pageok
pageok
pageok
Did the NSA Call Records Program Cause the Major Controversy Within DOJ, and If so, What Does It Tell Us About the Legal Issues?:
Back in 2005 to 2006, the press reported on two major warrantless surveillance programs. The first became known as the Terrorist Surveillance Program, and involved real-time wiretapping of the contents of telephone and Internet communications that happened to be routed through the U.S. even though at least one of the participants (and most often, both) were actually located outside the U.S. The second program was sometimes referred to as the NSA Call Records program, and it involved the disclosure of non-content "metadata" about calls and e-mails from U.S. service providers to the NSA.

  Ever since the news leaked about the now-infamous Gonzales and Card visit to then-AG Ashcroft at the GW Hospital, it has been assumed that the episode and the threatened resignations that followed concerned the TSP, not the call records program. But now Newsweek is reporting that "the program" at issue in that case was actually the NSA Call Records program, not the TSP:
  Two knowledgeable sources tell NEWSWEEK that the clash erupted over a part of Bush's espionage program that had nothing to do with the wiretapping of individual suspects. Rather, Comey and others threatened to resign because of the vast and indiscriminate collection of communications data. These sources, who asked not to be named discussing intelligence matters, describe a system in which the National Security Agency, with cooperation from some of the country's largest telecommunications companies, was able to vacuum up the records of calls and e-mails of tens of millions of average Americans between September 2001 and March 2004. The program's classified code name was "Stellar Wind," though when officials needed to refer to it on the phone, they called it "SW." (The NSA says it has "no information or comment"; a Justice Department spokesman also declined to comment.)
  The NSA's powerful computers became vast storehouses of "metadata." They collected the telephone numbers of callers and recipients in the United States, and the time and duration of the calls. They also collected and stored the subject lines of e-mails, the times they were sent, and the addresses of both senders and recipients. By one estimate, the amount of data the NSA could suck up in close to real time was equivalent to one quarter of the entire Encyclopaedia Britannica per second. (The actual content of calls and e-mails was not being monitored as part of this aspect of the program, the sources say.) All this metadata was then sifted by the NSA, using complex algorithms to detect patterns and links that might indicate terrorist activity.
  . . . By 2003, Yoo had moved on, and a new head of the OLC, Jack Goldsmith, began reviewing his work. Goldsmith found Yoo's legal opinions justifying the program flawed. His reasons are based on a mind-numbingly complex area of federal law, but the basic analysis comes down to this: the systematic collection and digital transmission of huge amounts of telephone and e-mail data by the government constitutes "electronic surveillance" under the Foreign Intelligence Surveillance Act, the exclusive law governing domestic spying in national-security cases. For such activities, FISA requires a court-approved warrant. Therefore, the program was illegal.
   Back when we were assuming that the TSP was the real issue, my best guess was that Goldsmith had rejected the Article II theory for the TSP and instead was only willing to allow a narrower program under the rationale that the AUMF justified the program in narrower form. But if the Call Records program was the real issue, then it may be time to revise that a bit.

  In particular, it sounds like Yoo wrote a really sloppy memo that the NSA Call Records program did not constitute "electronic surveillance" under 50 U.S.C. 1801(f). 50 U.S.C.1801(f)(2) describes as "electronic surveillance" (for which a warrant is ordinarily required) as "the acquisition by an electronic, mechanical, or other surveillance device of the contents of any wire communication to or from a person in the United States, without the consent of any party thereto, if such acquisition occurs in the United States." If you were a really sloppy lawyer, and you wanted to say that the NSA Call Records program was legal, you could probably write a memo concluding that the program didn't implicate FISA's prohbition on warrantless wiretapping because it didn't intercept any "contents." As described in the Newsweek story, the evidence collection was limited to e-mail headers and non-content phone records. Therefore no "contents."

   But if you were a decent lawyer, you would realize that these arguments are pretty bad. First, subject lines of e-mails are pretty clearly contents rather non-content information. Second, and more importantly, the definition of "contents" in FISA is different than the more intuitive distinction used in the criminal context of the Wiretap Act. 50 U.S.C. 1801(n) provides:
"Contents", when used with respect to a communication, includes any information concerning the identity of the parties to such communication or the existence, substance, purport, or meaning of that communication.
  Note that in the national security setting, "contents" includes "any information concerning the identities of the parties to such communication." Although there aren't any cases on this, that I know of, "any information" is pretty broad. Presumably that includes information such as e-mail addresses that would be non-content information in the criminal law setting.

  In light of this, it seems that the major dispute at the Ashcroft hospital visit was about whether the NSA Call Records program was collecting "contents" for purposes of FISA (and perhaps only in the background the issue of whether Article II trumped FISA). Comey and Goldsmith realized that the program was clearly "electronic surveillance," even though Yoo's memo argued that it was not and therefore was outside FISA. Comey and Goldmsith might have then insisted on changes in the program to make it a more plausible reading of the FISA statute: subject lines of e-mails would be out, for example, and perhaps actual e-mail addresses as well. The narrower program would then not trigger FISA's prohibition on "electronic surveillance," and might have instead operated under the Pen Register statute (either its exceptions or one universal pen-trap order). Only then could the Attorney General certify that the program was legal (actually not an obvious question, but that's an issue for another post). That's my speculation, at least.
Tom Perkins (mail):

The second program was sometimes referred to as the NSA Call Records program, and it involved the disclosure of non-content "metadata" about calls and e-mails from U.S. service providers to the NSA.


And how, exactly, was this different from the long standing distinction that paper "meta-data" such as the address on the outside of an envelope is not constitutionally protected information? Additionally, since when can a mere statute create a constitutional protection? I thought that required an Article V amendment?

The purpose of an email header is addressing. Putting the actual subject of the email in the subject line is both perfectly normal and also exactly analogous to writing a description of the actual contents of the email on the outside of a package.

Additionally, why on earth are we concerned with FISA in time of declared war, when no one implicated in anything untoward by the generated information is accused of anything other than the support of the opponent?

Is it seriously suggested that in acting as it has done consistently since prior even to the Founding*, that the US government has been violating the constitutional rights of its citizens since day one, whenever a state of war existed? If that is not what is suggested here, then is it suggested that a mere statute can create constitutionally binding changes in the import of that document?

*I assure you Washington required no warrants of his spies to look at envelopes and packages, or if they could get away with it, open them. There is no evidence of his having changed his military intelligence gathering practices post-Constitution, a la the Whiskey Rebellion.

The constitution does not require warrants for the gathering of military intelligence, even if that intelligence is used to justify the indefinite detainment of a person. The constitution solely requires that american citizens have recourse to the civilian courts unless martial law is in effect, and that no such warrantlessly gathered data can be used as evidence against them in civilian criminal cases before a jury.

This is a case of persons opposed to the very rational, usual, and by any past measure both constitutional and quite restrained military intelligence gathering practices of the Bush administration being persons pretending what the constitution means, and pretending a mere statute can change that, because they don't like the practices.

Yours, TDP, ml, msl, &pfpp
12.15.2008 7:20am
Tom Perkins (mail):
that the US government has been /= that the US government and antecedent personnel have been
12.15.2008 7:22am
Richard Aubrey (mail):
Sound and fury. But some of the major stars did rend their lapels in most dramatic fashion.
Oh, never mind.
It now remains to explain why Bush was a threat to constitutional democracy when he did it and how it is an absolute necessity under the Obama administration.
If anybody can do that, it's lawyers.
12.15.2008 8:00am
PatHMV (mail) (www):
Tom, I didn't notice Orin claiming a constitutional violation in his post, only a statutory one. If you're trying to claim that the President's Art. II powers of domestic surveillance cannot be limited by statute, you need to say so more clearly, because that would be a really significant, unprecedented claim. (And I speak as someone who is entirely in favor of the TSP program.)
12.15.2008 9:23am
JA (mail):
I wonder if anybody in the Administration wrote a memo about the risks of asking Congress to amend FISA.
12.15.2008 9:47am
JA (mail):
Also, there's a silver lining to this blatant disregard of the law as it existed. The deeds were misguided, but the intent was pure.

