Forgot your password?
typodupeerror
Privacy Communications Government United States Politics

Ex AT&T Tech Says NSA Monitors All Web Traffic 566

Posted by Zonk
from the tinfoil-hats-engaged dept.
Sir Tandeth writes "A former technician at AT&T, who alleges that the telecom giant forwards virtually all of its internet traffic into a 'secret room' to facilitate government spying, says the whole operation reminds him of something out of Orwell's 1984. Appearing on MSNBC's Countdown program, whistleblower Mark Klein told Keith Olbermann that all Internet traffic passing over AT&T lines was copied into a locked room at the company's San Francisco office — to which only employees with National Security Agency clearance had access. 'Klein was on Capitol Hill Wednesday attempting to convince lawmakers not to give a blanket, retroactive immunity to telecom companies for their secret cooperation with the government. He said that as an AT&T technician overseeing Internet operations in San Francisco, he helped maintain optical splitters that diverted data en route to and from AT&T customers. '"
This discussion has been archived. No new comments can be posted.

Ex AT&T Tech Says NSA Monitors All Web Traffic

Comments Filter:
  • by StefanJ (88986) on Friday November 09, 2007 @05:15PM (#21300867) Homepage Journal
    You know, those little pamphlets full of fine print that get shoved in your bill and promptly thrown away because they're purposely made to be obscure and hard to read?

    If there's no "we allow an obscure government agency look at everything you read, write, say and listen to without court order or accountability" clause, can we sue the fuckers?
  • Re:Encrypt (Score:3, Interesting)

    by exley (221867) on Friday November 09, 2007 @05:22PM (#21300965) Homepage
    That sounds awesome. In theory. But reality doesn't quite match up the idealism you show. What difference does the Constitution make when those in charge have shown quite clearly that they don't give a shit about the Constitution? I all but guarantee you that these guys are gonna get off scot free for all the crap they've pulled.
  • by Threni (635302) on Friday November 09, 2007 @05:30PM (#21301115)
    > What's worse is that this will be justified under the guise of anti-terrorism.

    http://en.wikipedia.org/wiki/Project_SHAMROCK [wikipedia.org]

    I'm not sure it's any worse than when it's justified by whatever the current bogeyman is. Could be terrorism, drugs, child porn, communism etc - it's always just a cover. Follow the money. Who gains from a powerful military, full prisons, terrible education and a fat, lazy corrupt police force?

  • by darjen (879890) on Friday November 09, 2007 @05:35PM (#21301197)

    What's worse is that this will be justified under the guise of anti-terrorism. As bills get passed to erode the freedom of American's, I'm watching the US slowly descend into totalitarianism.
    This is nothing new. It was all part of the neoconservative plan against communism before the Soviet Union fell. The new focus on terrorism is allowing them to continue their Big Government agenda. Lest you doubt what I'm saying, here it is straight from William F Buckley: http://en.wikipedia.org/wiki/William_F_Buckley#First_books [wikipedia.org]

    We have got to accept Big Government for the duration--for neither an offensive nor a defensive war can be waged, given our present government skills, except through the instrument of a totalitarian bureaucracy within our shores. ... And if they deem Soviet power a menace to our freedom (as I happen to), they will have to support large armies and air forces, atomic energy, central intelligence, war production boards, and the attendant centralization of power in Washington...
  • ALL Internet (Score:5, Interesting)

    by mi (197448) on Friday November 09, 2007 @05:37PM (#21301219) Homepage

    forwards virtually all of its internet traffic

    This reminds me of that anecdote from years back about a question asked by a clueless user on how he can "download all of the Internet" at once and take it with him...

    Seriously, are we supposed to believe, that "virtually all" of AT&T Internet traffic passes through one facility in San Francisco? It is likely, they have the same rooms in all major nodes, though...

    Which brings us back to those earlier laws obliging phone companies to maintain equipment in all central offices, which would allow the government to eavesdrop on anybody's phone calls. Sure, the police needed a warrant to actually perform the eavesdropping. But the equipment and the facilities ("secret rooms") are always there.

    What they most likely don't need a warrant for is the statistics — did the number of calls to so-and-so suddenly increase? Did he call such-and-such after this-and-this called him?..

