Stories
Slash Boxes
Comments
Search

News for nerds, stuff that matters

Slashdot Log In

Log In

Create Account  |  Retrieve Password

AT&T Accidentally Leaks NSA Suit Information

Posted by Zonk on Fri May 26, 2006 06:43 PM
from the that's-a-big-oops dept.
Privacy United States Government The Courts News
op12 writes "CNET has an article describing how AT&T accidentally leaked sensitive information involving the NSA lawsuit. From the article: 'AT&T's attorneys this week filed a 25-page legal brief striped with thick black lines that were intended to obscure portions of three pages and render them unreadable. But the obscured text nevertheless can be copied and pasted inside some PDF readers, including Preview under Apple's OS X and the xpdf utility used with X11. The deleted portions of the legal brief seek to offer benign reasons why AT&T would allegedly have a secret room at its downtown San Francisco switching center that would be designed to monitor Internet and telephone traffic. The Electronic Frontier Foundation, which filed the class action lawsuit in January, alleges that room is used by an unlawful National Security Agency surveillance program.""
+ -
story

Related Stories

[+] Politics: DOJ Still Looks To Have Suit Against Verizon Tossed 79 comments
An anonymous reader writes "With Director of National Intelligence Mike McConnell acknowledging that the 'private sector' had a hand in assisting the president's warrantless wiretapping initiative, the DOJ is ever more strenuously demanding that the suit against Verizon be dropped. 'The Justice Department attorneys argue McConnell's statements did nothing to change the fact that it hasn't ever confirmed any of the activities alleged by the class action plaintiffs--and has, in fact, denied the existence of any sort of "dragnet." The arguments made by the class action plaintiffs rest on nothing but "speculation," the attorneys wrote. In the Justice Department's view, litigating the case would still require exposing how the program actually does work--which, it says, would in turn endanger national security.'"
[+] Technology: Guide to DIY Wiretapping 183 comments
Geeks are Sexy writes "ITSecurity.com has a nice piece this week on how wiretapping works and how you can protect yourself from people who wants to snoop into your life. From the article 'Even if you aren't involved in a criminal case or illegal operation, it's incredibly easy to set up a wiretap or surveillance system on any type of phone. Don't be surprised to learn that virtually anyone could be spying on you for any reason.'" Maybe I'm on the wrong track here, but I guess I assumed that wiretapping now happened in secret rooms at the telco, and not by affixing something physically to a wire in your home, but I'll definitely be aware next time I hear a stranger breathing next time I'm stuck on hold.
This discussion has been archived. No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

AT&T Accidentally Leaks NSA Suit Information 25 Comments More /

 Full
 Abbreviated
 Hidden
More
Loading... please wait.

  • DMCA anyone? (Score:5, Funny)

    by MarkByers (770551) on Friday May 26 2006, @06:47PM (#15413206) Homepage Journal
    But the obscured text nevertheless can be copied and pasted inside some PDF readers, including Preview under Apple's OS X and the xpdf utility used with X11.

    Looks like Slashdot is informing readers how to avoid document protection mechanisms. I hope you don't get sued under the DMCA!

    • Plausible bullshit. (Score:4, Interesting)

      by way2trivial (601132) on Friday May 26 2006, @07:37PM (#15413450) Homepage Journal
      Not the first time 'redacted' pdf's when 'uncovered' have led to increase the defensive position of the group who supplied the 'poorly' protected document.

      I recall a redacted PDF from italy that 'supported' the US gov'ts claims at the time..

      it's too damn convenient, if the redacted portion had been damming.. I'm sure the doc would have been on paper, with the blocked portions cut out... not blacked over with a sharpie.

  • Oh crap (Score:5, Funny)

    by Intron (870560) on Friday May 26 2006, @06:47PM (#15413210)
    Now xpdf will be banned under the DMCA.

  • Proactive protection... (Score:5, Insightful)

    by Volante3192 (953645) on Friday May 26 2006, @06:52PM (#15413236)
    So, if there really are...
    benign reasons why AT&T would allegedly have a secret room at its downtown San Francisco switching center
    then why did...
    the Bush administration [submit] a 29-page brief that elaborates on its argument that the case should be tossed out of court because of the "state secrets" privilege?

    Seems like if they didn't do anything illegal they have nothing to fear.

  • What's amazing is (Score:5, Insightful)

    by thealsir (927362) on Friday May 26 2006, @06:52PM (#15413239) Homepage
    That the US as a whole doesn't seem to give a shit about this. Look at the results of polls. Ranges from general aloofness to "it's good for National Security(TM)." Look at T's stock price. Huh, normally a company with such an incriminating lawsuit wielded against it would take at least somewhat of a hit in price (though the markets ARE very wierd right now). It seems that the techie crowd are the very small minority of folks who actually care that their phone calls were tracked without ANY precedent in the first place. We're not talking warrantless tracking, we're talking completely random warrantless tracking. What was the saying in Rome? Feed the masses and give them entertainment, and you can do anything to them.