On the spectrum of troubling power abuse, that's about a 3.
12.15.2008 9:55am
Connecticut Lawyer (mail):
I do not have a view as to whether the NSA's call records program violated FISA.

Whatever the legal technicalities, though, it is obvious that this is precisely the type of "connect-the-dots" counter-intelligence that the US Government ought to be pursuing. It utlizes the technological advantages of the US to help defeat the asymetric threats posed by non-state actors, and it does so in a particularly unintrusive way that poses no obvious threat to civil liberties as most people understand that term. Let's hope President-elect Obama seeks to amend FISA to bless this kind of counter-intelligence.
12.15.2008 10:30am
Anderson (mail):
In particular, it sounds like Yoo wrote a really sloppy memo

That's becoming the "Once upon a time ..." of stories about the Bush administration.

And it highlights a problem with OLC. If the memos really are golden "get out of jail free" cards, then it seems as if they need to be more widely circulated within the Executive Branch, so that a rogue lawyer or two can't send the government off on the wrong side of the law.

(Not that I really think that's what happened with Yoo - he was producing what his masters wanted the law to say - but it still seems like a *potential* problem.)
12.15.2008 10:31am
Anderson (mail):
Notice btw one point in favor of the "new theory" as described by Prof. Kerr: the feds' position was SOOOOO wrong.

It's been difficult to imagine threats of mass resignation over a legal interpretation that was even halfway debatable.

But if the facts were as described in Newsweek &by Prof. Kerr, then one can well imagine that a wide range of people would've looked at the issue and gone, "you gotta be kidding me." Hence the need to keep the memos classified -- they were so bad, to read them was to laugh at them.
12.15.2008 10:39am
Bart (mail):
Interesting.

I have been an outspoken proponent of the President's Article II power to direct foreign intelligence gathering in the Terrorist Surveillance Program and the concurrent lack of Article I power for Congress to limit such surveillance through FISA.

However, this second program appears to be directed solely at domestic telecommunications and nearly completely targets innocent citizens. At least to the extent that citizens have a privacy interest in the contents of their telecommunications, this would appear to cross the line from foreign intelligence gathering under Article II to domestic surveillance under Congress' power to regulate interstate commerce and enforce the 4th Amendment.

The identity of phone numbers and email addresses as well as information concerning the communications amy remain within the foreign intelligence exception to the 4th Amendment, but I cannot see how contents like titles to emails could do so.

It will be fascinating to read the next leak describing the compromise entered into between DOJ and the intelligence community.

Also, this program appears to be designed to obtain the raw material for data mining, implying that there is a third program out there engaged in data mining.
12.15.2008 10:40am
Anderson (mail):
See? The program was so bad, they couldn't even have gotten Bart on board. Smell test: EPIC FAIL.
12.15.2008 10:46am
John (mail):
You suggest that Yoo said the metadata did not constitute "contents." Have we seen his actual memo that did this? Could you link to it? Is this a suspicion only?
12.15.2008 10:52am
Bart (mail):
Anderson

See? The program was so bad, they couldn't even have gotten Bart on board. Smell test: EPIC FAIL.

I am a classical liberal, which means that I jealously defend the rights of the citizenry, but extend none of the rights of the citizenry to foreign enemies and their agents.

In my debates on this subject here and on other blawgs, I repeatedly challenged opponents of the TSP to offer any evidence of intelligence gathering directed against the citizenry, in which case I would join the critics.

This second program is the first example I have seen where innocent telecommunications of the citizenry has been targeted. Thus, I have joined the critics in this case.
12.15.2008 10:59am
Sara:
they need to be more widely circulated within the Executive Branch, so that a rogue lawyer or two can't send the government off on the wrong side of the law.

(Not that I really think that's what happened with Yoo - he was producing what his masters wanted the law to say - but it still seems like a *potential* problem.)

With respect to a legal analysis opinion, isn't bowing to the 'masters influence' one definition of rogue lawyer.
12.15.2008 11:06am
JWR (mail):
Recall that Gonzales denied, before Congress, that the TSP was the program at issue during the Ashcrof hospital confrontation.

Mueller, in contrast, testified that the TSP was the program at issue.

http://archive.newsmax.com/archives/ic/2007/8/1/74550.shtml
12.15.2008 11:09am
MarkField (mail):
What continues to amaze me about the whole sequence is that it would have been so easy to get Congress to amend FISA to do most of what the Administration wanted. Rather than be straightforward about it, they chose to try to sneak it by in a fundamentally dishonest way. Someday I'd like to understand the culture of the Administration which led to such dysfunctional behavior.
12.15.2008 11:20am
Richard Aubrey (mail):
MarkField
Two questions.
Would the amended FISA, if known publicly, be therefore useless?
If so, could congress have amended it and kept the new arrangement quiet?

If the presumed answers are yes and no, your answer to the issue in question is clear.
12.15.2008 11:27am
Bart (mail):
MarkField (mail):


What continues to amaze me about the whole sequence is that it would have been so easy to get Congress to amend FISA to do most of what the Administration wanted. Rather than be straightforward about it, they chose to try to sneak it by in a fundamentally dishonest way. Someday I'd like to understand the culture of the Administration which led to such dysfunctional behavior.

Actually, it appears that the system worked as it should have. NSA notified Congress and DOJ about the programs and DOJ checked the elements of the second program that likely violated the law.

The breakdown was the lack of operational security that disclosed these extremely sensitive programs to the enemy. While it is very interesting to learn what DOJ and the White House were arguing over, al Qaeda should not even have a inkling as to the nature of the surveillance we are directing against them.
12.15.2008 11:39am
PLR:
The breakdown was the lack of operational security that disclosed these extremely sensitive programs to the enemy.


...viz., The New York Times for those new to this site.

Further to JWR's point (and cf. Orin Kerr's dichotomy), it appears that Comey viewed the NSA activities as part of a unitary intelligence gathering effort.
12.15.2008 11:52am
Anderson (mail):
While it is very interesting to learn what DOJ and the White House were arguing over, al Qaeda should not even have a inkling as to the nature of the surveillance we are directing against them.

This repeats the familiar assumption that al-Qaeda (and our similar enemies) are idiots.

They wouldn't be able to guess that we're listening to cell-phone calls, snooping their e-mails, etc.?

Even if they were (1) familiar with the laws forbidding a mode of surveillance and (2) assumed we would obey our own laws, they couldn't know if, for instance, we would (3) use intel obtained by other nations with less scrupulous principles, for instance.

As it stands, one reason why their attacks may be few &far between is the difficulty of communicating. Active surveillance, when suspected by the target, hampers their communications. (Exception: Illinois governors. See "idiots," above.)

If al-Qaeda relies on couriers, themselves subject to various risks, then it's a lot tougher for them than if they could e-mail or telephone with impunity -- regardless of whether they *know* we're listening or not.
12.15.2008 11:53am
John Moore (www):
As a supporter of TSP, I also find this troubling.

It is hard to consider the subject line of a mail header as analogous to the address on the letter. The rest of it is clearly analogous.