    Most likely, NSA is looking for similar things on the Internet — there is a lot of insight to be gained from simply knowing, which sites get more traffic in (possible) correllation with certain events... And then, again, there is a need for the equipment to always be there, so that warranted intercepts of the datastreams can be performed too.

    Yes, this is prone to abuse. No, it can not be effectively audited by the public without "compromising" (or even "jeopardizing") "the mission". The only relief comes from the knowledge, that any evidence illegally collected still can not be used against anyone in the court of law...

  • by morgan_greywolf (835522) on Friday November 09, 2007 @05:39PM (#21301233) Homepage Journal

    While I doubt that they "save" all the traffic, it is entirely possible, that transmitted data is scanned for certain key words and the flagged packets are then investigated further.
    Ummm...not likely. Take a look at this interview with Klein. [cryptogon.com] He says:

    "I flipped out," he said. "They're copying the whole Internet. There's no selection going on here. Maybe they select out later, but at the point of handoff to the government, they get everything."

    The paragraphs above that explain what he means in technical terms (including details of the peering done here), but basically when the NSA gets it, they get everything. What the NSA does with it from there is anybody's guess, but saving everything probably seems unreasonable, but then again, how much storage does the NSA have?
  • Re:Encrypt (Score:3, Interesting)

    by Bryansix (761547) on Friday November 09, 2007 @05:40PM (#21301243) Homepage
    Actually just to play Devil's Advocate here you could read that to mean that people's lives should not be disrupted nor should they be kept from their possesions because of a search without a warrant. On the otherhand the way ATT is doing this does not deprive you from the use of the data at all and so would not fall under this part of the Constitution. I'm not saying that this interpretation is right but it could be made.
  • by UdoKeir (239957) on Friday November 09, 2007 @05:48PM (#21301345)
    I'm not sure I trust this source. Not that I don't think this is/was happening, but this guy could be a deliberate plant to discredit any investigations into the NSA's actions. The Bush camp has done this kind of thing before. That document that came out during the 2004 election is a prime example. It was poorly faked, but actually contained accurate information: http://www.cbsnews.com/stories/2004/09/15/60II/main643768.shtml [cbsnews.com]

    But all people remember is that the first document that was made public was fake. They forget or ignore that people who were around at the time have testified to the authenticity of the information.

    I expect this guy will get "outed" as a crank in the next few weeks and nobody will pay attention to any revelations that are subsequently made.
  • by glrotate (300695) on Friday November 09, 2007 @05:51PM (#21301413) Homepage
    There are two independent clauses in the Fourth Ammendment:

    1) The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated,

    and;

    2) no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

    Neither clause contains your rule that "No warrant, no searches or seizures". Instead Rule 1 states that "no searches unless they are reasonable" and Rule 2 states "No warrants without probable cause."

    The Fourth Amendment does not say "No searches without a warrant." If the drafters meant that, they could have said it, and we are free to amend it at any time, but we haven't.

    The Fourth Amendment merely requires that searches be reasonable.

    Moreover, in a situation where the information is publicly disseminated, e.g when you transmit data across the world, over the internet, to be handled by countless companies you don't know, no search occurs and therefore the Fourth Amendment doesn't even apply.

  • Credentials?! (Score:5, Interesting)

    by yhetti (57297) <(ten.xivehs) (ta) (ittehy)> on Friday November 09, 2007 @06:00PM (#21301543)
    I'm not going to claim it's not happening, but this is not the guy to listen to. I don't want to be a dick about this, but he's not a network engineer, he's not a network admin, he's not a data specialist...he's a cable splicer. He does VDV work for AT&T. Is it possible, if not likely, that he maybe doesn't have a complete understanding of how all the tubes work past Layer 1? (And just to really be a dick about it, every VDV person I've met claims to be a data network expert because they lay the wires. Ask one why Ethernet is limited to 100M by spec and watch the fun.)

    With only 20 of those facilities, and just in AT&T locations, the fibertaps wouldn't even have a significant percentage of traffic going through them. Do some traceroutes; do some ping tests; Try it from different providers. They would have to be routing all traffic through those points. Your ping times would know, and the global BGP tables would know.

