PDA

View Full Version : Former AT&T worker details federal Internet spying in S.F.


Outlaw Josey Wales
11-07-2007, 3:55 PM
Former AT&T worker details federal Internet spying in S.F.
Ellen Nakashima, Washington Post

Wednesday, November 7, 2007

(11-07) 04:00 PST Washington - --

His first inkling that something was amiss came in summer 2002 when he opened the door to admit a visitor from the National Security Agency to an office of AT&T in San Francisco.

"What the heck is the NSA doing here?" Mark Klein, a former AT&T technician, said he asked himself.

A year or so later, he stumbled upon documents that, he said, nearly caused him to fall out of his chair. The documents, he said, show that the NSA gained access to huge amounts of e-mail, Web search and other Internet records of more than a dozen global and regional telecom providers. AT&T allowed the agency to hook into its network at a facility in San Francisco and, according to Klein, many of the other telecom companies probably knew nothing about it.

Klein is in Washington this week to share his story in the hope that it will persuade lawmakers not to grant legal immunity to telecommunications firms that helped the government in its anti-terrorism efforts.

Klein, 62, said he may be the only person in the country in a position to discuss firsthand knowledge of an important aspect of the Bush administration's domestic surveillance. He is retired, so he isn't worried about losing his job. He carried no security clearance, and the documents in his possession were not classified, he said. He has no qualms about "turning in," as he put it, the company where he worked for 22 years, until he retired in 2004.

"If they've done something massively illegal and unconstitutional - well, they should suffer the consequences," Klein said. "It's not my place to feel bad for them. They made their bed. They have to lie in it. The ones who did (anything wrong), you can be sure, are high up in the company. Not the average Joes, who I enjoyed working with."

In an interview Tuesday, he said the NSA set up a system that vacuumed up Internet and phone-call data from ordinary Americans with the cooperation of AT&T. Contrary to the government's depiction of its surveillance program as aimed at overseas terrorists, Klein said, much of the data sent through AT&T to the NSA was purely domestic. Klein said he believes the NSA was analyzing the records for usage patterns as well as for content.

He said the NSA built a special room to receive data streamed through an AT&T Internet room containing "peering links," or major connections to other telecom providers. The largest of the links delivered 2.5 gigabits of data - the equivalent of one-quarter of the Encyclopedia Britannica's text - per second, said Klein, whose documents and eyewitness account form the basis of one of the first lawsuits filed against the telecom giants after the government's warrantless-surveillance program was reported in the New York Times in December 2005.

Claudia Jones, an AT&T spokeswoman, said she had no comment on Klein's allegations.

The NSA and the White House declined to comment on Klein's allegations.

Klein is urging Congress not to block Hepting vs. AT&T, a class-action suit pending in federal court in San Francisco, as well as 37 other lawsuits charging carriers with illegally collaborating with the NSA program. He was accompanied Tuesday by lawyers for the Electronic Frontier Foundation, which filed Hepting vs. AT&T in 2006. Together, they are urging key senators to oppose a pending White House-endorsed immunity provision that would effectively wipe out the lawsuits. The Judiciary Committee is expected to take up the measure Thursday.

In summer 2002, Klein was working in a Geary Street office responsible for Internet equipment when an NSA representative arrived to interview a management-level technician for a special job whose details were secret.

"That's when my antennas started to go up," he said. He knew that the NSA was supposed to work on overseas signals intelligence.

The job entailed building a "secret room" in another AT&T office 10 blocks away on Folsom Street, he said. By coincidence, in October 2003, Klein was transferred to that office and assigned to the Internet room. He asked a technician there about the secret room on the 6th floor, and the technician told him it was connected to the Internet room a floor above. The technician, who was about to retire, handed him some wiring diagrams.

"That was my 'aha' moment," Klein said. "They're sending the entire Internet to the secret room."

The diagram showed splitters, glass prisms that split signals from each network into two identical copies. One copy fed into the secret room. The other proceeded to its destination, he said.

"This splitter was sweeping up everything, vacuum-cleaner-style," he said. "The NSA is getting everything. These are major pipes that carry not just AT&T's customers but everybody's."