A question for the lawyers: are phone records protected? Does it require a warrant to put the modern equivalent of a pen register on a phone line?

Another issue is the how this information was used. It is not very troubling if for data mining was all they did - i.e. detecting trends and patterns without identifying individuals. That is equivalent to the CDC's use of Google trends to identify influenza outbreaks.

If used to identify and target individuals, at least the subject line of messages is clearly illegal.
12.15.2008 12:06pm
John Moore (www):
@Anderson
This repeats the familiar assumption that al-Qaeda (and our similar enemies) are idiots.

They wouldn't be able to guess that we're listening to cell-phone calls, snooping their e-mails, etc.?


You mean, like Osama with his satellite phone prior to that being leaked?
12.15.2008 12:08pm
Bart (mail):
Anderson:

I am a former military intelligence officer for the Army. Keeping the enemy guessing as to the nature of the surveillance directed against them is Intelligence 101. When the enemy does not know how we are surveilling them, they often miss leaks in their operations or waste time and resources attempting to counter threats to their operational security that do not actually exist.

The Axis were aware that computers existed back in WWII, but they had no Idea that their telecommunications were compromised by application of computers in the ENIGMA program. If the NYT, Newsweek, or the Washington Post had published stories about ENIGMA during WWII, the enemy would have closed off this vital source of intelligence and many additional thousands of our troops would have died as a result.

I am sure that we have lost intelligence from al Qaeda as a result of disclosure of these programs to the enemy.
12.15.2008 12:09pm
MartyA:
Won't it be wonderful when Hussein is Lord and we won't have to worry about evil like this. Oh, nothing will change, there still will be brave men willing to defend the nation, maybe, even Obama, himself.
What will change is the fact that Newsweek and the NYT will no longer be willing to print anything that might put Obama's administration in a bad light.
After a few more Obama scandals, DoJ will begin tapping the 'phones of people who work for the media in the name of national security and we'll never be bothered with it. Press conferences will be carefully managed with pre-approved questions and we'll never know.
12.15.2008 12:09pm
OrinKerr:
Anderson,

The fact that there is a possibility of evidence collection is different from knowing what kind of evidence collection and in what circumstances. And knowing the scope of the program tells you what the government is watching and what it isn't watching (or at least what it watches less easily and completely). When you know the scope of the NSA Call Records program, and you're a bad guy, you know not to use any ISPs based in the U.S.: Just use an ISP based outside the U.S. and then you're outside the scope of the Call Records program. Thus the disclosure of the details of the program gives the bad guys a guide to avoiding it.
12.15.2008 12:22pm
MarkField (mail):

MarkField
Two questions.
Would the amended FISA, if known publicly, be therefore useless?
If so, could congress have amended it and kept the new arrangement quiet?


No and yes. To explain the latter answer, obviously the new statute would have been public. But the changes needed were technical, can be made in very general terms without disclosing the details, and could have been slipped into the Patriot Act or other vehicle without any attention being paid to them. Even more is that the case if the "program" is indeed valuable.

Heck, given the attitude of the country shortly after 9/11, my guess is that Congress would have suspended FISA entirely for a year or more if asked.

But all this is beside my point. It may be that I'm wrong in all this, that Congress never would have agreed to even the slightest modifications of FISA. What I find remarkable is the complete lack of evidence that the Administration ever even tried that route. Instead, its very first inclination was to be dishonest. I'm interested in the source of that reaction.
12.15.2008 12:47pm
Anderson (mail):
Just use an ISP based outside the U.S. and then you're outside the scope of the Call Records program.

This assumes that no one else in the world is opposed to al-Qaeda or interested in listening in on them.

Re: the Axis's arrogance regarding their codes, that object lesson is available to everyone nowadays, including al-Qaeda.

Re: the "Osama's phone" meme, may I recommend Google?
12.15.2008 12:53pm
Tammy Cravit (mail):

When you know the scope of the NSA Call Records program, and you're a bad guy, you know not to use any ISPs based in the U.S.: Just use an ISP based outside the U.S. and then you're outside the scope of the Call Records program.


The only flaw in this argument (which, by the way, I don't entirely disagree with) is that the knowledge of the limits of this one program doesn't rule out the existence of other parallel programs with different (wider or narrower) scopes. In other words, this argument only works if you assume the bad actor knows the full scope of all surveillance programs against him.

Frankly, if I was a bad actor, I'd be inclined to operate under the assumption that all communications which could, technically, be intercepted were, in fact, compromised. Such assumption, of course, imposes operational constraints that may prove unworkable, in which case a bad actor would be forced to make a compromise between operational security and utility. Ultimately, intelligence gathering schemes the enemy knows about may still succeed simply because the requirements of avoiding every potential point of interception are too unworkable.

It's like the old saw about perfect computer security: All you have to do is power the computer off, unplug it from any network connections, encase it in a reinforced concrete vault, and post a detachment or two of Marines to guard it. Increases in security often come with decreases in utility.
12.15.2008 1:11pm
Kazinski:
Anderson paraphrased:
"al-Qaeda is so smart we shouldn't bother trying to monitor them."
12.15.2008 1:14pm
OrinKerr:
Kazinski,

I disagree with Anderson here, but isn't it pretty clear that he is not making that argument?
12.15.2008 1:17pm
OrinKerr:
Tammy,

Yes, that's true. At the same time, the game is about what surveillance is easy and what is hard: what info is being readily mined and what isn't; what surveilance is partial and what is total. So if you're al Qaeda, you're already encrypting contents; it's only the non-content info that is readily collected and understood. And you want to make it as hard as you can.
12.15.2008 1:20pm
methodact:
Since I prefer not to rely on the Corporate Controlled Media news which is largely perfunctorily scrubbed, I opt to get my news from Alex Jones and also Usenet.
12.15.2008 1:45pm
einhverfr (mail) (www):
OrinKerr:

Yes, that's true. At the same time, the game is about what surveillance is easy and what is hard: what info is being readily mined and what isn't; what surveilance is partial and what is total. So if you're al Qaeda, you're already encrypting contents; it's only the non-content info that is readily collected and understood. And you want to make it as hard as you can.


3 words:

Encryption, Steganography, and Spam.

It isn't that difficult to create a system which can operate out in the open with the assumption that it will blend reasonably into other activity (in this case spam) and at the same time will render usable information only to the intended recipients. Additionally, one could use pre-agreed sites like Flickr to post pictures which seem entirely innocuous, but contain an encrypted and concealed payload of data.

Note that it is reasonably understood (outside the US) that the US monitors all satellite cell phone calls, so, the internet is actually the preferred medium to use to coordinate activities.
12.15.2008 1:47pm
OrinKerr:
einhverfr,

How do you encyrpt meta data?
12.15.2008 2:01pm
Daniel Chapman (mail):
Read Shadow of the Hegemon much?
12.15.2008 2:07pm
einhverfr (mail) (www):
OrinKerr:

Not encrypt, disguise.

You could include an encrypted payload inside a JPEG for example and make it LOOK like an email for some cheap source of Canadian pharmaceuticals......
12.15.2008 2:15pm
Steve H:

The fact that there is a possibility of evidence collection is different from knowing what kind of evidence collection and in what circumstances. And knowing the scope of the program tells you what the government is watching and what it isn't watching (or at least what it watches less easily and completely). When you know the scope of the NSA Call Records program, and you're a bad guy, you know not to use any ISPs based in the U.S.: Just use an ISP based outside the U.S. and then you're outside the scope of the Call Records program. Thus the disclosure of the details of the program gives the bad guys a guide to avoiding it.


