Moon of Alabama Brecht quote
August 05, 2013

NSA Snooping Used But Hidden By DEA, Others

On June 27 I wrote Some Thoughts On The Snowden Fallout:
The NSA's spying on U.S. citizen may not yet have such consequences. Unless there is a huge case where NSA spying is directly connected to a Watergate like scandal Congress will do nothing to reign the NSA in. But the scandal will come. As a former East German STASI officer says:
“It is the height of naivete to think that once collected this information won’t be used,” he said. “This is the nature of secret government organizations. ..."
The huge case has not yet been made are but we getting nearer to it.

Just yesterday an NYT piece claimed that access to the enormous mounts of data the National Security Agency collects through its borderless spying activities is only rarely given to other agencies:

The National Security Agency’s dominant role as the nation’s spy warehouse has spurred frequent tensions and turf fights with other federal intelligence agencies that want to use its surveillance tools for their own investigations, officials say.

Agencies working to curb drug trafficking, cyberattacks, money laundering, counterfeiting and even copyright infringement complain that their attempts to exploit the security agency’s vast resources have often been turned down because their own investigations are not considered a high enough priority, current and former government officials say.
Intelligence officials say they have been careful to limit the use of the security agency’s troves of data and eavesdropping spyware for fear they could be misused in ways that violate Americans’ privacy rights.
Smaller intelligence units within the Drug Enforcement Administration, the Secret Service, the Pentagon and the Department of Homeland Security have sometimes been given access to the security agency’s surveillance tools for particular cases, intelligence officials say.

But more often, their requests have been rejected because the links to terrorism or foreign intelligence, usually required by law or policy, are considered tenuous.

According to the exculpatory piece DEA and other agencies only get access to the NSA's trove for "particular cases" and for which the law requires "links to terrorism or foreign intelligence".

But a Reuters exclusive which just came out shows that the above is not even near to the full truth. Agencies like the DEA seem to have automatic access to big parts of the NSA spying machine, use it to generate new domestic investigations and then outright lie to judges, prosecutors and defense attorneys to hide this fact:

A secretive U.S. Drug Enforcement Administration unit is funneling information from intelligence intercepts, wiretaps, informants and a massive database of telephone records to authorities across the nation to help them launch criminal investigations of Americans.
The unit of the DEA that distributes the information is called the Special Operations Division, or SOD. Two dozen partner agencies comprise the unit, including the FBI, CIA, NSA, Internal Revenue Service and the Department of Homeland Security. It was created in 1994 to combat Latin American drug cartels and has grown from several dozen employees to several hundred.

Today, much of the SOD's work is classified, and officials asked that its precise location in Virginia not be revealed. The documents reviewed by Reuters are marked "Law Enforcement Sensitive," a government categorization that is meant to keep them confidential.

"Remember that the utilization of SOD cannot be revealed or discussed in any investigative function," a document presented to agents reads. The document specifically directs agents to omit the SOD's involvement from investigative reports, affidavits, discussions with prosecutors and courtroom testimony. Agents are instructed to then use "normal investigative techniques to recreate the information provided by SOD."

So there is a somewhat secret DEA unit which has access to at least some data (likely all) in the NSA collection, uses such data to search for leads and to launch new domestic investigations. That sounds quite different than to getting access only for "particular cases" and with "links to terrorism".

When those leads and investigations lead to trials the involvement of the DEA's SOD and of the NSA data trove is concealed which makes legal defense in such trials on the base of possible agency wrong doing in starting the investigation impossible.

If the NSA data collection and processing through domestic and/or international snooping finds a potential drug deal and hands the data over to the DEA, the agency will conceal the illegal act that started the investigation. This is likely a circumvention of fruit of the posionous tree rules, of illegally obtained evidence that is not permissible in court.

The DEA (and likely other agencies too) do not conceal these because of security concerns. They conceal the source of their tips because these are gained illegally. The NSA is not allowed to wiretap domestically but the example Reuters gives seems to be a purely domestic one:
A former federal agent in the northeastern United States who received such tips from SOD described the process. "You'd be told only, ‘Be at a certain truck stop at a certain time and look for a certain vehicle.' And so we'd alert the state police to find an excuse to stop that vehicle, and then have a drug dog search it," the agent said.

After an arrest was made, agents then pretended that their investigation began with the traffic stop, not with the SOD tip, the former agent said. The training document reviewed by Reuters refers to this process as "parallel construction."

Though this is not yet completely proving that illegal domestic NSA spying is used to generate these DEA investigations, the fact that the DEA goes to such great length to conceal the sources of their investigations and even orders its agents to lie about them in court points to that very direction.

The NSA's "collect it all" attitude generates demand from other agencies to have access to all that data. Despite the NYT's piece claim that the NSA is not giving wide access to its collection, the DEA seems to have quite significant access to it and is using it while hiding the fact that it does so.

We can reasonably assume that the DEA is not the only agency behaving like this. Reread this from the NYT:

Agencies working to curb drug trafficking, cyberattacks, money laundering, counterfeiting and even copyright infringement complain ...

The NSA is indeed distributing much more than is usually admitted:

The National Security Agency is handing the Justice Department information, derived from its secret electronic eavesdropping programs, about suspected criminal activity unrelated to terrorism.
Current and former federal officials say the NSA limits non-terrorism referrals to serious criminal activity inadvertently detected during domestic and foreign surveillance.

What is a "serious criminal activity"? What if the agencies involved in "copyright infringement" consider it a "serious criminal activity" and have the same access like the DEA and are also hiding this source? The NSA minimization procedures permit the NSA to keep evidence of threats to property. Could the NSA snooping detect your kid's downloads. Could this initiate an copyright infringement investigation? Would your ever learn how that came to pass?