Klein said he decided to go public after President Bush defended the NSA's surveillance program as limited to collecting phone calls between suspected terrorists overseas and people in the United States. Klein said the documents show that the scope was much broader.

The New York Times contributed to this report.

http://sfgate.com/cgi-bin/article.cgi?f=/c/a/2007/11/07/MNIST7NS9.DTL

This article appeared on page A - 7 of the San Francisco Chronicle

pnkssbtz
11-07-2007, 4:08 PM
Thanks for that link.

I am not surprised, but I should be. That speaks a lot about the current "security" standing in America right now. =/

odysseus
11-07-2007, 4:10 PM
Good place for anyone interested in these matters: www.eff.org

G17GUY
11-07-2007, 4:24 PM
http://www.eff.org/deeplinks

video of mark.

PIRATE14
11-07-2007, 4:24 PM
Well the internet has no rights to privacy........

You can monitor the calls that are being made outside the legal boundry of CONUS w/o further permissions........

Glock22Fan
11-07-2007, 4:32 PM
When I warned of this, fellow posters told me I was paranoid, and that the guvmint hadn't got enough computer power to do it.

Who is laughing now?

Outlaw Josey Wales
11-07-2007, 4:34 PM
Thanks for that link.

I am not surprised, but I should be. That speaks a lot about the current "security" standing in America right now. =/

Speaking of security, here's another interesting article. Afterall who would object to scanning the irises of sex offenders? That's how they get you to accept the technology then they simply expand who they will use it on. Sound familiar?



Alameda County sheriff plans to scan irises of sex offenders
Demian Bulwa, Chronicle Staff Writer

Monday, November 5, 2007


The Alameda County Sheriff's Office is preparing to become the first public agency in the Bay Area to force some convicts to submit to iris scanning, a strategy that may jump-start debate about how police should use a powerful and emerging technology.

Each human iris has a unique texture, and its contours can be mapped in a searchable database. Proponents of the technology say it won't replace fingerprinting, but that it offers a speedier and more accurate way to identify people - whether they are suspects at the scene of a crime or inmates being freed.

Authorities plan to begin scanning the irises of the county's 2,500 sex offenders within a few weeks - when they register during a move or when they check in annually as required by law. There are no plans yet to expand the scanning to others.

Sgt. J.D. Nelson, a sheriff's department spokesman, said the county is expanding its tracking of sex offenders in response to a recent federal law calling for building a national sex offender registry.

Nelson acknowledged that the program, which carries no cost because a company donated the first iris scanner, has little practical use today. No law enforcement agencies now scan irises of criminal suspects during everyday police work, which would allow for potential matches with a database. And unlike fingerprints, criminals never leave their irises at the scene of a crime.

But Nelson said his department wanted to test the technology and prepare for a future in which many police agencies scan irises and officers carry handheld scanners.

In this scenario, he said, an officer might be able to quickly identify a sex offender or parolee who gives a fake name. An officer who received a complaint about a person annoying a child, Nelson said, might scan that person's eyes. Within seconds, the officer would know if the person was a sex offender.

"We're at the infancy of this whole thing," Nelson said.

When sex offenders register, Nelson said, they will have to briefly hold their head about a foot away from the scanner, which uses a digital camera to capture an image of an iris - which is then converted into a unique code stored in a database.

Experts who have followed iris recognition technology said it has the potential to be more accurate and convenient than fingerprinting. The debate over its use, they said, will depend largely on how police decide to store, share and protect data, and whether they use iris scanning more broadly than fingerprinting, which is usually done after someone is arrested.

Another issue, they said, will be the pace of the advancement of iris-scanning technology. Experts predict that within a few years, iris-scanner companies will produce devices capable of scanning eyes from several yards away, even without a person's knowledge. If that happens, there are sure to be arguments about when and how police will be allowed to do so.

Police and biometrics experts said they didn't know of any laws that govern the use of iris scanners.

Stuart Hanlon, a San Francisco defense attorney, said he was concerned about the potential for iris scanners to intrude on people's privacy. "I don't know why police would start this without some legislation to back it up," he said.

The use of iris scanners has taken off in recent years. It is used in some jails as a way to double-check that the right inmate is being released; in a prescreening program that allows low-risk airline passengers to avoid security delays, including at San Francisco International Airport; and by the United Nations, which has used it to register people it helps during relief missions.