I agree that this can be a dilemma. I'm not sure that the answer really should be "The Press should not report on the government's illegal activity," though.
12.15.2008 2:24pm
einhverfr (mail) (www):
OrinKerr, another option would be to purchase access to the spambot networks so that the main payload is initially emailed from someone's virus-infected computer, so only one endpoint is meaningful.

Or they could just build their own spambot network by releasing their own modified computer viruses. There are probably ways that detection could be further avoided via these approaches but I wouldn't want such a discussion to violate the AEDPA.....

With the volume of data that has to be sifted, the goal is to make detection harder and then make the data collected less useful. These are standard problems which business VPNs deal with to some extent, but become more complex when addressing this sort of scenario. When looking at how other organized crime syndicates approach this, it becomes easy to see how such a system could be designed. Once again, things get marginally more complex but computer criminals ALREADY HAVE standard "solutions" to these "problems."

BTW, the big standard solution is called "leap-frogging" which means you hack into another computer and send the message from there. Once the other computer is compromised it could also be set up to forward the message somewhere else.
12.15.2008 2:28pm
Anderson (mail):
I'm not sure that the answer really should be "The Press should not report on the government's illegal activity," though.

Or even "the government should act illegally."

Some kind of general "how to obtain an exception" provision could easily have been enacted that wouldn't have given any details of what the exceptions were.
12.15.2008 2:28pm
Anderson (mail):
Mark Kleiman quotes David Hume's History of England:

... the parliament justly thought, that the king was too eminent a magistrate to be trusted with discretionary power, which he might so easily turn to the destruction of liberty. And in the event it has hitherto been found, that, though some sensible inconveniences arise from the maxim of adhering strictly to law, yet the advantages overbalance them ....
12.15.2008 2:48pm
einhverfr (mail) (www):
Just as a note, I have come across a number of cases where people's computers were cracked using viruses, etc. and used for nefarious purposes (kiddie porn distribution points being one good example), and spam distribution being another.

There is absolutely no reason to think (IMO) that endpoint data is particularly useful, especially, since there are plenty of ways of arbitrarily reducing the value of data.

Sure all of these involve breaking unauthorized access to computers, and we all know AQ would never break any laws, right?
12.15.2008 2:59pm
Xmas (mail) (www):
You guys are missing the detail of the information here.

They are gathering metadata about emails and telephone calls. If you look at the metadata in your email (Options menu in Outlook). You can see the type of data they are gathering.

Subject lines, sure. Which machine you are sending your mail from. What time you sent it. What mail client you are using. Are there files attached? What email is this a response to? etc, etc.

I, personally, would also assume they have something in place to grab headers of TCP/IP traffic. How do you spend your Saturdays on the computer? What bank websites are you looking at? Are you connecting to a secure port, that's probably a bank you have an account at.
12.15.2008 3:02pm
einhverfr (mail) (www):
XMAS, from the description, I would assume all TCP, IP, and higher-level protocol headers (HTTP, SMTP, etc).
12.15.2008 3:17pm
einhverfr (mail) (www):
BTW, there are interesting applications like Tor (open source under a BSD license, along with GPL-licensed helper apps) which are specifically designed to defeat traffic analysis.
12.15.2008 3:28pm
Fidelity (mail) (www):
I'm astonished so many people on here presume that the government is bending our civil liberties while acting in good faith. There is no doubt that this is a direct attack on the 4th Amendment, and that it sets a dangerous precedent for the future, and, for those reasons solely, should be stopped and the people who composed it put in jail or better executed like Hamilton.

Is anyone else okay with another terrorist attack in the US if we get to keep our civil liberties? I can't believe people swallow the line that they're only reading subject lines, how could email subject lines be of any interest, seriously consider it. Not that it matters, if you suppose it is in your best interest that the government intercept your communications in partial, then why not in full? Why not remove all safeguard of privacy, after all, personal communication should be held in the highest regard of protection from intrusion. If we do not protect emails and phone calls, then tell me what ought to be protected?

611 Folsom Street, San Fransisco, CA, room 641A. I feel no sympathy for anyone working on this program.

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized. If only Jefferson convinced the congress of the line, "Regardless of terrorist activity."
12.15.2008 3:56pm
Dave N (mail):
executed like Hamilton
Alexander Hamilton was executed by Aaron Burr?

Who knew?
12.15.2008 4:08pm
wfjag:
Dear Prof. Kerr:

I must protest your shutting down comments on the Tamm blog early -- at least without awarding the first (as far as I can tell) VC deletion hat trick award. Before Noon on the day of the Blog, the comments of 3 different persons in a row were "[Deleted by Ok on civility grounds]". That's entitled to some sort of recognition (Retiring of jerseys?; Being required to pay for the Conspirators to have dinner (w/ wine) at a restaurant of your choice?; Being required to read War &Peace backwards, out loud?; Soliciting suggestions from the VC readership on what would be a suitable recognition?).
12.15.2008 4:10pm
Dave N (mail):
I'd also like to ask Fidelity what kind of civil rights would exist (particularly in the short term) if terrorists somehow set off a nuclear device or some other act with widespread casualties.

I guess I also missed the memo that the Fourth Amendment had been repealed or at least was under severe attack.

As for me, if a program interrupts a planned terrorist attack by reading the contents line of an e-mail, I am all for it--though I am willing to make an exception for 611 Folsom Street, San Fransisco, CA, room 641A.
12.15.2008 4:17pm
Sara:
Anti-Federalist, I presume.

Also, I don't get the argument that e-mail to and from lines, times, etc. are the same as postal mail address lines. Even if that info. is available to my e-mail provider, as a user, it's not something I expect a human to look at to deliver it. Don't you still need a warrant for a pen register?
12.15.2008 4:22pm
Fidelity (mail) (www):
A gun shot, even from dueling pistols, is an execution in definition. I don't know what civil liberties we would have if a nuclear weapon went off, but I don't know how monitoring the headlines of emails is going to prevent that, either.

Nuclear weapons? Do you honestly believe that's an existential threat to the United States? And if so, are we on the right course to prevent it? Perhaps we ought to disregard the entire bill of rights, after all, it only impedes this government in it's natural course of business.
12.15.2008 4:32pm
c.gray (mail):

Re: the Axis's arrogance regarding their codes, that object lesson is available to everyone nowadays, including al-Qaeda.


The Germans were not particularly arrogant regarding Enigma. Those in charge of the ENIGMA encrypts were well aware that operational issues and various defects in the encryption algorithm made decryption of messages a theoretical possibility.

They viewed the possibility of extensive decryption as purely theoretical, however, because to be practical such a system would require the mobilization of tens of thousands of individuals devoted just to monitoring the ENIGMA system. Such an extravagant use of manpower for just one intelligence program was viewed as the least likely method by which ENIGMA would be compromised. After all, Germany's enemies would desperately need every available man for combat service...
12.15.2008 4:34pm
einhverfr (mail) (www):
Dave N:

I'd also like to ask Fidelity what kind of civil rights would exist (particularly in the short term) if terrorists somehow set off a nuclear device or some other act with widespread casualties.


If such attacks start causing more casualties over an extended time period than auto accidents in this country, we can talk about restricting civil rights over terrorist threats.

By my estimations, that would take attacks occurring no less frequently than ever 12 years (assuming 500k dead on each attack), and given that 8 years passed between the two WTC attacks, that just doesn't seem likely to me.

