07 July 2006

Spies and the Spying Spyers or, Connecting the Dots

I've been fascinated by the story that the media is doing its level best to ignore. It broke over the July 4 weekend on Bloomberg. Andrew Harris wrote, in part:
The U.S. National Security Agency asked AT&T Inc. to help it set up a domestic call monitoring site seven months before the Sept. 11, 2001 attacks, lawyers claimed June 23 in court papers filed in New York federal court.

The allegation is part of a court filing adding AT&T, the nation's largest telephone company, as a defendant in a breach of privacy case filed earlier this month on behalf of Verizon Communications Inc. and BellSouth Corp. customers. The suit alleges that the three carriers, the NSA and President George W. Bush violated the Telecommunications Act of 1934 and the U.S. Constitution, and seeks money damages.

"The Bush Administration asserted this became necessary after 9/11," plaintiff's lawyer Carl Mayer said in a telephone interview. "This undermines that assertion."
And I was reminded of something that broke a few years ago, was pooh-pooh'ed and deep-sixed.
Circa 1999 from Techweb:
A careless mistake by Microsoft programmers has shown that special access codes for use by the U.S. National Security Agency (NSA) have been secretly built into all versions of the Windows operating system....

But according to two witnesses attending the conference, even Microsoft's top crypto programmers were stunned to learn that the version of ADVAPI.DLL shipping with Windows 2000 contains not two, but three keys. Brian LaMachia, head of CAPI development at Microsoft was "stunned" to learn of these discoveries, by outsiders. This discovery, by van Someren, was based on advance search methods which test and report on the "entropy" of programming code...

According to Fernandes of Cryptonym, the result of having the secret key inside your Windows operating system "is that it is tremendously easier for the NSA to load unauthorized security services on all copies of Microsoft Windows, and once these security services are loaded, they can effectively compromise your entire operating system". The NSA key is contained inside all versions of Windows from Windows 95 OSR2 onward...

"How is an IT manager to feel when they learn that in every copy of Windows sold, Microsoft has installed a 'back door' for the NSA -- making it orders of magnitude easier for the U.S. government to access your computer?" he said.

Van Someren said he felt the primary purpose of the NSA key might be for legitimate U.S. government use. But he said there cannot be a legitimate explanation for the third key in Windows 2000 CAPI. "It looks more fishy," he said on Friday.
Now, I don't necessarily believe the story. The "super" authority Wikipedia claims it to be all but an urban legend. But, as I was poking around, I found this:
Jim Reavis
Network World on Security, 09/29/99


What Fernandes was able to find out the key name by debugging symbolic data: _NSAKEY. He promptly published a report linking the NSA to the key based upon name alone, claiming that this key somehow was under NSA control. It is implausible that the NSA would permit a secret key to exist with such a nonsecret name, and in any case, the NSA would have more efficient ways to subvert NT. Microsoft has had a pretty consistent track record in opposing key escrow.

Although it does not appear to be a backdoor, the reaction from the NSA and Microsoft indicates that Fernandes was not completely off the mark. The likely answer is that the second key was part of Microsoft's compliance requirements for legal export. However, how do you know for sure that your software does not contain a backdoor?

Although only moderately publicized, in 1996 IBM struck a deal with the NSA to export 64-bit security within Lotus Notes. Twenty-four bits of the Notes key was given to the NSA. Having only 40 bits to crack essentially meant the NSA had the capability to decrypt Notes. This was not the kind of information that IBM went around announcing with front-page ads and neon lights. Many companies felt burned when they learned about this information. Notes users outside the U.S. had some political battles as a result of this, needing to convince their constituencies that their data was safe from the American secret police.
Note, that while the author didn't believe the story, he couldn't completely ignore it, because the NSA HAD already been caught hiding a "backdoor" in Lotus Notes.

I know. The first thought: Clinton did it, too.

Nope.

The sad fact of the Clinton Administration was that, using the "draft dodger" attack on him as leverage, the FBI, NSA, CIA and all the other alphabet soup "intelligence" agencies bullied Clinton into their own agenda -- perhaps even the agenda left over from Daddy Bush (and Nixon, of course, whose Revenge we are now reaping).

My point is this: this has been going on for a lot longer than 9-11, or even Baby Bush. I was an Oregon delegate to the 2000 Democratic Convention in Los Angeles, and it was "post 9-11" the whole way. It scared me then, and now I know why.

This stuff was already in the works long before the Bushies made it overt US policy.

As with Dubya himself, the patterns re-emerge. No one who is familiar with Bush's lifelong bullying, pathological lying, hidden agendas and habit of "getting away with it" can be surprised at what we're facing now. People don't change, fundamentally. Patterns emerge, and they remain.

The same holds true of institutions.

And now we've connected the dots of the "data-mining" and the warrantless snooping all the way back to 1996, at least. Do you doubt that it goes back further, or that this whole agenda has been in place for a long, long time?

And you wondered why the Democrats don't "stand up"?

The problem with knowing secrets is that it gives you power over those whose secrets you know. And we ALL have secrets. Don't ever doubt that for a second. And the temptation to acquire more secrets grows in direct proportion to those secrets you've already collected.

So, why isn't the media following up on the devastating assertion that the NSA was monitoring our phone calls (and lord knows what else) pre-9-11? (Stupidity might be one explanation. But there might be others. Fear, for example.)

And we all remember the FBI's "carnivore" program, allegedly dismantled, that was snooping all e-mail communications. Do we NOW believe that it was dismantled?

Really?

No: there's two points here that need making:

First, that the whole movement towards controlling us by knowing all of our information goes back a long way.

and

Second: That however dangerous and thuggish you thought this Administration was, it's a lot worse than you think.

I could do a long, investigative piece on this all, but I've made my point. The pattern is clear, and the obvious conclusions are chilling. You don't always have to break the "new" news to find it. Sometimes all you have to do is pay attention and connect the dots.

My little sister used to have this taped to her bedroom door, and it bears repeating here:

"Just because you're paranoid doesn't mean that people aren't out to get you."

'Nuff said.

Courage.
.

0 Comments:

Post a Comment

Links to this post:

Create a Link

<< Home