Cheatsheet - The answers are: yes, yes and no.

Posted by b on August 5, 2013 at 13:06 UTC | Permalink


All of which explains why there have been no convictions of drug kingpins in the United States for years.

These folks know who to protect...

Posted by: JohnH | Aug 5 2013 14:40 utc | 1

This sounds to me like cover for a CIA unit, actually. The DEA can never do anything overseas without the CIA's permission, that's for sure. One DEA investigator once told the Cocbburns, "Every single major drug kingpin I ever discovered turned out to be protected by the CIA."

Posted by: Rowan Berkeley | Aug 5 2013 14:58 utc | 2

Gotta love this...

Intelligence officials say they have been careful to limit the use of the security agency’s troves of data and eavesdropping spyware for fear they could be misused in ways that violate Americans’ privacy rights.

The goodie-two-shoes defence?
From the Obama Mafia?
Now I HAVE heard everything...

Posted by: Hoarsewhisperer | Aug 5 2013 16:34 utc | 3

This rang a big loud bell for me...

"You'd be told only, ‘Be at a certain truck stop at a certain time and look for a certain vehicle.' And so we'd alert the state police to find an excuse to stop that vehicle, and then have a drug dog search it," the agent said.

After an arrest was made, agents then pretended that their investigation began with the traffic stop, not with the SOD tip, the former agent said. (etc)"

A few threads back, a commenter (brian or Don B?) mentioned that 'law enforcement' sets up road blocks and stops locals for no stated (or apparent) reason in his area. This requirement to protect their Top Secret Tip Off stuff is a possible explanation. They can stop a few dozen cars at an (unrandom) random road block to establish a cover story for a 'lucky' break.

This smells like bureaucracy gone totally insane.

Posted by: Hoarsewhisperer | Aug 5 2013 17:27 utc | 4

Do you really believe the "Googling for pressure cooker and backpack" incident started with the husband's former employee searching his former computer for his former search history?

Update: Now We Know Why Googling 'Pressure Cookers' Gets a Visit from Cops

Posted by: Petri Krohn | Aug 5 2013 17:45 utc | 5

May be also this way lets the DEA warn the big banks when their narco-dollar money laundering is getting a bit too sloppy. The NSA wouldn't want their share-holders to get caught out publicly (remember Wells Fargo, et al).

Posted by: JohnE | Aug 5 2013 18:08 utc | 6

Excellent work b, on this story. The NYT story also offers much food for thought, because it's clear that this NSA to DOJ connection opens a vast avenue for abuse of power, politically motivated prosecutions, and selective prosecution.

And this kind of intelligence agency help is also a great tool for the government confiscation of assets and bank accounts in the case of drug suspects, since government seizure of funds and assets under the racketeering clauses of the drug laws, often makes the seizure of these assets permanent, even if the person is subsequently released without any charge ever being filed.

Posted by: Copeland | Aug 5 2013 18:20 utc | 7

@Petri Krohn #5

Exactly what I was thinking when I saw the update on the original story -- even before the recent revelations that law enforcement "recreates" investigation trails: Who knows where the "tip" came from, and the NSA seems as likely a source as the former employer.

Posted by: M.Black | Aug 5 2013 19:03 utc | 8

What is a "serious criminal activity"? ...

Cheatsheet - The answers are: yes, yes and no.

Yes, yes and no doesn’t answer the first question. “What is a “serious criminal activity”?’

I’d like to offer my answer to that. It’s really easy. Follow the money.

We live in a corporately controlled world. Not just the good old US of A but the multinationals now have an economic strangle hold on practically every aspect of world commerce. JohnH (#1) and Rowan Berkeley (#2) and JohnE's (#6) comments are all clues to the right answer. Reread them in relationship to what I have to say. The DEA and the CIA fit together like hand in glove in this instance. Where are the big huge bucks outside box store America and the National Defense Industry and the pharmaceuticals. Dugs, eh. Self medication is verboten. Cuts into the pharm’s huge profits. One Pharmaceutical executive is on record as saying he wants to sell a pill to every American every day. The CIA is the “company” and the DEA tries to control the competition from non-corporate drug profits. The CIA? Well it has been pretty well established that they create the market and then control the supply of illegal drugs to enhance their own need for cash for clandestine and non government funded activities.

Is there any doubt that the filthy rich who own and control corporate world are not calling the shots on all major government bureaucracies? It’s a no brainer. Of course, where threats to corporate profits by competition from the real free markets exist, the NSA, CIA, DEA and all handmaidens of the elite.

You bet the info is shared.

Posted by: juannie | Aug 5 2013 20:00 utc | 9

Very scary stuff.

Posted by: Sasan Taymourian | Aug 5 2013 20:16 utc | 10

One of the factors motivating the NSA will be the same jealous need to protect the information it has gathered in order to ensure the information maintains premium value.
It is that which makes this type of stickybeaking ultimately an expensive waste of money as well as being an egregious intrusion.
If the NSA were to allow too much of its intelligence into the hands of dea fbi local cops etc, it would become only a matter of time before all its expensive toys became worthless cause every crim in amerika knew their communications were spied on, & so reverted to ancient proven analog means of communication.