We don't eavesdrop on internet metadata in order to identify and target unsafe drivers, and these pose a greater threat to personal safety than do terrorists.
12.15.2008 4:46pm
einhverfr (mail) (www):
I wrote:

If such attacks start causing more casualties over an extended time period than auto accidents in this country, we can talk about restricting civil rights over terrorist threats.


I would note that even for the month of September in 2001, car accidents claimed more lives in the US than did terrorist attacks.
12.15.2008 4:47pm
Bruce:
Orin, this is hardly a post I would expect from a leading apologist for many of the lawless and radical Bush policies of the last eight years.
12.15.2008 4:52pm
Fidelity (mail) (www):
Gentlemen, Please! We cannot compare deaths from terrorist attacks to auto deaths! That's ridiculous!

Best to compare it to cigarette smoking, heart disease, fatty foods, and homosexuals; all subjects much more offensive and threatening to Americans than terrorists.
12.15.2008 4:55pm
einhverfr (mail) (www):
Fidelity:

Best to compare it to cigarette smoking, heart disease, fatty foods, and homosexuals; all subjects much more offensive and threatening to Americans than terrorists.


With the exception of the homosexuals bit, I would note that it seems likely that at least heart disease (of which cigarette smoking, and eating fatty foods are contributors) kill more Americans than do car accidents.
12.15.2008 5:01pm
einhverfr (mail) (www):
But the key point is this:

Is it worth throwing away our civil liberties out of a fear which even in the year of greatest problems historically did not even make the top fifteen causes of death?
12.15.2008 5:04pm
Madison:
Since we have a written Constitution that is the law of the land, throwing it away is not an option, no matter how "fine with it" some maybe.
12.15.2008 5:17pm
Anderson (mail):
They viewed the possibility of extensive decryption as purely theoretical, however, because to be practical such a system would require the mobilization of tens of thousands of individuals devoted just to monitoring the ENIGMA system.

But Bart claimed the Germans were well aware of computers ....

Anyway, the Germans' quality of thought as you describe it, is like that of the Soviet general in the old joke which I never tire of retelling:

At a V-E party in 1945, three generals (USSR, UK, USA) chat about their troops.

Soviet general: "In Red Army, troops eat 1,500 calories a day!"

Brit general: "A bit low by our standards, really; we try to keep our men to at least 2,500 calories."

Yank general: "Y'all's boys are both underfed! Our troops get at least 4,000 calories a day."

At which the Soviet general gets all mad, and bellows, "You lie, capitalist dog! No one can eat entire sack of potatoes in one day!"
12.15.2008 5:20pm
Dave N (mail):
A gun shot, even from dueling pistols, is an execution in definition.
Really? Can you provide a source?

There are several online dictionaries. I don't see such a definition HERE or HERE or even HERE.

Aaron Burr assuredly committed homicide when he shot Alexander Hamilton, since homicide is defined as the killing of one human being by another. But Hamilton was not executed by anyone.
12.15.2008 5:30pm
Sara:
I like words so I looked at the first page you provided and I found this: "execution - unlawful premeditated killing of a human being by a human being." That sounds like it would fit Burr.
12.15.2008 5:47pm
Steve H:

But the key point is this:

Is it worth throwing away our civil liberties out of a fear which even in the year of greatest problems historically did not even make the top fifteen causes of death?



I generally agree with that reasoning, and I usually pretty strictly oppose claims of unlimited executive power in this area, but to be fair, the relevant analysis is not how many people were killed by terrorist attacks or car wrecks in the past, but how deadly those things are likely to be in the future.

Sure, in the last ten years car wrecks killed a hundred times more people in America than terrorist attacks (total guess), but unfortunately we cannot be sure that the ratio will remain the same in the future. So that argument makes it a little tougher for those of us on the civil libertarian side.
12.15.2008 5:49pm
Anderson (mail):
execution - unlawful premeditated killing of a human being by a human being

But that's a lousy definition, is the problem.
12.15.2008 6:00pm
FredC:
"'execution - unlawful premeditated killing of a human being by a human being'

But that's a lousy definition, is the problem."

Lousy, as in, 'you mob-guys are lousy with gangland executions?'
12.15.2008 6:08pm
Anderson (mail):
Youse mob-guys, Fred.
12.15.2008 6:17pm
Dave N (mail):
Sara,

I agree that "execution" can be used in the context of murder, but as Anderson notes, that is a lousy (and somewhat idiosyncratic) definition.

I am also fairly sure that Fidelity was using the term in its more traditional definition (putting to death especially as a legal penalty) because the comment that caught my attention was:
the people who composed it [should be] put in jail or better executed like Hamilton.
I like words as well and object when they are misused.

I am also not sure if killing another person in a duel would be necessarily be either "unlawful" or "premeditated."
12.15.2008 6:25pm
Sara:
Hmm. If he did, as you argue, kill him legally as a penalty for offending his honor, than that would fit that definition too. Although, I do agree that F's use was idiosyncratic. I don't think it is misuse.
12.15.2008 6:47pm
zuch (mail) (www):
Bart:

I am a classical liberal, which means that I jealously defend the rights of the citizenry, but extend none of the rights of the citizenry to foreign enemies and their agents.

You're a "classical liberal" in the same way that Torquemada was.



You've ignored it when they provide you with just that. Such as the lawyer for the Islamic charity whose phones were tapped, his office black-bagged, etc.

We know this, because, amongst other things, the gummint accidentally admitted it ... until they insisted that this was a "state secret" and that the plaintiff in a suit over this illegality could not be allowed to "know" what they actually knew.

This second program is the first example I have seen where innocent telecommunications of the citizenry has been targeted. Thus, I have joined the critics in this case.

IIRC, you were claiming a while back on Greenwald's blog that such "data mining" was in fact perfectly OK ... and necessary.

I don't trust "jailhouse conversions", Bart. They are often less than sincere.

Cheers,
12.15.2008 6:49pm
David W. Hess (mail):
OrinKerr: How do you encyrpt meta data?

Email is usually transferred from client to server and from server to server using SMTP (Simple Mail Transfer Protocol). POP (Post Office Protocol) is used when a client picks up mail from a server. While not yet ubiquitous, both protocols can use SSL (current standards do this over a different port number) which provides both encryption and authentication and prevents outside eavesdropping.

The IP addresses would still be available but none of the header or text of the message itself would be. Traffic analysis would still be possible however simple countermeasures could make it difficult to even know that the traffic was email in the first place.
12.15.2008 7:34pm
whit:

What continues to amaze me about the whole sequence is that it would have been so easy to get Congress to amend FISA to do most of what the Administration wanted. Rather than be straightforward about it, they chose to try to sneak it by in a fundamentally dishonest way. Someday I'd like to understand the culture of the Administration which led to such dysfunctional behavior


it's the "it's better to beg for forgiveness, than ask for permission" school of reasoning.
12.15.2008 9:01pm
Bart (mail):
zuch (mail) (www):

Bart: I am a classical liberal, which means that I jealously defend the rights of the citizenry, but extend none of the rights of the citizenry to foreign enemies and their agents.

You've ignored it when they provide you with just that. Such as the lawyer for the Islamic charity whose phones were tapped, his office black-bagged, etc.

This "islamic charity" is an internationally recognized al Qaeda fund raising front. This falls under "foreign enemies and their agents."

BD: This second program is the first example I have seen where innocent telecommunications of the citizenry has been targeted. Thus, I have joined the critics in this case.

IIRC, you were claiming a while back on Greenwald's blog that such "data mining" was in fact perfectly OK ... and necessary.

Try reading my posts for content. There is nothing wrong with data mining per se. My view of the legality of data mining depends upon whether there is a reasonable expectation of privacy in the date being mined.