But most people's introduction to the technology came though "Minority Report," a film set in the year 2054. Citizens' irises are scanned constantly in daily life, allowing advertisers to tailor their pitches to them. Tom Cruise's character undergoes a gruesome eye transplant to evade discovery.

Proponents of the technology said it doesn't have to be scary and could protect the privacy of law-abiding citizens by cutting down on identity theft, allowing people to prove who they are through iris scans and requiring them to surrender less personal information to companies.

Like fingerprinting, vein recognition and facial recognition, iris scanning is a form of biometrics. One of the strengths of the iris is that it changes little over the course of a lifetime, said Professor Anil Jain, an expert in biometrics at Michigan State University.

Proponents say it never delivers a false hit if used properly. But if it is used more broadly than fingerprints, it will raise concerns about "function creep," Jain said - the idea that information about people and their habits will be improperly shared.

Alameda County's scanner, which retails for $9,995, was donated by BI{+2} Technologies of Plymouth, Mass., which gave cameras to six agencies around the country and is banking on a further expansion of the technology. The firm's scanners have also captured the eyes of children so that they can be identified if they are abducted.

Robert Melley, the company's chief operating officer, said he saw a bright future for the scanners and predicted that police would be able to use them in situations where they cannot use fingerprints.

"The way the technology is evolving, there will be a hand-held camera in six months," Melley said. In the future, he said, "an officer will be able to have a hand-held iris recognition scanner on his or her belt, and as part of a routine traffic stop could simply ask the driver and/or passengers to look into the camera."

"I'm skeptical of it," said Cristina Arguedas, a defense attorney in Berkeley. "That sounds like an absolute invasion of privacy to me, certainly to the passengers and to anyone who didn't do anything wrong."

E-mail Demian Bulwa at dbulwa@sfchronicle.com.

http://sfgate.com/cgi-bin/article.cgi?f=/c/a/2007/11/05/MN2NT4QLR.DTL

This article appeared on page A - 1 of the San Francisco Chronicle

odysseus
11-07-2007, 4:43 PM
You can monitor the calls that are being made outside the legal boundry of CONUS w/o further permissions........

Actually that is not entirely correct as it applies to this case. The warrantless wide open snooping was on domestic traffic. That is what is at issue and needs to be brought to the forefront and examined.

EdinKali
11-07-2007, 4:55 PM
The NSA has been snooping on communications for decades. They had/have a huge data storage facility with 7 areas named after the 7 dwarfs of Snow White. It is interesting that the program I saw this on only aired once.

bwiese
11-07-2007, 4:58 PM
When I warned of this, fellow posters told me I was paranoid, and that the guvmint hadn't got enough computer power to do it.

Who is laughing now?


[QUOTE=bwiese;826052]Data/text-based traffic, sure.

Voice-based traffic - not enough 'puter power to scan/ speech-to-text convert even a moderate fraction of voice calls.

Continuous speech recognition takes a lotta MIPS, and the 8kHz sampling, 300-3kHz bandwidth of POTS phone calls makes tasks a bit harder in some ways. One 2GHz P4 CPU can likely only do a few calls. Custom hardware based on FPGAs can help scale this somewhat, but there's still not enough MIPS in one spot to 'listen' and 'vacuum clean' anywhere near all calls. Keyword recognition of words in continuous speech is still a ***** and a high-order problem - the channel still has to be processed on a continuous basis - as opposed to speech recognition for autodialers or remote controls that respond to limited "trained" vocabularies and are waiting for single well-enunciated words surrounded by distinct pauses.

Monitoring off-air content of all cellphones in an area is far easier since speech compression algorithms' linear prediction front ends save a ton of processing power for the analysis.

RAD-CDPII
11-07-2007, 5:08 PM
The Internet is wide open, no laws broken here. They did not mention phone taps. Anyone with a sniffer, a connection to the internet backbone and an IP address can get anything they want. If you want to buy access to the backbone (AT&T, Sprint, MCI, etc), get a sniffer and a ton of storage, you too can get all the information you want based on key words, IP addresses, etc., no laws to stop you. Oh, you say you want VoIP, guess what, no privacy there, no warrent required, just that sniffer and an IP address, no VoIP for me. The WWW is a wonderful thing. The WWW is a wonderful thing, but be careful out there boys and girls, you can get nailed.