This is already happening among the smart fellas, but most crims are careless & imagine that it'll never happen to them. The NSA is probably trying to 'protect' its illegally obtained information by giving as little away as possible, as much as feds are trying to prevent 'fruit of teh poisonous tree' type situations.
This is nothing new, back when the agents of the oppressor relied on human intelligence, there were numerous examples of major incidents including (in england) bomb attacks being left unreported/unprevented lest a major source be compromised.
Mass use of electronic intelligence to round up all low level criminality would provoke a behavioural change among those ordinary citizens who understand most laws are designed to protect the powerful & fuck ordinary peeps over.

During the Kim Dotcom fiasco here in Aotearoa, Dotcom whose first move was to force the police to give back a big chunk of the cash they stole from him, threw millions at lawyers in a way that hadn't been seen in NZ before. It didn't take long before senior police & spooks got caught out in lies. Mostly for using the GCSB (govmint communications security bureau) gathered data to spy on a NZ resident which is a breach of the gcsb charter who are, under their establishment acts, only allowed to intercept communications between foreigners.

Of course it also surfaced that the amerikan assholes fbi, homeland security etc had spent millions on data intercepts of Dotcom's business. Why? cause he is alleged to breach intellectual property laws.
Not fuck children, blow up buses or any of the other bullshit reason peeps are told these laws will be used for, no, Dotcom was spied upon in order to stop some poor fuck from watching some shithouse TV show before a local TV station screened it, or to keep receipts up for the mindless 'blockbusters' Hollywood churns out.

You'd think heads would roll especially after an inquiry revealed there had been 86 other instances of kiwis being spied upon by the gcsb in the past decade. Not so - the guvmint is currently pushing a new act thru parliament under urgency to retrospectively legalise the GCSB crimes and create a local version of prism where everything gets grabbed & stored.
The other mob of neoliberals (the NZ labour party) claim to oppose the bill but I betcha they don't repeal it next time they win the chook raffle.

The moral there is that it doesn't really matter about what the laws say, we have entered a time when PTB contempt for the rule of law is taken for granted. In fact the more the better they believe. People have to know their situation is totally helpless and then maybe they will stop resisting.

As for the crims, well the smarties have known about this for a long time. The few acquaintances I have who get up to no good big time & still remember where they came from, so finance 'good works' as well, stopped using mobile phones a long time ago back in the noughties. When they do use phones they are strictly for family stuff and only use $40 feature phones without alla the gps, blutooth, wifi, 3 & 4 g etc.
When working the phone is left behind on the dresser by the bed or somesuch.

One good thing has come of the emphasis on metadata, dodgy friends no longer change their numbers n sim cards every 5 minutes. The phones themselves are changed because there is always a paranoia about hardware hacks by the forces of darkness, but since the sheet sniffers get their information by pulling down the data from cell phone towers then running algorithms across that data which looks for patterns between connections on phones from that tower & connections from phones on other 'hot' towers, close to the habitats of other targets, there is simply no point in trying for the furphy of security by obscurity of swapping numbers & sim cards.
The basic rule is you know what you say is monitored so don't say anything, never bother with silly codes where substances are items of clothing, albums or whatever and go back to quick face to face.

One of those guys told me that the agents of darkness are so invested in technology that they are positively discouraged from using human intelligence any more because of the risk of lies, corruption & mostly fear of dealing with 'the enemy' that is rife in current law enforcement.
Oh they still try n get peeps to talk after the fact but general intelligence is now exclusively from communications intercepts.

The smarties worked that out long ago & as soon as the spooks use much of what they gather ordinary peeps will wake up too.

Even though these information brokers are trying hard to give away as little as possible, politicians & competitors will force them to release more and more, eventually the general public will wake up & get real careful using their smartphones, tablets etc. That should please the shit outta google et al. Serves em right greedy bastards.

Posted by: Debs is dead | Aug 5 2013 22:48 utc | 11


I think my post just after #9 was posted must have got caught in a trap. I tried twice and got a message on both saying I had posted successfully but neither has shown up.

Posted by: juannie | Aug 6 2013 0:49 utc | 12

Americans, at least, have been eased into this through television shows and film. I haven't seen one cop show in the last decade where the cops haven't used wildly criminal methods to take down the supposed criminals. From "24" to the rash of "CSI" and "Law and Order" type shows, all of them often show the police using illegal methods but it is all presented as "the way it is."

And of course the recent story about the FBI allowing over 5100 crimes in one year (and only those reported) to be committed by their informants is only the tip of the iceberg when you consider what the CIA is doing around the world.

Its frightening that this "SOD" is yet another completely secret program being run by the Justice Department, one of what must be hundreds operated by the government. Completely free from judicial oversight and checks and balances... I'm pretty sure this isn't what America's beloved Founders had in mind.

Posted by: guest77 | Aug 6 2013 1:10 utc | 13

"This is nothing new, back when the agents of the oppressor relied on human intelligence, there were numerous examples of major incidents including (in england) bomb attacks being left unreported/unprevented lest a major source be compromised."
Posted by: Debs is dead | Aug 5, 2013 6:48:00 PM | 10

Puts an interesting perspective on 9/11 & 7/7 and raises the temperature of the LIHOP vs MIHOP debate, doesn't it?
(Let It Happen On Purpose vs Made it Happen On Purpose)

Posted by: Hoarsewhisperer | Aug 6 2013 4:36 utc | 14

nsa is more than just about data mining, it's up to the eyeballs in black ops n ff, just like its twin terror outfit , cia.