If I recall the Greenwald discussion correctly, I was referring to the Clinton era DoD data mining program code named Able Danger which used publicly available data. There is no reasonable expectation of privacy for publicly available data. On the other side of the scale, Able Danger found the Atta 9/11 cell.

In this case, I believe there is a reasonable expectation of privacy in the content of the email headings. However, I have doubts that this expectation of privacy extends to meta data.
12.15.2008 9:13pm
jukeboxgrad (mail):
dave n:

what kind of civil rights would exist (particularly in the short term) if terrorists somehow set off a nuclear device or some other act with widespread casualties.


Maintaining national security in a dictatorship is easier than maintaining national security in a democracy (Bush was right when he said the job would be easier if he was a dictator). Freedom isn't free. Committing to democracy inevitably means accepting a certain degree of danger that could be eliminated if one was willing to trust a king to make all our decisions for us.

Behaving as a democracy is an unavoidable security compromise, especially if your concept of security is limited to the short-term; it takes vision to realize that long-term security comes from being strong internally, which means being truly democratic.
12.15.2008 11:12pm
Anderson (mail):
it's the "it's better to beg for forgiveness, than ask for permission" school of reasoning.

Still waiting for that bolded part. Is that when the pardons come raining down?
12.15.2008 11:24pm
Fidelity (mail) (www):
My apologies for creating a fuss about the word "execution". I will openly admit I am young and apt to be foolish. I meant it in the definition of "shot" and "to death" particularly relating to Hamilton because I recall his anti-American foolishness. Thank you to those who defended my definition, and for those who critiqued me. I suppose the youth like my self are blessed with ignorance, it gives us opportunity to believe in change - not to mention misuse words.

To Mr. Hess on the bit about email encryption, stop into your local 2600 meeting and ask them about POP and SMTP encryption. I have no doubt you'll meet a 15 year old who made a program to decrypt any emails on the fly.
http://www.2600.com/meetings/

An open question to anyone, which will kill more Americans over a ten year time period, terrorists, or tobacco? I do smoke myself, but I am constantly reminded that the second-hand smoke harms more children than pedophile daycares. Tobacco is harshly defended because people make money off of the sale and taxation. If only we could make money off of terrorism...

I only see this wiretap as apart of an arm of a fear driven governance, attempting to undermine rights to consolidate power in an oligarchy. It is complete foolishness to believe that subject lines and recorded lengths of phone calls is going to do a damn thing to really thwart terrorism, especially when all 9/11 officially took was 19 airline tickets, and box cutters. Everything else was superficial. Yet here we are, afforded the "unofficial" story by sources Newsweek won't print. A slap in the face to truth seeking Americans. If this program was that innocent, or that fundamental for civil protection, then why not have a public debate and disclose all the information - why this backhanded, backdoor, hush-hush bullshit? Out with it! It's our government, they are answerable to the people!
12.16.2008 12:22am
jukeboxgrad (mail):
fidelity:

If only we could make money off of terrorism...


Some do.

all 9/11 officially took was 19 airline tickets, and box cutters


There's no evidence that box cutters were used. Many people have pointed this out, including Richard Miniter:

A classic case of government spin is the myth that the September 11 hijackers used “box cutters” to take control of the four planes. The tapes of calls from flight attendants and passengers, as well as the black boxes (when they were recovered) do not mention box cutters. In fact, there is a suggestion that other weapons—including acid and a gun—were used.

…box cutters were a pleasing myth; these knives were approved for air travel prior to September 11. If the hijackers used them, it meant that the airports, airlines, private security, and the FAA all did their jobs. Al Qaeda used a loophole. If the terrorists used banned weapons, as some of the doomed passengers and crew said, then it means someone in authority failed.


The point of the 'box cutter' meme is to suggest that we need to be terribly afraid, because 9/11 happened even though everyone did their job, and therefore another 9/11 can happen even though everyone does their job. Therefore we're in extreme danger, and we need to take extreme measures.
12.16.2008 12:37am
einhverfr (mail) (www):
David Hess:


Email is usually transferred from client to server and from server to server using SMTP (Simple Mail Transfer Protocol). POP (Post Office Protocol) is used when a client picks up mail from a server. While not yet ubiquitous, both protocols can use SSL (current standards do this over a different port number) which provides both encryption and authentication and prevents outside eavesdropping.

The IP addresses would still be available but none of the header or text of the message itself would be. Traffic analysis would still be possible however simple countermeasures could make it difficult to even know that the traffic was email in the first place.


Note that in these cases, you would probably encrypt the traffic between your relay servers and your computer, but would have very little control over encryption in transit between relays. Since SSL encrypts the session, an eavesdropper would be unable to get information of value provided that every leg was encrypted.

OTOH, the SMTP headers include what is essentially a chain of custody, so if your relay or the one it is sending to does not support or use SSL, then both endpoints and the server data up to the point of intercept become available.

However, the weak point in this analysis is the requirement that both endpoints must be meaningful in order to draw meaningful connections. If the emails can be transferred out via unwitting third parties (similar to the way spam lords do things), then one no longer can draw meaningful information from intercepted traffic (assuming the body is encrypted). This allows two basic approaches (sufficiently common that I don't think they can be construed as "expert advice" under the AEDPA):

1) Leapfrogging/proxying through compromised computers

2) Use of anonymizing software such as Tor. Tor does encrypt endpoints, and is specifically designed to defeat programs like the NSA's (and was largely built by civil libertarians-- Tor has been long advocated by the EFF). With Tor, not only do internet routers not have access to traffic where both endpoints are meaningful, but each Tor relay only has access to its the next stage along the route.

Both approaches largely work by breaking the ability to associate two endpoints with the communication and hence undermining reliability of links drawn.

Jukeboxgrad:

The point of the 'box cutter' meme is to suggest that we need to be terribly afraid, because 9/11 happened even though everyone did their job, and therefore another 9/11 can happen even though everyone does their job. Therefore we're in extreme danger, and we need to take extreme measures.


9/11 occurred because everyone did their jobs but did not expect a threat of the sort that was faced. The fact is that there are countless lethal weapons that can still be taken aboard an airplane. What is different now is that we don't react to hijackings the way we used to.

Someday in a few years we will suffer more terrorist attacks on US soil in all likelihood. In all likelihood they will continue to horrify us but not statistically constitute a major threat. Once again, it will probably be someone thinking of new and creative ways to harm us which circumvent the rules. This is the same way that computer compromises occur, and there is nothing to suppose that terrorist attacks will be systemically different.

IMO, there is one simple, single antidote to the terrorist threat. Rather than assuming that we can be safe if everyone does their jobs, we need to understand that terrorist attacks will continue to happen but we need to put them in perspective (every month more Americans die on US soil in auto accidents than did in 9/11, so we need to keep things in perspective and be somewhat less afraid of terrorists than we are other drivers).

Furthermore we have to start openly and publicly discussing security issues. Terrorist attacks take time and effort to plan, and defence is easier than attack is. If we all talk about thoughts about security weaknesses, we can hope to prevent many more attacks by simply out-thinking the terrorists. Note that there are simple, nimble attacks that could be done NOW which, though would not cause loss of life, would cause serious economic hardship, and these exploit our reaction rather than causing problems directly. Unfortunately, laws enacted since 1998 have created a great deal of concern that merely discussing possibilities of attack might be subject to prosecution for materially aiding terrorists. This needs to stop.
12.16.2008 1:29am
jukeboxgrad (mail):
9/11 occurred because everyone did their jobs but did not expect a threat of the sort that was faced.