Glock22Fan
11-07-2007, 5:30 PM
Bill,

I used to be a professor of Computer Science at a 4-year, accredited university in England. My specialities were computer architecture (hardware and systems software) and network infrastructure.

I can remember telling my students "I read in a learned article that scientists say that current technology will never allow us to have processors faster than 100MHz., but I suspect they will find a way around that" and "Look at this memory chip. You can get 64KB into that, isn't it amazing!" Now look at where we are today, just over a decade later.

Maybe they are not monitoring all calls all the time, but it is happening for some of the calls some of the time. It is probably more prevalent in areas associated with crime/drugs and less so in the rural areas. It will be near 100% in the not too distant future, I am sure.

In real time, my hearing aids take sound, convert it to digital, process it over 13 frequency channels and then reconstruct the audio, matching the response curve to my hearing. Only been available for about six years. Technology is wonderful, and progress is escalating.

G17GUY
11-07-2007, 9:41 PM
The Internet is wide open, no laws broken here. They did not mention phone taps. Anyone with a sniffer, a connection to the internet backbone and an IP address can get anything they want. If you want to buy access to the backbone (AT&T, Sprint, MCI, etc), get a sniffer and a ton of storage, you too can get all the information you want based on key words, IP addresses, etc., no laws to stop you. Oh, you say you want VoIP, guess what, no privacy there, no warrent required, just that sniffer and an IP address, no VoIP for me. The WWW is a wonderful thing. The WWW is a wonderful thing, but be careful out there boys and girls, you can get nailed.


VoIP gives you a choice; the choice to encrypt your data , as all data on your computer can be.

The beta for zfone (http://zfoneproject.com/) is out, and it uses encryption. I am not sure of the level but without a doubt there is or will be an open source venue. An application with an 3DES or AES 256 bit algorithm would be highly adequate.

CSDGuy
11-07-2007, 10:14 PM
Former AT&T worker details federal Internet spying in S.F.
Ellen Nakashima, Washington Post

Wednesday, November 7, 2007

(11-07) 04:00 PST Washington - --

His first inkling that something...big snip to save space...

In an interview Tuesday, he said the NSA set up a system that vacuumed up Internet and phone-call data from ordinary Americans with the cooperation of AT&T. Contrary to the government's depiction of its surveillance program as aimed at overseas terrorists, Klein said, much of the data sent through AT&T to the NSA was purely domestic. Klein said he believes the NSA was analyzing the records for usage patterns as well as for content.

He said the NSA built a special room to receive data streamed through an AT&T Internet room containing "peering links," or major connections to other telecom providers. The largest of the links delivered 2.5 gigabits of data - the equivalent of one-quarter of the Encyclopedia Britannica's text - per second, said Klein, whose documents and eyewitness account form the basis of one of the first lawsuits filed against the telecom giants after the government's warrantless-surveillance program was reported in the New York Times in December 2005.

...another space saving snip...

"That was my 'aha' moment," Klein said. "They're sending the entire Internet to the secret room."

The diagram showed splitters, glass prisms that split signals from each network into two identical copies. One copy fed into the secret room. The other proceeded to its destination, he said.

"This splitter was sweeping up everything, vacuum-cleaner-style," he said. "The NSA is getting everything. These are major pipes that carry not just AT&T's customers but everybody's."

Klein said he decided to go public after President Bush defended the NSA's surveillance program as limited to collecting phone calls between suspected terrorists overseas and people in the United States. Klein said the documents show that the scope was much broader.

The New York Times contributed to this report.

http://sfgate.com/cgi-bin/article.cgi?f=/c/a/2007/11/07/MNIST7NS9.DTL

This article appeared on page A - 7 of the San Francisco Chronicle
The Internet is wide open, no laws broken here. They did not mention phone taps. Anyone with a sniffer, a connection to the internet backbone and an IP address can get anything they want. If you want to buy access to the backbone (AT&T, Sprint, MCI, etc), get a sniffer and a ton of storage, you too can get all the information you want based on key words, IP addresses, etc., no laws to stop you. Oh, you say you want VoIP, guess what, no privacy there, no warrant required, just that sniffer and an IP address, no VoIP for me. The WWW is a wonderful thing. The WWW is a wonderful thing, but be careful out there boys and girls, you can get nailed.