What is unusual about the case, The Manila Times reported, is that Meiring was: whisked out of Davao, past the Philippine National Police guarding him at the hospital, and on to a chartered plane, accompanied by what Immigration officials described as agents of the US National Security Agency and agents of the US Federal Bureau of Investigation*

obama do kenya....
*During the parliamentary elections of December 2007, a survey funded by USAID announces the victory of Odinga. On election day, John McCain announced that President Kibaki rigged the election in favor of his party and that in fact the opposition led by Odinga had won. The NSA, in conjunction with local phone operators, sent anonymous text messages to the population. In areas populated by the Luo (Odinga’s ethnic group), they read "Dear Kenyans, the Kikuyu have stolen our children’s future... We must treat them in the only way that they understand... with violence." In areas populated by Kikuyu, they read: "The blood of any innocent Kikuyu will be paid. We will slaughter them right to the heart of the capital. For Justice, establish a list of Luos that you know. We will send you the phone numbers to call with such information." Within days, this peaceful country sank into sectarian violence. The riots caused over 1 000 deaths and 300 000 displaced. 500 000 jobs were lost.*

just the tip of an iceberg.

Posted by: denk | Aug 6 2013 5:27 utc | 15

Denk, the second of your stories directly concerns electronic information warfare, so that's quite plausible, but the first makes no sense, even after reading all the linked material. I think the explanation is that the supposed NSA agents were in fact NSC agents: if you look at the link, which details the NSC's functions and powers, one of these is "coordinating these [national security and foreign] policies among various government agencies." So one or more persons could be sent to Manila with NSC authority to coordinate the other agencies invoved (CIA, FBI, State Dept, and Manilan).

Posted by: Rowan Berkeley | Aug 6 2013 15:32 utc | 16


My post at #9 was released from purgatory this morning and I feel it was a shame it got caught in the filter, for what reason, I’d like to know. But if you happened to read it after it was posted, or perhaps now, you will note that I took a somewhat different position than you in answering b’s post. I don’t think our thesis are mutually exclusive and I certainly give credence to yours.

Yes, I think there is an abundance of interagency rivalry and always has been. And yes, as too much intelligence information is recognized by the spied upon, it becomes less and less valuable and useful. Shit, even I recognized years ago that everything I put out on the electronic ethers was available to any sophisticated enough to tap into it. I’m sure the really big league bad guys, crims in your lexicon, also realized this a long time ago. (Which fuels my incredulity when I hear that US intelligent forces just happened to tune into the big bad AQ guys shortly after the public was in need of a reassurance of their efficacious and preventative nature, and are thus shutting down M-E embassies right now.)

However, it is still the real top level PTB that call the major shots. The working agency plebs can have their jealousies and squabbles as long as the prime objectives are not endangered. It may have been a little more obvious when an absolute monarch such as George III was a stock holder in the East Indian Company but I still believe that when huge profits are in jeopardy, the prime directive is to protect them and it is the plutocracy that call the important shots. So I think both our calls are carrect but mutually intertwined.

Always good to read your thought provoking writings. Come back more.

Posted by: juannie | Aug 6 2013 15:55 utc | 17

"From "24" to the rash of "CSI" and "Law and Order" type shows, all of them often show the police using illegal methods but it is all presented as "the way it is."

Think about The Wire, which, as far as I know, was all about intercepting the communications of ghetto drug dealers. There was all sorts of nonsense, too, about how tough it is to get just one "wire" authorised by a Judge etc etc.
I wonder if the writers were aware that they were not just whitewashing the cops and judiciary but also making idiots of themselves?

Then think of the meteoric rise and fall of Senator John Edwards "caught out" by the National Enquirer, visiting his mistress and the child whose existence he had denied. Or Eliot Spitzer, who was, at the time he was found to be visiting prostitutes, waging war against white collar crime on Wall St.

And why did Spitzer just resign? Was it because further revelations would have been released if he had not?

Then think of Scott Ritter. How was his taste for nubile young women discovered? Who told the Philadelphia cops so that they could entrap him, and lock up one of the loudest voices against warmongering in the USA?

Or George Galloway, accused of taking money from Saddam Hussein. How was that attempt to frame him, carried out?

Then think of the thousands, perhaps of tens of thousands, of obscure individuals whose lives have been altered/ruined by the surreptitious use of illegally collected information. The construction union workers blacklisted, the barrack room lawyers who have had accidents, the associate profs denied tenure, the village elders, preaching resistance gunned down by "criminals." Candidates for office taken off shortlists after a mysterious phone call to party HQ or the search committee.

Then there is Michael Hastings... the list is very long. It will get longer.

Posted by: bevin | Aug 6 2013 16:35 utc | 18

At some point, after the internet is made functionally non-functional by one tyrant or other, the printing press will become our new, old best friend. That is if there's anyone left here who can still read or write.

The Drug War has been, like juannie says above, an established, effective two-fer in that it not only criminalizes normal behavior under certain 'sociological' circumstances but also confiscates the crumbs of each life they destroy. Millions and millions and millions of crumbs. And then in prison, more slave labor for the state. As an untermenschen, if you don't be a good citizen and join up for the SS regimen of overseas service followed by a domestic Security career, you do time.

It's time to GTFO imo.