I agree with your general point, but this statement is misleading. Certain people like to say that there hadn't been prior threats/attempts to use aircraft as missiles. But there had been.
12.16.2008 1:38am
einhverfr (mail) (www):

I agree with your general point, but this statement is misleading. Certain people like to say that there hadn't been prior threats/attempts to use aircraft as missiles. But there had been.


Whether or not there had been prior attempts of this sort of type (attempts to use hijacked airplanes as missiles), it was not seen as a serious possibility by anyone. That is where the distinction needs to go.

As a parallel in the computer world, not long ago, TCP injection attacks an integer overflows were considered theoretical exploits only. Now we have seen both these used in the wild to break into computers....
12.16.2008 2:20am
Perseus (mail):
Mark Kleiman quotes David Hume's History of England

But in his essay, "Of Some Remarkable Customs," Hume mentions at least one notable exception:

There is, however, one occasion, where the parliament has departed from this maxim; and that is, in the pressing of seamen. The exercise of an irregular power is here tacitly permitted in the crown; and though it has frequently been under deliberation, how that power might be rendered legal, and granted, under proper restrictions, to the sovereign, no safe expedient could ever be proposed for that purpose; and the danger to liberty always appeared greater from law than from usurpation.
12.16.2008 6:09am
jukeboxgrad (mail):
einhverfr:

Whether or not there had been prior attempts of this sort of type (attempts to use hijacked airplanes as missiles), it was not seen as a serious possibility by anyone.


Sorry, but that's just factually incorrect. You're repeating a Bush talking point that is demonstrably false. Rice said this (5/16/02):

I don't think anybody could have predicted that these people would … try to use an airplane as a missile


This is just like "I don't think anybody anticipated the breach of the levees." Oops: "video shows Bush Katrina warning."

Because there's this:

Exactly two years before the Sept. 11 attacks, a federal report warned the executive branch that Osama bin Laden's terrorists might hijack an airliner and dive bomb it into the Pentagon or other government building. …

The report noted that an al Qaeda-linked terrorist first arrested in the Philippines in 1995 and later convicted in the 1993 World Trade Center bombing had suggested such a suicide jetliner mission.

"Ramzi Yousef had planned to do this against the CIA headquarters," author Rex Hudson wrote in a report prepared for the National Intelligence Council and shared with other federal agencies.


And this:

American aviation officials were warned as early as 1998 that Al Qaeda could "seek to hijack a commercial jet and slam it into a U.S. landmark," according to previously secret portions of a report prepared last year by the Sept. 11 commission … in 1998 and 1999, the commission report said, the F.A.A.'s intelligence unit produced reports about the hijacking threat posed by Al Qaeda, "including the possibility that the terrorist group might try to hijack a commercial jet and slam it into a U.S. landmark."


And 9/11 Commissioner Tim Roemer said this:

in the '96 Olympics in Atlanta, we looked at the possibility of planes going into Olympic venues


And there's this:

In 1993, a $150,000 study was commissioned by the Pentagon to investigate the possibility of an airplane being used to bomb national landmarks.

A draft document of this was circulated throughout the Pentagon, the Justice Department, and to FEMA. In 1994, a disgruntled FedEx employee invaded the cockpit of a DC10 with plans to crash it into a company building. Again, in 1994, a lone pilot crashed a small plane into a tree on the White House grounds. Again, in 1994, an Air France flight was hijacked by members of the Armed Islamic Group with the intent to crash the plane into the Eiffel Tower. In January, 1995, Philippine authorities investigating Abdul Murad, an Islamic terrorist, unearthed Project Bojinka (ph). Project Bojinka's (ph) primary objective was to blow up 11 airliners over the Pacific. In the alternative, several planes were to be hijacked and flown into civilian targets in the United States. Among the targets mentioned were CIA headquarters, the World Trade Center, the Sears Tower, and the White House.

Murad told U.S. intelligence officials that he would board any American commercial aircraft pretending to be an ordinary passenger and that he would then hijack the aircraft, control its cockpit, and dive it at CIA headquarters. In 1997, this plot resurfaced during the trial of Ramzi Yousef, the mastermind behind the 1993 bombings of the World Trade Center. During the trial, FBI agents testified that, quote, "The plan targeted not only the CIA, but other U.S. government buildings in Washington, including the Pentagon," unquote. In September 1999, a report, "The Sociology and Psychology of Terrorism," was prepared for U.S. intelligence by the Federal Research Division, an arm of the Library of Congress.

It stated, quote, "Suicide bombers belonging to al Qaeda's martyrdom battalion could crash-land an aircraft packed with high explosives into the Pentagon, the headquarters of the CIA, or the White House." Again, that was in September, 1999. This laundry list of historical indicators, in no way exhaustive, illustrates that long before September 11th, the American intelligence community had a significant amount of information about specific terrorist threats to commercial airline travel in America, including the possibility that a plane would be used as a weapon.


And there's this:

In spring 1993, an FBI informant uncovered an al Qaeda-linked plan to crash an airplane into the U.S. embassy in Cairo.

In testimony little noted during a 1995 court case, FBI informant Emad Salem testified that a Sudanese national, Siddig Ibrahim Siddig Ali, asked him to assist a plot in which a Sudanese Air Force pilot would first bomb the home of Egyptian president Hosni Mubarek from his airplane then crash the plane into the American Embassy.


And there's this:

In August 1998, the Intelligence Community obtained information that a group of unidentified Arabs planned to fly an explosive-laden plane from a foreign country into the World Trade Center. The information was passed to the FBI and the FAA.


And my favorite example is this. On 7/21/01, Bush was at the G-8 summit in Italy. During this event, Italy closed the local airspace because of warnings that "Islamic terrorists might attempt to kill President Bush and other leaders by crashing an airliner" into the buildings where world leaders were meeting.

A bit more about this: "In an interview published Sept. 21 in the French newspaper Le Figaro, Egyptian President Hosni Mubarak said his government provided information to the United States about possible attacks on the Genoa summit by Saudi-born terrorist Osama bin Laden. 'There was a question of an airplane stuffed with explosives. As a result, precautions were taken.'" (link, "Italy Tells of Threat at Genoa Summit, Plot: Officials there took seriously a report that terrorists would try to crash a plane to kill Bush and other leaders.") More:

The Los Angeles Times reported on 9-27-01 that "U.S. and Italian officials were warned in July that Islamic terrorists might attempt to kill President Bush and other leaders by crashing an airliner into the Genoa summit of industrialized nations, officials said Wednesday.  Italian officials took the reports seriously enough to prompt extraordinary precautions during the July summit of the Group of 8 nations, including closing the airspace over Genoa and stationing antiaircraft guns at the city's airport."


Notice what Andrew McCarthy said about this issue:

[notice] the December 2002 Report of the Joint Inquiry into the Terrorist Attacks of September 11, 2001 by the House and Senate Intelligence Committees. One section of that Report (at pp. 209-13) studied what the U.S. intelligence community had, prior to 9/11, in the way of "Intelligence Information on Possible Terrorist Use of Airplanes as Weapons." Over a seven-year period, the joint inquiry found there were at least twelve such indications.


It seems that certain people were paying attention, and taking precautions. Ashcroft was flying in private planes, because of a "threat assessment." Why didn't that "assessment" result in taking steps to protect all Americans, and not just Ashcroft? There are a lot of important questions that haven't been answered.

And speaking of precautions:

On September 10, 2002 The Sarasota Herald-Tribune reported on the security preparations for Bush on September 10, 2001, “At the Colony Beach &Tennis Resort, the Secret Service was getting everything secured for when the president arrived on Sept. 10. That included snipers and surface-to-air missiles on the roof and the Coast Guard patrolling just offshore.”