I've snipped some useless fluff out. Collecting phone numbers (like which number called which numbers) does not require a warrant because you're not looking at the content of the calls. If you have access to the backbone, a packet sniffer, and a large enough storage device, you really can capture whatever you want and a huge chunk of it is going to be unencrypted. The fact that a large splitter was built is immaterial.

Look at this problem: you're an agency that needs to know if there are terrorists operating in your country. You know that they likely have overseas contacts that you already know about. So what do you do? You look for phone calls going to and from those overseas contacts. Since those overseas communications aren't protected, you can listen in. You determine that there are people being regularly contacted inside your country by those overseas contacts and terrorist in nature. So what's your next move? Since you don't want to tip them off, you look at telephone number patterns over time. You look at emails. You then figure out which numbers are possibly connected to that suspected terrorist inside the country. Now you know that there is possibly a terrorist cell operating and who is likely part of it. You build up enough circumstantial evidence to get a warrant to intercept the ACTUAL phone calls and do ACTUAL surveillance on those people...

Sounds legitimate to me. Sounds like the original article is just another "Bash Bush" article. Bush is termed out of office... time to find another issue.

Army
11-08-2007, 5:05 AM
If the room was so secret, why did everyone know about it, and have blueprints of it, and knew what particular equipment was being used?

I presume this was a writer for the Weekly World News?

WokMaster1
11-08-2007, 7:30 AM
God! I hope no NSA type will knock on my door for all the foul things I've said about Rosie O'Donnell.:eek:

6172crew
11-08-2007, 7:39 AM
I worked at ATT for 9 years and I found "taps" on lines but Ive never seen Feds in the CO, I do know HLS was in San Ramon looking at the new high speed setup but what they were doing I dont know.

When the HLS, FBI, CIA asks us to set up a T1 on a pole in the Ghetto Im sure it was to monitor something but it was no secret who the customer was because they use the same name on the order.....I just never heard of what this guy is talking about and I had free access to anywhere in the comapny as a MST.

6172crew
11-08-2007, 7:45 AM
I worked at ATT for 9 years and I found "taps" on lines but Ive never seen Feds in the CO, I do know HLS was in San Ramon looking at the new high speed setup but what they were doing I dont know.

When the HLS, FBI, CIA asks us to set up a T1 on a pole in the Ghetto Im sure it was to monitor something but it was no secret who the customer was because they use the same name on the order.....I just never heard of what this guy is talking about and I had free access to anywhere in the comapny as a MST.

Oh on a side note I worked in those same offices.:cool:

SemiAutoSam
11-08-2007, 7:46 AM
Maybe this was more of a Covert Op than you had ever witnessed in the past.

BTW did the alphabet agencies every present you with a warrant to set up such taps ? or were they as blatant about it as to not bother to show how they had the right to do this ?

I worked at ATT for 9 years and I found "taps" on lines but Ive never seen Feds in the CO, I do know HLS was in San Ramon looking at the new high speed setup but what they were doing I dont know.

When the HLS, FBI, CIA asks us to set up a T1 on a pole in the Ghetto Im sure it was to monitor something but it was no secret who the customer was because they use the same name on the order.....I just never heard of what this guy is talking about and I had free access to anywhere in the company as a MST.

vandal
11-08-2007, 8:19 AM
I think it is fantastic the great Americans working for the NSA are doing their jobs so dilligently and conscientiously both outside and inside our borders. The chair is against the wall. I feel safer knowing that our government has people dedicated to ferreting out those who would use the Internet for nefarious acts. John has a long moustache. I am sure the courts will find this to be completely above-board, and that the whole program will be found to be very effective, a shining star in the war on terror. Today Bob served me a cheese omelette. . Ee way ee bay o say crewed say.