Posted by: L Bean | Aug 6 2013 16:57 utc | 19

Hiya Juannie good to see you're still dropping in.
There is rarely just one reason for anything & big organisations are a bit like a bunch of teenagers having a seance - so many hands pushing and pulling this way and that on the ouija board, it can end up anywhere. Like I wrote politicians who aren't 'intelligence professionals' will always put pressure on data miners to release more data sometimes they will win and eventually they will get to use the data in everyday situations because they will in their usual asinine lowest common denominator style see such usage as an easy solution to their biggest problem of increasing inequality resulting in an increased 'criminality'... plus of course 'levelling the playing field' for big Pharma
In the meantime the professionals are likely to use the privacy argument to protect the data's use when all they really want to do is keep their precious information valuable by sharing as little as possible.
Its a mess that will resolve in many ways. As the net gets bigger centralised control becomes less and less achievable. Back in the day the warez severs used to function 'off the internet' by using fixed lines from one IP address to move data to & from addresses outside the limits of IPv4 by way of customised routers & protocols.
If IPv6 has made that more difficult in the short term, long term the huge expansion of objects on the net (eventually every house will have a refrigerator, oven, garage door, light switches, heat pumps etc all with a unique internet address reachable from anywhere else on the net) will make possibilities of communicating via un-monitored back roads 'trivial' as the geeks say.

Posted by: Debs is dead | Aug 6 2013 21:51 utc | 20

for devices, it's hardly a ipv4 vs ipv6 thingy, all they have to do (and they sure do it for quite some time already...) is to store your ARP adress, which is already the standard procedure used by google netflix and al to monitor/list/count the devices you're using...

Posted by: zingaro | Aug 6 2013 22:37 utc | 21


What zingaro means when talking about "ARP address" is almost certainly the MAC address, a unique ID for network (precisely ethernet) devices that shows the manufacturer and the device model. And that basically is only available on the *local* network and not remote.
Which again means little, anyway, because it can be quite arbitrarily changed by (somewhat techie) users.

Concerning IPv6 I'm afraid a lot of misunderstandings are out there.

A first - and important - one being that IPv6 addresses are not "immensely long" (equating to "almost endlessly many") because:
Yes, IPv6 addresses are 128 bits which in other words means "all the ca. 4 billion IPv4 adresses squared and then squared again" (which evidently is a gigantic number)

And, No, that's actually just theory because practically those IPv6 addresses are divided into ranges (typically between 16 to 64 bits wide) which you the user actually get. Yes, thats right, you won't get "an address" but an address range that might quite well have the size of the current IPv4 internet.

Viewing all that in the light of nsa & co one quickly sees that things might very well go in a very bad direction.

For one, the whole stuff is divided into more ranges, a major one being the providerand, at least very often, the country or even the region or the city.

Another issue stems from the fact that IP addresses are basically unlimited. Unlike now when almost every private user has a "dynamic IP" (a more or less random IP address out of the providers pool) with IPv6 everyone will have his own "static" address range he will always use, effectively making that address range something "tagging" a person.

In summary one can quite well assume IPv6 to be/become a valuable tool for nsa & co.

Posted by: Mr. Pragma | Aug 7 2013 0:23 utc | 22

No its not an IPv4 V IPv6 thingy, but the point I was trying to make is that IPV6 has vastly increased the number of addresses immediately accessible from the net. With IPV4 the average user who had many connected items usually only had one WAN IP address and mostly the devices were connected on a seperate LAN using either to or to that of itself made monitoring a little easier just as it made protection via firewall a little simpler.
The increase in addresses be they address resolution protocol or internet protocol means the same thing- it becomes harder to monitor since watching a hundred rabbits holes is always easier that watching a million rabbit holes no matter what method is used.
IPV4 is also inherently less secure than IPv6.

More & more devices formerly separated from the WAN will be separate no longer which is equally good & bad from the point of view of privacy.
I'm unsure of the exact prism model but somehow I doubt that every switch on the WAN is monitored, most likely monitoring occurs at 'choke points' when all the data passes through an area switch.
So peeps wanting to communicate off the net safe from most monitoring will need to use an encrypted tunnel to one of the soon to be billions of connected objects.
The next bit has become trickier & it is likely one of the reasons that there is so much resistance to using hardware that isn't manufactured by trusted NSA partners such as Cisco.
As we know most metadata can't be encrypted cause otherwise how would the servers n switches know where to send stuff.

At the moment if I skype the bloke next door the data is sent to a server outside Aotearoa then forwarded thousands of kilometers back to the place up the road. Crazy & inefficient but that is the current model & is unlikely to change as long as it permits easy monitoring. However if there was a modified switch anywhere between my place and the Skype server, a hardware switch that had been configured to do something different with either a packet or maybe even a frame that contained a particular routine up front, the communication could be forwarded down compromised elements of the WAN to the next similarly compromised hardware point.
This next bit has been added on in response to Mr Pragma whose post appeared while I was talking to a visitor.
As far as the ability to determine regions from IP addresses goes, that was the case under IPV4 too. NZ had a coupla class A address range allocations one of which was shared with South Korea sure but it has generally been the case that geographic location can be determined from IP addresses.
I believe zingaro is refering to something different than the old hardware identifier the MAC address. Under IPV6 address resolution protocol is no more so calling this address ARP address is confusing, but importantly there is no more broadcast facility, only multicasting to selected targets, whose IP address may or may not be known.
I haven't studied IPV6 sufficiently to comprehend hoe that is resolved but one would think that some form of temporary, server created address might be used.

Posted by: Debs is dead | Aug 7 2013 1:37 utc | 23

@bevin: "I wonder if the writers were aware that they were not just whitewashing the cops and judiciary but also making idiots of themselves?"

The creator of "The Wire" definitely made some comments on it, dismissing its importance to some extent:

Posted by: guest77 | Aug 7 2013 3:12 utc | 24

Denk, the second of your stories directly concerns electronic information warfare, so that's quite plausible, but the first makes no sense, even after reading all the linked material. I think the explanation is that the supposed NSA agents were in fact NSC agents: if you look at the link, which details the NSC's functions and powers, one of these is "coordinating these [national security and foreign] policies among various government agencies." So one or more persons could be sent to Manila with NSC authority to coordinate the other agencies invoved (CIA, FBI, State Dept, and Manilan).