    I have a comfortable tinfoil hat. What I *could* be easily convinced of is that the NSA has taps on all oceanic fiber. That's much easier to do, since there's not all that many. And...frankly, they should be. We pay them a lot of money to keep us safe. A *lot* of money. But I don't think this is the guy to listen to regarding something this big and damning.
  • by nunyadambinness (1181813) on Friday November 09, 2007 @06:20PM (#21301843)
    "The Bush camp has done this kind of thing before"

    It seems upon first reading that you're claiming the Bush camp faked the documents that Rather lost his career over.

    Did I misread you?

    And if not,could you please source that? Your link doesn't address it at all. I haven't heard that accusation before, and would like to see something to support it.
  • by cheezus_es_lard (557559) <cheez17 AT gmail DOT com> on Friday November 09, 2007 @06:47PM (#21302165) Homepage
    A couple of notes. AT&T is one carrier- it's likely the other US carriers, such as Qwest, Verizon, etc. are all doing the same thing. CALEA has done a lot for voice in the auto-intercept arena, and they're all compliant with it- hence the presence of automatically-receptive departments at the telcos who _already deal with these people_. Installing splitters and a 'secret room' isn't that far fetched, considering that most CO facilities already use 10% splitters on their fiber backbones for testing purposes, installing another set to route to the NSA doesn't seem that hard. In the dark room, have yourself a bunch of fiber gear designed to recreate the incoming signal and coupled with packet re-assemblers which reconstitute the data streams and mine those that are tagged interesting, and route them directly over DS-3, OC-3 or better (who knows how much dark fiber NSA's got in use?? 49 billion buys a lot...) into the NSA's intercept facility. All of a sudden diverse paths, multihoming, even Tor seem less capable of obfuscating your data's origins- your different paths are all re-constituted at NSA, and then mined for intel. Combine this with a broader-scale mining of data focused on terrorism, drugs, any topic of interest, and you have a massively broad filter capable of doing heuristics on national trends on any different topic, as well as a tool for law enforcement to gather intel for both domestic (warrantless wiretaps, anyone) and foreign surveillance- large portions of Internet transit the USA.

    People used to talk about the acres of computing facilities at the NSA. They're on the bleeding edge in all their tech- and you think they can't reconstitute some diversely-pathed packet data? Encryption? Please. If it's electronic, it's insecure. Get it through your heads.

    love and peace.
    -cheez
  • Juicy details (Score:1, Interesting)

    by Anonymous Coward on Friday November 09, 2007 @06:48PM (#21302175)
    It's called 'Trireme' owning from the fact it use to be a 3-process system (1 on windows, 2 on Linux). Now it's a single app called Argus. It runs on Linux only platforms including Itanium and accepts multiple fiber optic input feeds per box. Each box has about 16gb of ram since the whole design is based on a finite state machine -- that's how it achieves speed. By law they have to filter out US specific IP addresses. In reality what they do is route certain traffic to a foreign ISP (in particular one in France) that then routes it back to the US so it becomes "foreign" traffic and thus "legally" eligible for intercept. A session is stored in a directory in a memfs until such time as a threshold is met. At which point it's tarballed and written to disk. The amount of data passing through requires large single writes to the disk.

    It's design is a series of plugin "states" if you will based upon IP address. Each plugin registers what port/protocol it's interested in and decodes the data to a workable format. In the case of IM the HTML is stripped out that usually appears in IM data these days. It even captures file transfers you make. All the standard protocols are implemented, all the well known IM protocols have been reverse engineered and implemented (thanks to the Open Source code on gaim it was trivial). The last bastions were VoIP, and in-game communications too (think WoW chats and WoW voice). Skype was the running problem since it's all encrypted. But, now that eBay owns Skype, subpoenas are no problem. And since Skype trunked phone calls do not have an origin associated with them, they are immediately subject to intercept (and all of them are). Skype-to-Skype was the best bet.

    Finally, it's a companion application for low-lvl filtering. It looks for general targets and then forwards them on to another system for more specific targeting. The room this guy refers is filled with Raptor boxes that send copies of traffic to the Argus system.
  • Re:Credentials?! (Score:5, Interesting)

    by nehumanuscrede (624750) on Friday November 09, 2007 @07:06PM (#21302355)
    Considering I WORK for AT&T, I would give him far more credit than any engineer
    or planner this company employs. They are engineers in title only. If you want
    to know how things work within a Central Office, go ask the folks who work in it.
    They have far better insight than the planners do.