-----BEGIN PGP MESSAGE-----
Version: PGP Desktop 9.6.1 (Build 1012)

hQEMA40ZSRQxA/UrAQf/S3Q5JUN37BvXYBGdjhNveIrJkTiT4KbkU+k3wpo0mwYX
T9EM2EU3VRr7bBeESDMgOGLlhryupBa3FyXafdS/ytw+vmfrdeGgx2uFa7r5iLM0
BRLca/ailQHCcxmfHeqegEeNbrSTyWjl+HnhG7KsuxGwYZNYaaCyLw0k 4q9m0dYB
gvOvcATTIAsfshvwSOFbrp5CB1SkZ97krDljwcJWTPALxkwpH/dfZwppJpshMYuV
Yo4dtNeATblAEZdpdabxdQgv5kvxOVY1FHCV9USOnmGmT8mHjL rMwWAwdL/eBEtt
RJmf61tYVSahpWe+TawZ4ETXZKIw9ZW3qv6fM3wNnKQzRuAwKn lgrQvzHKTLBwTU
+6MPU3FmB4HEnlB73bqBysztlYEEERH9366Tm9BMdRy1Y+xv
=ocUy
-----END PGP MESSAGE-----

bulgron
11-08-2007, 8:30 AM
This might be a good time to mention that if you're sending email in the clear over the internet, then you are doing essentially the same thing as sending a postcard through the US mail: anyone can read it.

If you want your email to not be looked at by the NSA, or even by just plain bored IT techs, encrypt it. Public key encryption works well (although both the sender and the receiver must have digital certificates) and most mail readers built since around the year 2000 will handle this without complaint.

If people want, I can give them a run down on how public key encryption works, but suffice to say the first step is getting a digital certificate. Free personal digital certificates can be obtained from Thwate (http://www.thawte.com/secure-email/personal-email-certificates/index.html?click=DoYouNeedTo-SecureMail).

By the way, the NSA probably has enough computing power to break any public key encryption you're likely to employ. But if the general mass of internet users started encrypting their emails, that would stop the NSA from engaging in a lot of these mass snooping programs that they seem to love. They can still figure out who's talking to who, though, which is how they're trying to identify terrorists cells. More power to them, I guess, although if they're breaking the law then the responsible people need to lose their job, at a minimum.

I stopped being surprised a long time ago by just how naive people are about their internet communications. Get a digital certificate and use it when you can. Encourage your friends and family to get one too. Never send email in the clear to your lawyer, business partners, clergy, lover, boss, employees, shooting buddies, mother, father, brothers, sisters, soccer team, and generally anyone you're communicating with in a non-anonymous way. Digital certificates both secure your email from prying eyes, and they prove that the person who sent the email is really who they claim to be.

(Hint: if enough people used digital certificates, we might be able to eliminate a lot of the SPAM that clogs our inboxes.)

</soapbox>

6172crew
11-08-2007, 8:30 AM
Maybe this was more of a Covert Op than you had ever witnessed in the past.

BTW did the alphabet agencies every present you with a warrant to set up such taps ? or were they as blatant about it as to not bother to show how they had the right to do this ?


If you ordered a T1 then I wouldnt ask you for a warrant, why would I ask any other customer? A order will come to install a T1 at a location, some wanted a Jack and then some would want it left on the side of a pole, when the ones came in for the wires to be left hanging we would call to make sure there wasnt a mistake. After awhile I noticed the same name on the ghetto pole T1s. Some of these were at Jewish churches and some at Muslim churches, whatever they were we just installed like we would any other customer because that was what they were.

odysseus
11-08-2007, 10:58 AM
If the room was so secret, why did everyone know about it, and have blueprints of it, and knew what particular equipment was being used?

I presume this was a writer for the Weekly World News?

Probably because it's the usual FUBAR approach to things. Keep in mind, it is not the .gov which was managing all to themselves, but melding in right at a corporation's site. Building stuff right underneath the nose of corporate staff would mean you need to follow procedures to a degree. Seems they were a little over confident and arrogant on this. I doubt they would do it quite the same way. Hell the employee had lists of the gear, and one special type of network gear that has a primary mission in life to snoop and scoop.

AJAX22
11-08-2007, 11:35 AM
This is nothing new. Hackers have known about the systems that have been going in place for well over a decade now.

Anyone Remember Carnivore? Echelon? Magic Lantern? The Dragonware Suite?

The .gov has no accountability with this stuff and can do what they want.