Rowan Berkeley 16
*Denk, the second of your stories directly concerns electronic information warfare, so that's quite plausible, but the first makes no sense, even after reading all the linked material. I think the explanation is that the supposed NSA agents were in fact NSC agents: if you look at the link, which details the NSC's functions and powers, one of these is "coordinating these [national security and foreign] policies among various government agencies.*

u r saying nsc is the coordinator of the various agencies, but how does this contradicts the philippinos accounts, that the agents on the ground were fbi, nsa ?
the spooks'd have to identify themselves n flash their badges i suppose ?

*What is unusual about the case, The Manila Times reported, is that Meiring was: whisked out of Davao, past the Philippine National Police guarding him at the hospital, and on to a chartered plane, accompanied by what Immigration officials described as agents of the US National Security Agency and agents of the US Federal Bureau of Investigation.

The National Security Agency intervention, confirmed by Immigration Deputy Commissioner Daniel Queto, sparked intense local speculation as to why an agency that reports directly to the Office of the President of the United States would send an entourage of bodyguards to speed Meiring to a hospital in Manila

here's another account ....
+The despicable US media giants were silent when undisputed proof surfaced that the CIA, NSA, British Intelligence, the US Secret Service and the FBI were all involved in the May 16th 2002 blast in a Philippine hotel room when their agent, Michael Meiring accidently blew his own legs off while constructing a bomb which was intended, if ignited as planned, to be a staged “Al Queda” terror attack, justifying a tightened US- Philippine military alliance
Meiring who operated under the cover of being a treasure hunter was in fact a CIA operative under the direct protection of the White House (As evidenced by his swift NSA/FBI medivac to San Diego after blowing his own legs off+

Posted by: denk | Aug 7 2013 3:31 utc | 25

Two points:

In terms of security and privacy the issue isn't IPv4 or v6. No matter which one, the internet inherently is built on tree structures and therefore spying can be done either way (ugly reminder: Spying ("promiscous mode") is even "built-in" in ethernet ...).

So, pretty every approach to ensure privacy comes down to one single point: encryption.

Encryption, however, has two important properties (in the context given). For one it may be interpreted (by nsa & co) as a "this might be interesting" flag. And it - or, more precisely, basically all existing infrastructure - is based on a) a rather limited group of algorithms and b) basically a bet, which is the assumption that these algorithms are so hard to break ("computationally exhausting") as to be virtually perfectly secure. Typically one reads statements like "Even with a computer 1.000.000 times more powerful than todays workstations, AES-256 would (statistically) need xy years to be cracked".

Which might prove quite treacherous because there is not one but actually many factors evolving favouring attackers. There are new instructions in CPUs, there is ever more and ever faster RAM, there are new kinds of processors that extremely increase the speed of the kind of computation needed to attack encryption, in particular massively parallel processors, and so on.
To put it in perspective: According to Moore's law the computational power should have increased ca. 12-fold in the last 10 years. Looking at the area of breaking encryption, however, it has increased more like 300-fold (Just think modern GPUs ...).

And all this (that is, the commonly used and/or built in algorithms) are basically relying on one problem, namely, factorization and its twin sibling, primes numbers.
If some bright mathematicians, say at nsa (they have a habit of having some of the brightest around, in particular in this area) found a way to speed up factorization 10-fold in a computer friendly way, AES cracking might actually become very well feasible (actually it might be right now).

For correctness sake it should be mentioned that there are other approaches, too, like for instance the curve points variants (like El Gamal) which are actually very promising but, alas, rarely used and even less "built-in" in consumer equipment.

Second, IPv6 is *not* based on consumer needs but on purely commercial interests, namely the "invitation" to have everything incl. your kitchen sink connected to the internet. This is about sales, not about users.

One strong indicator: The 128 bit network addresses. They are troublesome in quite some respects, an important one being that current modern CPUs are 64 bit - which is quite probably to stay that way for a long time. Why? 64 bits is quite perfect, it's big enough for even insanely large numbers (actually *every* number that is of any relevance for humans; things requiring larger numbers are typically in the "mass of the universe in grams" or "number of atoms in the human body" category). Furthermore 64 bits allow the addressing of very large memory.

So, speaking from a pragmatic technical point of view 64 bit network addresses would be a) absolutely sufficient and b) *much* easier to handle with the technology we have.
But it gets worse. Basically all network backbones don't carry ethernet but some kind of "packets", typically of rather small size (in the range of 48 - 256 bytes) due to the fact that there is a lot timing sensitive stuff around (just think telephone) that needs small packet sizes. This leads to the desire of having the overhead/meta-data as small as possible.
Furthermore backbone equipment must rely on "primitive" but extremely fast operations. Looking up routing tables with 128 bit addresses is not 4 times as much workload but around 30 times as much workload and, even worse, many proven algorithms just can't be implemented anymore.

Of course, the good news (Debs might like that *g) is that siphoning, filtering and analysing data will also be dimensionally harder than now.

But why and what for 128 bits?

There is, looking from a pragmatic pov, simply no need. With 64 bit addresses every human living in 2025 could have a private network half the size of todays internet! Quite evidently no person needs 2 billion private IP addresses and there is nothing in your way to have another 4 bln * 4bln addresses within your network.
Furthermore, almost all humans prefer to have it divided into two areas, public and private that is, most humans do *not* want things like their fridge in the internet or, if they wanted that, they want at least some control over it.

