ link to this | view in chronology ]
I'd like to know who this is
How? Like most system admins, I don't work a normal 40-hour week. I work whatever's necessary, and I do some of it from home...from my own computers...on my own network...which I share with my family.
So when this asshole gleefully owns one of my systems, he's got access to pictures of my children. He can reach my wife's computer. He can see the sites my kids access, which means he can quickly figure out where they go to school. In his arrogance and hubris, he's vacuuming up a LOT of date not just about me, not just about the systems and networks that I run, but about MY FAMILY.
I don't even have the words to express my rage at this asshole and the threat he represents. He's probably a serial rapist and a violent pedophile: he's certainly a sociopath.
[ link to this | view in chronology ]
Re: I'd like to know who this is
[ link to this | view in chronology ]
Re: I'd like to know who this is
[ link to this | view in chronology ]
Re: I'd like to know who this is
Your post just turned on a light for me. After reading the story I had thought to myself, what kind of system admin has a Facebook account? I would have thought it would be fairly unusual, but in a family situation it certainly wouldn't. And regardless of that, working at home and having your family involved does put an even more disgusting slant on the operation.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
I'm guessing, given the context, that the subculture in play here isn't gamers.
[ link to this | view in chronology ]
General Keith Alexander offered and succeeded in selling one of our constitutional rights (the 4th amendment) to the British. - _______.
Fill in the blank.
Got to wonder what old General Washington would have thought of Keith.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
NSA Official Uses LiveJournal-Like Board To Brag About 'Hunting SysAdmins'
Long overdue. Time to make the United States a better place.
[ link to this | view in chronology ]
Missing part here is the usage of snatched data. If NSA shares it with, say Exxon or ATT, then we have serious problem of public agency being used for private greed.
When Bush was about to attack Iraq, NSA nuked all prospective hostile websites inside and outside USA. I see this issue missing from GGreenwald story.
[ link to this | view in chronology ]
Re:
It will be used for whatever their political masters want, and they are owned by the corporations.
[ link to this | view in chronology ]
Re:
If those admins are in the US then it is not part of their job. In fact, it is specifically part of their job to not do it, since it's against the law.
For sysadmins outside the US, it is imperative that they know they're being specifically targeted so they can defend against it.
[ link to this | view in chronology ]
American Sysadmins
Consider an analogy. If I said that I eat meat (actually, I do), would you then assume that I illegally eat human flesh?
[ link to this | view in chronology ]
Re: American Sysadmins
[ link to this | view in chronology ]
NSA Official Uses LiveJournal-Like Board To Brag About 'Hunting SysAdmins'
It just reads kinda phoney to me.
[ link to this | view in chronology ]