I don’t know if it’s routine or not, but does the president always have surface-to-air missiles protecting him on the roof of every hotel he stays in? Just wondering. Note that this took place on the eve of 9-11!


It seems that those SAMs might have been related to the Genoa threat.

So I think you are incorrect to claim "it was not seen as a serious possibility by anyone."
12.16.2008 8:19am
David W. Hess (mail):
Fidelity, if someone has found a way to break SSL it would be huge news. The obvious ways to intercept SSL protected email include physically compromising one of the servers or gaining access to the private key of one of the certificates used for the key exchange and authentication. The later problem can be avoided by not using a third party like Verisign.

einhverfr: Note that in these cases, you would probably encrypt the traffic between your relay servers and your computer, but would have very little control over encryption in transit between relays.

I agree. To be effective, you would have to control the mail transfer agents. For this particular application however, that is a real possibility. The clients would all be known so there is no problem having them all use servers that you control and avoid potentially unencrypted systems. Compromising any one client would only allow impersonation and not compromise other clients although potentially their IP addresses would become known once the server IP is known.
12.16.2008 8:36am
wfjag:

An open question to anyone, which will kill more Americans over a ten year time period, terrorists, or tobacco? I do smoke myself, but I am constantly reminded that the second-hand smoke harms more children than pedophile daycares. Tobacco is harshly defended because people make money off of the sale and taxation. If only we could make money off of terrorism...

But, Fidelity, we don't make terrorists go outside to engage in their pasttime.
12.16.2008 9:48am
einhverfr (mail) (www):
David Hess:

Fidelity, if someone has found a way to break SSL it would be huge news.


Technically you don't generally break "SSL." One instead would have to break one of the underlying encryption schemes. Since RSA is considered secure currently, a reasonable-length private key for the server should still be secure.

Now, if you encrypt your session using DES instead of something better (I believe most installations currently use RC4 without the flaws found in WEP), it might be possible to decrypt such traffic with a moderate amount of computing power (which the NSA does have access to).

SSL is basically a framework for: public key infrastructure (basically X.509 over TCP/IP which is useful for ensuring someone isn't impersonating a site you are sending your credit card info to), key negotiation, and session encryption. Unless you control all the infrastructure, nothing prevents someone along the way from either not using SSL, or (say, by request from the NSA), configuring the software to use DES or some other fairly weak system for session encryption. Currently I would consider the certificates themselves to be secure, but those are only used for key exchange and service validation/authentication.

Hope this helps.
12.16.2008 11:56am
einhverfr (mail) (www):
Note the problem with controlling all the infrastructure is that compromise of one site would allow traffic analysis to determine a fair bit of other information about the individuals, so the endpoints are still not fully protected. To really protect things, you have to sever the endpoints, which basically means that each connection only tells you something about where it is going, or where it came from, but not both. This is possible using the techniques I mentioned already.
12.16.2008 12:00pm
David W. Hess (mail):
SSL could be using a fundamentally strong encryption algorithm insecurely. It would be big news if either it or one of the underlying algorithms was compromised. I just was not going to get into the details for reasons of brevity. :) RC4 is an interesting example because WEP's flaw is to use it insecurely.

In the situation given where you have many known agents in the field who need secure email communications, it IS possible to secure all of the infrastructure. Deploy a number of secured SMTP servers that only accept and generate only SSL connections, distribute the client keys from the start without using a third party certificate authority, and then even a DNS man in the middle attack would not compromise the message traffic. Preventing traffic analysis would require including server traffic not related to the clandestine operations but is certainly possible. You could for instance fund a third world ISP and use the aggregate traffic to the servers as camouflage.

The servers should probably be deployed where you can maintain physical security over them but it only takes a few or even one. BSD and Linux both support server configurations that resist physical compromise but why take chances? Things get more interesting if you do not rely on SMTP or SMTP over SSL for communications. NNTP as it currently exists can provide an anonymous, deniable, authenticated, and secret communications channel although it would likely have a significantly higher latency in the range of hours to days instead of minutes.

One of the strategic mistakes I see with the lack of enforceable 4th amendment protections for internet traffic and current policy is that it encourages the deployment of ubiquitous authentication and encryption technology. If such becomes commonplace, the government may find itself in a worse position as far as even legal eavesdropping is concerned unless laws restricting encryption technology can be enforced. What if SMTP over SSL was ubiquitous and unprotected SMTP was the exception? What about opportunistic IPSEC encryption over IPv6?
12.16.2008 1:54pm
einhverfr (mail) (www):
Jukeboxgrad:

You are right about my comments being improperly scoped. It isn't that the threat wasn't known, but that it wasn't seen as a serious likelihood that a specific hijacking would be used this way by the people reacting to the hijacking (namely the airline crew). If it was seen as a more serious threat, the primary goal of the pilot in the event of a hijacking would have been to get the plane onto the ground as quickly as possible (and safely, if possible).

In the end, the last line of defence (how pilots are asked to react) is the most important one. Somewhere between the few intelligence agencies looking into this and the pilots, the threat was dismissed. Hence the threat wasn't taken seriously in the areas which were tasked with reacting to such a threat.
12.16.2008 1:58pm
jukeboxgrad (mail):
einhverfr:

Somewhere between the few intelligence agencies looking into this and the pilots, the threat was dismissed.


Fair enough. Thanks for that clarification.
12.16.2008 2:48pm
einhverfr (mail) (www):
David Hess:

One of the strategic mistakes I see with the lack of enforceable 4th amendment protections for internet traffic and current policy is that it encourages the deployment of ubiquitous authentication and encryption technology. If such becomes commonplace, the government may find itself in a worse position as far as even legal eavesdropping is concerned unless laws restricting encryption technology can be enforced. What if SMTP over SSL was ubiquitous and unprotected SMTP was the exception? What about opportunistic IPSEC encryption over IPv6?


Not just encryption and authentication but the fact is that if people are uneasy about the lack of protections, they will fund or help find ways of making the surveillance attempts fail. For example, I don't think the Tor project would be going right now if it weren't for the NSA's surveillance programs. Tor goes well beyond email obfuscation, of course and could be used on various instant message and voice chat programs (or example Jabber), web browsing, and the like.

Restrictions on encryption strike me as unlikely today for the simple reason that nobody really wants to take up liability issues for things like stolen credit card numbers. We are now so dependant on encryption that it is impossible to restrict it without the cure being far worse than the disease.
12.16.2008 6:44pm

Post as: [Register] [Log In]

Account:
Password:
Remember info?

If you have a comment about spelling, typos, or format errors, please e-mail the poster directly rather than posting a comment.

Comment Policy: We reserve the right to edit or delete comments, and in extreme cases to ban commenters, at our discretion. Comments must be relevant and civil (and, especially, free of name-calling). We think of comment threads like dinner parties at our homes. If you make the party unpleasant for us or for others, we'd rather you went elsewhere. We're happy to see a wide range of viewpoints, but we want all of them to be expressed as politely as possible.

We realize that such a comment policy can never be evenly enforced, because we can't possibly monitor every comment equally well. Hundreds of comments are posted every day here, and we don't read them all. Those we read, we read with different degrees of attention, and in different moods. We try to be fair, but we make no promises.

And remember, it's a big Internet. If you think we were mistaken in removing your post (or, in extreme cases, in removing you) -- or if you prefer a more free-for-all approach -- there are surely plenty of ways you can still get your views out.