http://www.nytimes.com/2006/04/13/us/nationalspe
cial3/13nsa.html
------------------------------------------------------------
------------
April 13, 2006
Documents Show Link Between AT&T and Agency in
Eavesdropping Case
By JOHN MARKOFF
and SCOTT SHANE
SAN FRANCISCO, April 12
Mark Klein was a veteran AT&T technician in 2002 when he
began to see
what he thought were suspicious connections between that
telecommunications giant and the National Security Agency.
But he kept quiet about it until news broke late last year
that
President Bush had approved an N.S.A. program to eavesdrop
without court
warrants on Americans suspected of ties to Al Qaeda.
Now Mr. Klein and a few company documents he saved have
emerged as key
elements in a class-action lawsuit filed against AT&T on
Jan. 31 by a
civil liberties group, the Electronic Frontier Foundation.
The suit
accuses the company of helping the security agency invade
its customers'
privacy.
Mr. Klein's account and the documents provide new details
about how the
agency works with the private sector in intercepting
communications for
intelligence purposes.
The documents, some of which Mr. Klein had earlier provided
to
reporters, describe a mysterious room at the AT&T
Internet and telephone
hub in San Francisco where he worked.
The documents, which were examined by four independent
telecommunications and computer security experts at the
request of The
New York Times, describe equipment capable of monitoring a
large
quantity of e-mail messages, Internet phone calls, and other
Internet
traffic.
The equipment, which Mr. Klein said was installed by
AT&T in 2003, was
able to select messages that could be identified by
keywords, Internet
or e-mail addresses or country of origin and divert copies
to another
location for further analysis.
The security agency began eavesdropping without warrants on
international phone calls and e-mail messages of people
inside the
United States suspected of terrorist links soon after the
Sept. 11 attacks.
After disclosing the program last December, The New York
Times also
reported that the agency had gathered data from phone and
e-mail traffic
with the cooperation of several major telecommunications
companies.
The technical experts all said that the documents showed
that AT&T had
an agreement with the federal government to systematically
gather
information flowing on the Internet through the company's
network.
The gathering of such information, known as data mining,
involves the
use of sophisticated computer programs to detect patterns or
glean
useful intelligence from masses of information.
"This took expert planning and hundreds of millions of
dollars to
build," said Brian Reid, director of engineering at
the Internet Systems
Consortium in Redwood City, Calif. "This is the
correct way to do high
volume Internet snooping."
Another expert, who had designed large federal and
commercial data
networks, said that the documents were consistent with
administration
assertions that the N.S.A. monitored only foreign
communications and
communications between foreign and United States locations,
partly
because of the location of the monitoring sites. The network
designer
was granted anonymity because he believed that commenting on
the
operation could affect his ability to work as a consultant.
The documents referred to a second location, in Atlanta, and
suggested
similar rooms might exist at other AT&T switching sites.
Mr. Klein said other AT&T technicians had told him of
such installations
in San Jose, Calif.; Los Angeles; San Diego; and Seattle.
The Internet hubs there carry a significant amount of
international
traffic. The network designer and other experts said it
would be a
simple technical matter to reprogram the equipment to
intercept purely
domestic Internet traffic.
The Department of Justice initially asked the Electronic
Frontier
Foundation not to file Mr. Klein's documents in court, but
a review
determined that they were not classified and the government
dropped its
objection. The foundation filed the documents under seal
because of
concern about releasing proprietary information.
On Monday, AT&T filed a motion with a federal judge in
San Francisco
asking the court to order the foundation to return the
documents because
they were proprietary.
The documents showed that the room in San Francisco, which
Mr. Klein
says was off-limits to most employees but serviced by a
company
technician working with the security agency, contained
computerized
equipment that could sift through immense volumes of traffic
as it
passed through the cables of AT&T's WorldNet Internet
service.
According to the documents, e-mail messages and other data
carried by 16
other commercial Internet providers reached AT&T
customers through the
San Francisco hub.
One piece of filtering equipment described in the documents
was
manufactured by Narus, based in Mountain View, Calif.
The equipment could be programmed to identify and intercept
voice or
data conversations between e-mail, telephone or Internet
addresses, said
Steve Bannerman, the company's vice president for
marketing.
Buyers included companies trying to comply with the
Communications
Assistance for Law Enforcement Act of 1994, which requires
that
communications systems have a wiretapping capability built
in.
Typically, law enforcement interceptions are done on a case
by case
basis and require warrants.
Mr. Bannerman said he could not comment further because
Narus had not
announced any sales to the federal government. William P.
Crowell, a
former deputy director of the N.S.A, is on the Narus board.
In an interview, Mr. Klein said he did not have a security
clearance but
had witnessed interactions between colleagues who did have
clearances
and the highly secretive N.S.A. "It was strange and
sort of suspicious,"
he said.
Mr. Klein said he learned of an agency connection to the
mysterious room
in 2002 when a company manager told him to expect a visit
from an N.S.A.
official who wanted to speak with another senior company
technician
about "a special job." That technician later
installed the equipment in
the room, he said.
Based on his observations and technical knowledge, Mr. Klein
concluded
that the equipment permitted "vacuum-cleaner
surveillance" of Internet
traffic. Mr. Klein, 60, who retired in 2004 after 23 years
with AT&T and
lives near Oakland, Calif., said he decided to make his
observations
known because he believed the government's monitoring was
violating
Americans' civil liberties.
An AT&T spokesman at the company's corporate
headquarters in San Antonio
declined to comment on Mr. Klein's statements.
"AT&T does follow all laws with respect to
assistance offered to
government agencies," said Walt Sharp, the AT&T
spokesman. "However, we
are not in a position to comment on matters of national
security."
Asked to comment, Don Weber, a spokesman for the N.S.A.,
said, "It would
be irresponsible of us to discuss actual or alleged
operational issues
as it would give those wishing to do harm to the United
States the
ability to adjust and potentially inflict harm."
John Markoff reported from San Francisco for this article,
and Scott
Shane from Washington.
------------------------------------------------------------
------------
------------------------------------------------------------
---------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe
cryptography" to majordomo metzdowd.com
|
in this case, poorly chosen example.
it's hard to not print documents used by the technician(s)
to install
splitters in the fibers and specify the details of wiring in
and between
various racks and cabinets.
On Thu, Apr 13, 2006 at 08:04:07PM +0200, lorenzo wrote:
> On 4/13/06, Perry E. Metzger <perrypiermont.com> wrote:
> > http://www.nytimes.com/2006/04/13/us/nationalspe
cial3/13nsa.html
> [...]
> > Now Mr. Klein and a few company documents he saved
have emerged as key
> > elements in a class-action lawsuit filed against
AT&T on Jan. 31 by a
> > civil liberties group, the Electronic Frontier
Foundation. The suit
> > accuses the company of helping the security agency
invade its customers'
> > privacy.
>
> Am I wrong or if we were living in a DRM- or Trusted
Computing- World,
> those documents probably would be unreadable, if they
were digital
> documents? Also they could have prevented printing of
the documents,
> and so on.
>
> Of course, the human is still the weaker ring, but this
is not of much
> help in such cases.
>
> --
> :lorenzo grespan
> GPG Key fingerprint = 5372 1B49 9E61 747C FB9A 4DAE
5D2A A9A0 74B4 8F1A
>
>
------------------------------------------------------------
---------
> The Cryptography Mailing List
> Unsubscribe by sending "unsubscribe
cryptography" to majordomometzdowd.com
------------------------------------------------------------
---------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe
cryptography" to majordomometzdowd.com
|