In other words: there is no, absolutely no reason for a 128 bit ethernet, period. Except two: Marketing and sales, sales, sales - and control. Why do the governments like it? Because IPv6 makes their wettest dream come true, perfect control, tagged citizens, tagged fridges, tagged cats and possibly tagged toilet paper.


Yes, but it was cumbersome - and unreliable (just think supernational providers); one had to look up an IP address and to assume that a.b.c.d really was in, say, italy as told by whois.
With IPv6 that same provider gets e.g. 8.000 times the whole internet addresses of today and slices it down. So you will know "the first x digits show me the provider and the next 3 the country, aso.". Actually this is not so much a "can" but rather a must because this kind of slicing and organizing will be the only way for the backbone equipment to handle it.(Meaning: Let's cheat. Our provider prefix is 6FFA:2Axx so we'll have our router just make one simple decision: internal destination or external? If internal, well, process the whole she-bang, otherwise just pump it to the next internet exchange and we're done. If it's internal we'll look (in the next step) for our (say) 8 area bits and pump it to there (where another router just looks at the next, say 12 bits) a.s.o.)

Posted by: Mr. Pragma | Aug 7 2013 3:52 utc | 26

Good read
Welcome to the Post-Constitution
By Peter Van Buren

Posted by: Mina | Aug 7 2013 11:52 utc | 27

Wasn't there a report that the US government, through one or more of its surveillance organizations, obtained information about a German corporation's bid plans for some big contract and this info was given to the American competitors? And that the US company then got the contract based on clearly illegal use of this info obtained by the US government.

I seem to recall reading about this or references to this, but my google search didn't come up with anything specific. Maybe I imagined it, given the way the US surveillance state is going?

I did find some interesting articles about the staggeringly huge amount of US spying in Germany, with one article saying it was not a "wire tap," but a "country tap" capturing just every form of communication except whisphered conversations (OK, I exaggerate a tad).

Anyone have a link for this? And how has this affected US/German relations? I mean, this kind of thing stabs at the very heart of any sense of fairness and balance with captialism.

Amazing the US is still tolerated anywhere....

Posted by: jawbone | Aug 7 2013 21:48 utc | 28

28: It would have been in one the Der Spiegel articles that appeared directly after the Snowden story broke. This one looks most likely (it's 9 pages long). Notice the 'relevant links' for further information. See also this one & links.

Posted by: Rowan Berkeley | Aug 7 2013 22:35 utc | 29

@Mr Pragma as far as encryption goes that is always best considered in the same way that strong room makers consider their security, that is not as inviolable but as a sort of quicksand that slows down breaches.
The fact that data is stored away indicates encryption deter for a time but eventually everything is revealed.
The way that those englander spies were caught relaying Manhattan project data is particularly instructive. Every transmission outta the USSR embassy in Moscow was monitored right through world war two. Years later after the Russians upset Truman's big swinging dick by exploding their own thermo-nuclear device, englander perfidy was uncovered by a primitive form of metadata analysis done on WW2 Russian Embassy signals.
Big streams of encrypted data had been sent from Washington to Moscow in no obvious pattern except it coincided with Donald McLean's (British Embassy liason to Manhattan) return from his irregular trips to New Mexico.
MacLean was ID'd long before the data ever got decrypted.
One indication of how long current 128 bit decryption probably takes is contained in the changes to NZ's GCSB laws currently being hurried through parliament here.
All data will be gathered, stored then destroyed after 30 days, which would indicate the mob of stickybeaks in this part of the world are fairly confident they can get what ever they need outta ssl encrypted (128 bit) traffic in under a month. Knowing the nature of bureaucracies (intelligence agencies are just about the last of the really big cumbersome bureaucracies in this part of the world) if they want 30 days they can prolly crack 128 bit in a matter of hours.

Back in the day when Zimmerman used to publish PGP source to be recompiled by others a couple of blokes in europe would ramp PGP up to 1024 bit encryption, however the common take on that was that it was no more secure than the 256 bit keys that were standard on PGP back then.
I'm too old n my head spins when I try to get too deep into the prime number theory that underpins public key encryption so I just took their word for it and stuck with 256 bit encryption.

I dunno whether this is connected or just one of the side effects of living in a time of continuous technological change, but I have been using an old eudora emailer for ever - long past eudora going bust. The reason? Eudora still works seamlessly with pre Symantec/Network Associates PGP. Not that I use it much nowadays most peeps cant make it work for them and encryption is a two party game.
Anyway the national telecoms provider here subcontracted email out to Yahoo (about the first prism partner) years ago, they spent a lot of energy trying to move us off POP3 onto IMAP and access via the web. This year the Yahoo email servers have been hacked three times and anyone who had used web access was made to change their password. (some would say that was just so an accurate database of passwords could be compiled but I'm not that paranoid).
Anyway just last week eudora stopped working on Yahoo mail.
I've been using a eudora client on my main email address for 12 or 13 years and suddenly I can no longer send mail. I can still receive it. I have examined the utility inside out nothing changed on it. Re-installed it & all that good stuff - nada.

No one on their service desk can either get it working or explain why it ceased being able to sign on. They just try and sell me on a more up to date emailer. Yeah right why would I want that? Eudora can be pulled down n every aspect of it scrutinised for holes - not so with windows mail or even thunderbird both of which rely on ssl. Of course t the reason Yahoo mail give when harassed about eudora which doesn't natively work with ssl or any other form of transport layer encryption will be that it is insecure.
It is easy to get the wrong end of the stick by jumping to conclusions about something like this but it does make ya think, why would an email client suddenly stop interfacing with a server and yet nobody knows why?

