Black Hat: Hackers heckle NSA Chief while he defends spying program

Giving the keynote at Black Hat in Las Vegas, NSA Chief General Keith Alexander again warned that terrorists “live among us” and “use our communications” before giving a terrorism 101 slideshow and humanizing NSA analysts who “could spy on you, but don’t.” He told the crowd of hackers, “Their intention is not to go after our communications; their intention is to find the terrorists that walk among us.” Perhaps trying to make the NSA agents more human and therefore evoke empathy, Alexander said that 20 cryptologists have paid the ultimate price to make sure our troops had intelligence.

Gen Keith Alexander gives keynote defending PRISM at Black Hat, gets heckled

After running through a quick history and timeline of 14 major terror attacks since 1993, Alexander admitted the NSA “couldn’t connect the dots” to do their job of defending the country. So the agency came up with metadata, since it was “the least intrusive method” the NSA could figure out. “It saves lives.” In fact, he claimed, “Our surveillance programs should be a model for other countries.”

In a nutshell, the NSA admittedly collects the date/time/duration of a call, as well as the number to and from, and the origin of the metadata record. According to Alexander, the NSA’s data collection requests “are not rubber stamped” and FISA forbids collecting Americans’ info as he showed more slides to give Black Hat attendees “an insider’s look.” He wants Americans to know the "truth" -- that the NSA is not listening to their calls.

There are supposedly only 22 people at the NSA who can approve tracing a target’s number and “only 35 people at the NSA are allowed to do queries into that databases.” He added that in 2012, “there were less than 300 numbers approved for queries. Those queries resulted in 12 reports to the FBI” and “contained less than 500 minutes.” Alexander claimed that 54 potential terrorist plots were thwarted by the surveillance program, including an alleged plot to bomb the New York subway system.

Furthermore, be relieved, as he said Congress reviewed four years of the NSA’s “lawful intercept program,” Section 702 -- better known to the masses as Prism -- and found “no willful violations of the law.”

Hackers heckled NSA Chief

39 minutes into the keynote, the heckling finally began. Someone yelled “bullsh*t” and “freedom.” Another hacker told him to read the Constitution, to which Alexander said he did and advised the person to read it too. The General remained calm and collected while under fire; he maintained that any sensational reports of the NSA listening to all our communications are “not true.” So someone asked why they should believe him when he “lied to Congress?” Alexander stated, “I did not lie to Congress.”

Alexander promised to tell “the truth” and “answer every question to the full extent possible,” but instead of taking open questions, only a few select people were allowed to ask Alexander questions during the formal Q&A. Therefore he didn’t come under fire about the XKeyscore program that was reported in The Guardian as being capable of “ongoing ‘real-time’ interception” covering "nearly everything a typical user does on the internet." That includes “the content of emails, websites visited and searches, as well as their metadata.” The program archives Internet traffic that is sucked up from 150 different points across the globe.

XKeyscore

XKeyscore, according to documents leaked by Edward Snowden to The Guardian, allows NSA analysts “to learn the IP addresses of every person who visits any website the analyst specifies.” They can “also search by name, telephone number, IP address, keywords, the language in which the internet activity was conducted or the type of browser used.”

A slide entitled "plug-ins" in a December 2012 document describes the various fields of information that can be searched. It includes "every email address seen in a session by both username and domain", "every phone number seen in a session (eg address book entries or signature block)" and user activity – "the webmail and chat activity to include username, buddylist, machine specific cookies etc." 

Too many results? No problem. “The analyst then selects which of those returned emails they want to read by opening them in NSA reading software.” DNI Presenter is a tool “used to read the content of stored emails,” as well as “to read the content of Facebook chats or private messages.” The Guardian reported, “In 2012, there were at least 41 billion total records collected and stored in XKeyscore for a single 30-day period.”

Alexander asked, “How do we come up with a program to stop terrorism and protect our civil liberties and privacy? This is perhaps one of the biggest issues facing our country today.” He claimed during the Black Hat keynote, “The whole reason I came was to ask for your help.” If you have any ideas to how the NSA can defend privacy and civil liberties while also defending our country and her allies, then Alexander wants you to send them to ideas@nsa.gov.

To express your thoughts on Computerworld content, visit Computerworld's Facebook page, LinkedIn page and Twitter stream.
Windows 10 annoyances and solutions
Shop Tech Products at Amazon
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.