    • Re:What's amazing is (Score:5, Insightful)

      by QuantumRiff (120817) on Friday May 26 2006, @07:31PM (#15413424)
      The population as a whole can not conceptialize the power of correlated data. They see shopping "club cards" and see that they get a better price. They watch "24", and see that the bad guys are caught cause their license plates are pulled up in 5 seconds (all bad guys drive their own vehicles, of course!).. they see stoplight cams taking pictures of license plates as making the streets safer..

      We geeks deal with data every day. We understand that patterns can be drawn from it, often very incorrect patterns based off of incomplete data.

      The non-geeks cannot comprehend that in the next very few short years, they will get a knock on the door, and the police will say, On Thursday, at 8am, you shopped at the grocery store on 10th street, bought a bunch of bannana's and some milk. 20 minutes later, you were seen driving buy at 3MPH over the speed-limit on this street, which is only 5 minutes from the grocery store. You had better account for exactly what you did during that 15 minutes, because we are placing you under arrest for a crime that was commited in that area at that time. We also see that you have called your nephew 3 times in the last month, who was served 6 months (several years ago) in jail for an assault. And you give money to the ACLU, which makes our job harder.

    • Re:What's amazing is (Score:5, Insightful)

      by rbochan (827946) on Friday May 26 2006, @07:58PM (#15413540) Homepage
      That the US as a whole doesn't seem to give a shit about this....

      The US government must think that Americans are lazy, brainless sheep who will shut out even the most obvious evidence that criminals are running the country. I mean seriously, only the most idiotic... Oh look! American Idol is on!

  • When will they learn? (Score:4, Insightful)

    by cdavies (769941) on Friday May 26 2006, @06:53PM (#15413244) Homepage
    I swear, I've heard about so many instances of this exact same attack, I stop feeling sorry for the idiots who are surely going to get fired for this.

    If it's not people who don't really understand how postscript works, it's people who don't realise those 4MB word files contain more than just the visible part of the document....

    • Re:When will they learn? (Score:4, Interesting)

      by Bogtha (906264) on Friday May 26 2006, @07:15PM (#15413353)

      Ever think that somebody was "stupid" on purpose in order to leak the information without going to jail? After all, assuming that they haven't had training in computer security and the specific software in question (after all, who is actually trained to create PDFs?), a prosecutor have a hard time proving that they should have known better.

  • Dumb and dumber.... (Score:5, Insightful)

    by gweihir (88907) on Friday May 26 2006, @06:59PM (#15413272)
    Every educated person should now know that black bars in PDF do not remove what is under them. There were several high-profile cases in the press by now.

    In addition, do these people not employ any security experts that tell them how to do this right? Making clean (text) documents is really easy: Export to ASCII, remove text, import as ASCII. But obviously this low-tech approach needs a qualified high wizard of computing today.

    Not that I mind that these amoral scum got bitten.

    • Re:Dumb and dumber.... (Score:5, Insightful)

      by jandrese (485) <kensama@vt.edu> on Friday May 26 2006, @07:05PM (#15413301) Homepage Journal
      That destroys the formatting and makes your work look very unprofessional. There are better ways to redact information from a PDF.

      The biggest problem is that it's a paradigm shift for these people and they're not ready for it. The "Black Bars" always worked with regular documents, but when they were forced (against their will) to switch to electronic documents many people tried to find ways to make all of their old procedures work with the new format. This always happens when you force people to switch to technologies they're not comfortable with, and throughout history has been an enormous source of lost productivity and security leaks. The kind of people who are making these mistakes aren't the kind of people who read Slashdot, they're the ones that are thankful when they can finally go home every night and get away from those godforsaken computers for the rest of the day.
    • Not that I mind that these amoral scum got bitten.

      But did they? I mean, if I wanted to sow disinformation, hiding something with the intent it might be found is a great way to it.

      (/me double checks tinfoil hat... and peeks outside for black helicopters)

  • Why are they suing AT&T? (Score:5, Insightful)

    by Anonymous Coward on Friday May 26 2006, @06:59PM (#15413278)
    You think they would sue the ones actually responsible for making this all happen, you know, the fucking government?

      Suing AT&T really misses the point...

  • This "leak" is intentional. (Score:5, Informative)

    by jthill (303417) on Friday May 26 2006, @07:06PM (#15413308)
    This is a multinational corporation with its global reputation on the line, not some band of trolls that can't abide sunlight. They have very, very smart people running their response. Their bland, everything's-fine, "we're just innocent li'l good boys doing what we should" arguments aren't even remotely plausible candidates for secret filings. It's a dodge, meant to convince the people who want to trust them and divert the ones who don't.

  • You see? (Score:4, Funny)

    by cno3 (197688) on Friday May 26 2006, @07:10PM (#15413324) Homepage
    This is what happens when you outsource your redacting responsibilities to overseas contractors.

  • Amazingly Sloppy (Score:5, Informative)

    by flooey (695860) on Friday May 26 2006, @07:15PM (#15413350)
    Considering they're apparently working with the NSA, it's amazing they were this sloppy. If you've ever seen an NSA release of a classified document that's been scrubbed, it's always very clear that it's either a document that someone has physically overwritten with a black marker and then scanned (such as here [nsa.gov]), or a document that was edited on a computer, printed out, and then scanned back in again (such as here [nsa.gov]). They do that precisely so there's no traces of old information left in there. I'm surprised they didn't lend their trick to AT&T.