    The ONLY other possible explanation for having a room full of equipment locked up
    would be a co-located company. It's not uncommon for other carriers to have
    equipment in the office that's unaccessible to AT&T and vice versa.

    However, none of them require a government clearance to gain entry. Just a
    simple key. Nor are they usually hidden from view. They simply put up wire cages
    to restrict access to the rooms in question.

    All it will take is an audit of the fibers in question and the splitters. If the
    splitters actually exist on the backbone fibers and they route into that room, then
    AT&T will have some explaining to do. Simple as that.

    The theory I've kicked around is this type of equipment will have a specific eqpt
    code in the databases AT&T uses. ( Assuming it's inventoried at all. Though the
    word document produced indicates that it might be ) Shouldn't be all that tough to run
    an eqpt scan against a Central Office CLLI code to see if it shows up in the
    inventory. . . .

    Just a theory mind you ;)

    Now as to the percentage of the internet comment I saw earlier.

    Do you actually believe this is the ONLY office this type of setup is installed in ?
    Please. If this gear is what we all think it is, then the major Toll buildings
    ( read that the major hubs ) will likely ALL have this gear installed in it. It's
    just a matter of figuring out which offices have been compromised. Probably easy to
    spot. Find the biggest serving office in any given city and start your search there.

    It's also doubtful they are saving the Internet in real time. It's more than likely
    a scan and flag type setup. It's likely not even done on site. It's far more probable
    that the redirected traffic is shipped out another fiber that is directly connected to
    an NSA office in the region.

    For the encryption comment:

    The day we start encrypting everything on the net will be the day you see the bills
    popping back up to keep those ' terrorist tools ' out of the hands of the average
    citizen.

     
  • by SuperJames_74 (548630) on Friday November 09, 2007 @07:09PM (#21302397) Homepage

    I don't know if it's totalitarianism so much as it is fascism [wikipedia.org].

    Check out this piece comparing Bush to Hitler [thepoliticaljunkies.net].

    The Constitution was designed to alert the population when a president is changing the government into something else. That's why we hear so much about Bush violating the Constitution - he's trying to change our government into something else. Whether he's consciously targeting fascism, or it's a happy coincidence, I don't care - either way, it sucks and I'll be VERY GLAD to see him go.

  • by Duhavid (677874) on Friday November 09, 2007 @07:22PM (#21302513)
    "Well, the post says ALL TRAFFIC. (it does go on to say all of AT&T's traffic, however). Even so, it's not feasible"
    "We learn in The Internet for Dummies that any two packet do not have to, and probably will not take the same route to get from A to B."

    Quibbling. Are they copying data, and should they? That they are possibly not copying *all* has little relevance to the right/wrongness of this.

    "First, it was the UN that partitioned that area, not Britain."

    OK. It still was not an invitation by the Palestinians to come live with them.
    It was an external decision imposed on the people living there.

    "The Palestinians have a homeland."

    And do they have control that that? I recall news articles from
    after Hamas won the election about Israel cutting off tax revenue
    to them. Doesnt sound like any kind of real homeland to me.
    Would you consider it sufficient?

    "The UN resolution did not give the land that Palestinians claim was Palestine and give it to the Israelis. They took a piece of land that was British"

    A British colony, imposed by force by British arms.
    The Palestinians were the ones living there.

    "and gave half to Israel and half to the Palestinians."

    If you have something, someone claims control of that
    something, and gives half to you, half to someone else,
    will you be satisfied?

    "When Israel was attacked for being there (notice that British were not) by every neighboring Arab nation, they said, "Screw you people, we're taking it all!""

    A: Every Arab nation is not Palestine.
    B: I understand that part of the history. Yes.
    And I understand that the Arabs were being very
    hostile to Israel, and I understand how Israel
    is not really liking that. They have legitimate
    security concerns. I get it.

    Believe it or not, I am not saying that the Palestinians are 100% right and
    the Israeli's 100% wrong in this issue.