Its a pain in the A but I'll find a solution.
Ars Technica has been running some pieces on the issues around encrypting yer own email.

Posted by: Debs is dead | Aug 7 2013 23:09 utc | 30

For all the computerized ways of attempting to secure our rights, I fear we'll never really be able to have peace of mind on a mass level until the US has a national holiday commemorating "The Storming of the Utah Data Center."

I can't see how we can get out of this retaining our humanity without a real revolution against this surveillance-state neo-liberalism.

Posted by: guest77 | Aug 7 2013 23:47 utc | 31

77, Thanks for the link @ 27.

Simon is obviously just another guy making a good living from TV by fleshing out an entertainment while pouring his masters' ideological poison into unsuspecting brains.

His dismissal of the "faux" revelations is the anger of a man caught pissing on humanity for a few bucks.

Posted by: bevin | Aug 8 2013 1:13 utc | 32

Hmm I was gonna defend Simon on the grounds that the TV series 'The Wire' was written about the period before the global war on terror in the 1990's when he was a police reporter and the technology for intercepting calls was much more primitive therefore he hadn't set out to deceive with his show. The fact that englanders only discovered the wire a few years ago leads to some confusion about the period covered. In the show Simon does show 'strapping' that is the collection of circuit switching (old school telephone networks use a system called circuit switching where the entire call travels just one route unlike the IP system where packets of data can travel many different routes or I guess circuits, during the course of a single communication)metadata which required a lower level of probable cause to get a warrant.
However Simon (go on say it - a likely zionist and now a member of the Hollywood liberal interventionist cabal)is being disingenuous when he compares the old telephone strapping metadata with what is collected by PRISM.
In fact this is the heart of the problem, judges appear to be deciding on the basis of old definitions when technology has vastly changed what it is that is being collected.
Strapping got a pen record of what numbers were called by a phone under surveillance as well as details of the numbers of phones which called in. Apart from the number there was only the time and date.
As Simon says in his spiel this information would be collected in the hope of getting enough evidence to obtain an full interception warrant.
Mostly it didn't. As someone who was the victim of a prolonged strapping interception back in the day, I have to say it was pretty difficult not to know it was happening. There would be an abnormal amount of buzzes and clicks which was enough to make some paranoid, but the real giveaway was the connection delay while details of the call were recorded prior to the connection being made.
On the upside in the country where I was subjected to this (Australia) the telecommunications network was publicly owned and had strict instructions from the federal police not to disconnect any phone subject to interception - strapping or tap. So we just stopped paying our phone bill (I mean if you're not gonna get any right to privacy why pay for the thing) and the phone remained connected for the years I stayed at the house. Crazy looking back on it and not at all the way things happen nowadays which is why Simon's use of back in the day when he was a Baltimore police reporter is so wrong.

Metadata gives so much more information nowadays and as someone says in response to Simon's post, the metadata collected now can be reassembled and content extracted. So much more information must demand a higher level of probable cause.

Posted by: Debs is dead | Aug 8 2013 21:36 utc | 33

Donald Maclean was identified long before... Posted by: Debs is dead | Aug 7, 2013 7:09:30 PM | 30
I believe that the notorious "Fifth Man" in the Cambridge spy ring was actually Lord Victor Rothschild. There is a book arguing this, by an Australian journalist called Roland Perry, which was brought out by a perfectly reputable English publishing house, Sidgwick & Jackson, in 1994 and completely ignored, except that Lord Victor published a dignified denial in the Times. Lord Victor was an extremely influential figure behind the scenes with the UK and US intelligence overlords. He could have steered just about anyone in the wrong direction.

Posted by: Rowan Berkeley | Aug 9 2013 9:29 utc | 34

For anyone concerned that the DEA was getting most of the NSA intel/info for its uses, leaving the IRS out in the cold, worry no longer.

The IRS gets intel/info from the NSA, just like other government agencies, and it gets the same training in how to hide the source through "reconstructive investigation" training.

In short, their agents are taught to lie to the courts just like the DEA agents. Rule of law? Heh, heh, heh. Rule of power is more like it, and money is power in the modern state.

Ain't the Corporate state with its (formerly) hidden surveillance state just grand? Bet the Powers That Be think so.

It's becoming almost impossible that NSA collected info collected from the Big Banksters was somehow missed, making it so "difficult" for the FBI to bring any criminal charges against the Wall streeters and Banksters who nearly brought the world economy down completely.... That was the excuse given, that it's just so hard to win a conviction for crimes which are based on confusing and difficult things, like credit default swaps and tranches and so on and so forth. B can explain such things very well, but, apparently, government lawyers cannot.

Gee, makes one think that perhaps info was actually withheld from any governmental agencies or levels which wanted to really investigate in order to bring criminal charges. Slaps on the wrist are just so much more acceptable to the Banskter types.

State attys general who might want to still prosecute, having retained their right to do so, after some gave away that right under the Obama DOJ agreements to provide a pittance to homeowners done wrong by the banksters, will probably get ZERO cooperation from the NSA.

Some privacy rights are indeed sacrosanct, even now. But that's how a Coporatist State rolls.

Posted by: jawbone | Aug 9 2013 15:30 utc | 35


I've just had another post (posted twice over about a 10 - 15 minute interval, both somewhere between post 34 & 35) that didn't get posted.

Can you give me any clue as to what in my posts are not passing your filters?

My post on the OT did get posted and I posted it just after my first attempt on this thread.

Posted by: juannie | Aug 9 2013 20:47 utc | 36

The comments to this entry are closed.