  • What the lawyers hid from you (Score:5, Informative)

    by Anonymous Coward on Friday May 26 2006, @09:53PM (#15413983)
    For those who cannot read the redacted pdf brief [politechbot.com] online, here are the parts in bold italics that the lawyers did not want you to read.
    Plaintiffs contend that the Klein Declaration is itself sufficient to make out a prima facie case on their statutory claims. But even if one focused only on the two claims as to which plaintiffs make any argument, the Court could not determine the validity of those claims without first evaluating information covered by the government's state secrets assertion. Plaintiffs' suggestion that they need only show that certain communications have been split off into a "secret room" strips multiple elements from the statutes on which their claims are based and glosses over numerous issues that would have to be explored if their claims were ever to be fully litigated.

    AT&T cannot confirm or deny any of the facts on which plaintiffs' complaint is based. But it is certain that the Klein Declaration and its associated exhibits are insufficient to demonstrate any illegal conduct by AT&T. Plaintiffs offer no evidence regarding what, if anything, actually happens to any data once it allegedly enters the alleged "secret room." Plaintiffs' purported expert provides merely "suggestive" configurations between unknown equipment in an AT&T facility. See Declaration of J. Scott Marcus In Support of Motion for Preliminary Injunction (Dkt. 32) 74. His strongest opinion, explicitly based "in terms of media claims" is conditioned entirely on a supposition: "if the government is in fact in communication with this infrastructure." Id. 39. Plaintiff's purported expert, of course, has no knowledge whether this is true or not.

    Even accepting their allegations as true, plaintiffs' declarations fail to establish their claims. Key factual issues that bear directly on the viability of their legal claims and AT&T's defenses are subject to the Government's state secrets assertion and are unavailable. Without either confirming or denying the plaintiffs' assertions, AT&T notes that the facts recited by plaintiffs are entirely consistent with any number of legitimate Internet monitoring systems, such as those used to detect viruses and stop hackers. Although the plaintiffs ominously refer to the equipment as the "Surveillance Configuration," the same physical equipment could be utilized exclusively for other surveillance in full compliance with the terms of FISA - which even the plaintiffs themselves would not contend is unlawful. See id. 40 ("The SG3 Configurations could be used for a number of legitimate purposes."). The mere existence of these so-called configurations, even if plaintiffs' allegations were accurate, would not by itself be prima facie evidence of what - if any - information is intercepted or divulged or by whom. And it certainly is not prima facie evidence of any illegality. Plaintiffs fail to establish even a prima facie case that there has been an "interception" of "contents" within the meaning of 18 U.S.C. 2510(4) & (8), whether there has been "electronic surveillance" within the meaning of 50 U.S.C. 1801(f), and whether particular statutory exemptions do not apply, see, e.g., 18 U.S.C. 2702(c). Certainly nothing compels the inference that the contents of communications of "millions of ordinary Americans," (Motion for Preliminary Injunction (Dkt. 30) at 11), have been divulged to the government, in contradiction of the government's statement that communications are intercepted only if the government has "a reasonable basis to conclude that one party to the communication is a member of al Qaeda," or otherwise affiliated with al Qaeda. Press Briefing by Attorney General Alberto Gonzales and General Michael Hayden, Plaintiffs' Request for Judicial Notice (Attachment 2) (Dkt. 20).
    • Cryptome [cryptome.org] has had copies of these documents for some time (about a week). You should take some time to read them. This gentleman falls in line with Michael Lynn who lost his job for disclosing Cisco's flaws. With the government wanting to monitor everything and its mother, I think it serves them right to have the truth exposed. If you'd like an interesting read, read on:

      mass surveillance of the entire population is logically plausible if NSA's domestic spying is not looking for terrorists, but looking for something else, something that is not so rare as terrorists. For example, the May 19 Fox News opinion poll of 900 registered voters found that 30% dislike the Bush administration so much they want him impeached. If NSA were monitoring email and phone calls to identify pro-impeachment people, and if the accuracy rate were .90 and the error rate were .01, then the probability that people are pro-impeachment given that NSA surveillance system identified them as such, would be p=.98, which is coming close to certainty (p_1.00). Mass surveillance by NSA of all Americans' phone calls and emails would be very effective for domestic political intelligence.

      But finding a few terrorists by mass surveillance of the phone calls and email messages of 300 million Americans is mathematically impossible, and NSA certainly knows that. The Politics of Paranoia and Intimidation [counterpunch.org]
      Anyhow, here's an unredacted excerpt:

      In January 2003, I, along with others, toured the AT&T central office on Folsom Street in San Francisco -- actually three floors of an SBC building. There I saw a new room being built adjacent to the 4ESS switch room where the public's phone calls are routed. I learned that the person whom the NSA interviewed for the secret job was the person working to install equipment in this room. The regular technician work force was not allowed in the room.

All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2009 Geeknet, Inc.