    "Since then, they have given it back."

    Have they?

    "Still not good enough evidently. The Palestinians want to claim that all of the land that was once British was really Palestine and they want it all back."

    It was Ottoman Empire, then a British colony after the war.
    Again, it was still Palestinians living there. Africa, India,
    Pakistan, America, Canada, etc, etc were all once British colonies.
    What legitimacy do colonial holdings from centuries past have to
    do with government today, especially with all that has been said
    about self determination?

    In other words, I don't think the Palestinians bought into the
    "it's British" idea, it was still "theirs". The Western world
    may have recognized it as British, but they likely didn't.

    And once again, if you owned something, someone else claimed it,
    and divided it and told you you could have half simply because
    of the force of arms, would you walk away happy?
    I don't know where you are politically or economically, but if
    you have ever argued that taxes are stealing, or that they are
    a government monopoly, unfair and imposed, this is the same
    thing.

    "That was 50+ years ago. At what point to give up? Would you support Native Americans lobbing mortars into New York from Jersey? Would you support them launching missiles into Detroit from a reservation in Michigan? What's the difference (other than this had always been Indian land)?"

    Not much difference. There is also the Irish problem as an excellent
    example. I don't know when to give up.

    Also, an important distinction. I am *NOT* saying I *support* any of
    the above using terrorism. I am saying I *understand* where they are
    coming from, how they feel they don't have many other choices on the
    matter. Also, recall that in negotiations, you don't get much from a
    position of weakness. Reagan and Thatcher both argued that ( correctl
  • by ChunderDownunder (709234) on Friday November 09, 2007 @08:55PM (#21303269)
    Indeed, plenty of 'Christian' nations denounce US foreign policy too.

    Has John Pilger's excellent propaganda film The War on Democracy [imdb.com] shown in the US yet?

  • Re:Culture warior... (Score:3, Interesting)

    by uhlume (597871) on Saturday November 10, 2007 @12:38AM (#21304389) Homepage
    Or this one [mediamatters.org]? (Pat Robertson)
  • by Sergeant Pepper (1098225) on Saturday November 10, 2007 @02:21AM (#21304757)
    Have you read any of the Qur'an?

    Methinks not. You're going around telling people to read it when you probably don't even own one. There's a special word in there for Christians, Jews, Zoroastrians and other religions similar to Islam. It's "dhimmi", which means People of the Book. The Qur'an says that Muslims should "not dispute with the Followers of the Book...except of those of them who act unjustly". It says that "[Muslims] believe in that which has been revealed to [them] and revealed to [the dhimmis], and [their] God and [the dhimmi's] God is One, and to Him do [they] submit."

    The People of the Book were granted very similar rights to Muslims. Muslims were not told "to convert [them], subjugate [them], or KILL [them]. PERIOD."

    You're wrong. I fear for the human race based on the lies sheeple like you are willing to believe. I have a bad feeling that you were homeschooled.
  • by Nocterro (648910) on Saturday November 10, 2007 @02:39AM (#21304821)
    They hate us because we've been meddling in their governments, undermining their sovereignty, propping up dictators favorable to us, invading them when those propped up dictators fall out favor, all for our own national self interests.

    I know your post is going to get a hundred posts replying "It's not us! It's Islam! They're out to destroy us!" but I'd like to add one more theory:

    The western world (and America included, despite dire predictions about it's economy) is much wealthier than the countries the terrorist ideologies come from.

    It's that simple. America is wealthy, Americans are wealthy, and they project a culture that shows how wealthy they are. Is it so hard to imagine that to the average Iraqi (only an example, works in Malaysia, Indonesia, Afghanistan, wherever) who is massively poorer than the soldiers and contracters rebuilding his/her country might be a little jealous? And hey, when you're family is starving and someone points out a scapegoat, and promises martyrdom, maybe it doesn't look like such a bad idea.
    I'm not saying it's only economic inequality, but if you can take that away people will have more of a commitment to improving their situation than attacking others. When there is genuine hope of gaining something better within the system ideologies that preach destruction and martyrdom will find fewer supporters.

The trouble with opportunity is that it always comes disguised as hard work. -- Herbert V. Prochnow

Working...