New Report On NSA Released Today

daveschroeder writes "George Washington University has today released a three-volume history of NSA activities during the Cold War (major highlights). Written by agency historian Thomas R. Johnson, the 1,000-page report, 'Cryptology During the Cold War, 1945-1989,' details some of the agency's successes and failures, its conflict with other intelligence agencies, and the questionable legal ground on which early American cryptologists worked. The report remained classified for years, until Johnson mentioned it to Matthew Aid, an intelligence historian, at an intelligence conference. Two years later, an abstract and the three current volumes of the report are now available (PDF) from GWU and the National Security Archive. Aid, author of the forthcoming history 'The Secret Sentry: The Top Secret History of the National Security Agency,' says Johnson's study shows 'refreshing openness and honesty, acknowledging both the NSA's impressive successes and abject failures during the Cold War.' A fourth volume remains classified. Johnson says in an audio interview: 'If you are performing an operation that violates a statute like FISA, it's going to come out. It always comes out.'" And reader sampas zooms in on a section in Document 6 about the growth of NSA's IT: their first Cray purchase in 1976, the growth of circuits between facilities, and internal feuds over centralized IT development vs. programmers-in-departments. "A young systems engineer named [redacted] was urging NSA to look at some technology that had been developed by the Defense Advanced Research Projects Agency (DARPA). In 1969 DARPA had developed a computer internetting system called ARPANET... NSA quickly adopted the DARPA solution. The project was called platform."

Some interesting highlights...

[daveschroeder]

...are in another Wall Street Journal article [wsj.com]. On Vietnam:

The NSA's role in Vietnam has been well documented in a specific agency history by agency historian Robert J. Hanyok, who wrote of NSA's botched intelligence on the supposed second attack in the Gulf of Tonkin. But Mr. Johnson's interpretation differs. Mr. Johnson hired Mr. Hanyok to expand on the more-limited treatment of the war in Mr. Johnson's history.

Mr. Hanyok finds that NSA not only made analytic errors but it also withheld information from the White House, leading White House officials to believe that there had been a second attack when there hadn't been. Mr. Johnson maintains that the NSA was "flat wrong" in reporting a second attack in the Tonkin Gulf, but he attributes it to human error not an effort to manipulate the White House. (Vol. 2, p. 583)

Another area of interest is the legal issues with which the NSA has always grappled:

Mr. Johnson's history makes clear that NSA, and its predecessors, have long grappled with legal uncertainty. "Early American cryptologists worked without the knowledge of the American public," Mr. Johnson writes of the World War I period. "They even worked without knowing if what they were doing was legal or not. It was an odd and unsettling position to be in." (Vol. 1, p. 272)

Even as Congress sought to clarify the laws on government intercept operations, the 1934 Federal Communications Act left vague whether such activities were legal. A 1950 bill amending the criminal code that then-Sen. Lyndon B. Johnson pushed gave legal protection to intercept activities. The NSA was created two tears later in a secret memo from President Truman, but it wasn't until 1959 that it was named in legislation.

Meanwhile, the revelation in 1960 that two NSA employees had defected to the Soviet Union in prompted multiple agency investigations. An intensive screening of agency employees turned up 26 employees believed to be homosexual who were fired. "The proceedings were not all that a civil libertarian might have wanted, but they calmed the waters enough for NSA to begin functioning again," Mr. Johnson writes. (Vol. 1, p. 284)

It wasn't until 1968 that NSA's activities were officially authorized through obscure language in a crime bill. "It did so just in time," Mr. Johnson writes. "The Watergate period and the attendant Church and Pike Committee hearings called into question all that was illegal about espionage and much of what was legal, too." (Vol. 2, p. 474)

Those hearings revealed NSA's involvement with two eavesdropping programs -- known as Shamrock and Minaret. For decades, Shamrock obtained copies of cable traffic entering or leaving the U.S., and Minaret intercepted communications of Americans who had been placed on a watchlist.

In his history, Mr. Johnson reveals that the NSA lawyer who first looked at Minaret "stated that the people involved seemed to understand that the operation was disreputable if not outright illegal." (Vol. 3, p. 85) Reports from the program were designed to look like they didn't come from NSA.

Mr. Johnson gives great credit to NSA Director Gen. Lew Allen for shutting them down, noting that the director said "the did not pass the smell test." (Vol. 3, p. 84) Mr. Johnson is openly critical of the programs, writing, for example, that Minaret "came to a well-deserved end." (Vol. 3, p. 86)

He says in an interview that NSA employees involved should have gone to their bosses and said, "Boss, if you keep doing this, you're violating the law, and you could go to jail."

Mr. Johnson, in an interview, points to the current controversy over NSA's warrantless surveillance in the wake of 9/11. He noted that he was impressed to see reports that in 2004, about two and a half years into the program, NSA lawyers began demanding to see the White House's legal justifications for the program. Their efforts along with those of some new J

Re:

[n1ckml007]

The cake is a [Redacted]

Re:

[show me altoids]

The sheriff is a [redacted]!

Re:

[Zebra1024]

What if your last name was redacted. Wouldn't they look silly.

Re:

[0xABADC0DA]

then-Sen. Lyndon B. Johnson pushed gave legal protection to intercept activities. The NSA was created two tears later in a secret memo from President Truman, but it wasn't until 1959 that it was named in legislation.

Privacy dies and Truman only shed TWO tears? Hell Jefferson rolled over in his grave more than that. Truman probably didn't even get misty-eyed nuking all those Japs...

On an unrelated note...

[Killer Orca]

everyone who clicks the links will become a person of interest to the NSA.

Re:On an unrelated note...

[AKAImBatman]

Having done quite a bit of research on nuclear everything (from power generation to weapons to propulsion) and then openly sharing that information with others, I'm sure I'm already a person of interest. So if you don't mind, I'll just go ahead and click away! ;-)

P.S. Gun-type bombs are easy. All you need is a critical mass of U235-- err... never mind. I seem to have guests. I'll get back to you...

Re:

[X0563511]

I'm sure I'm marked as well. Oh well, I always do enjoy crapping up the Signal:Noise.

Re:

[X0563511]

Oh, and no. You need two subcritical masses, which when shot together are critical or supercritical.

(this is nothing you can't glean from wikipedia)

Re:On an unrelated note...

[AKAImBatman]

The joke was that I was interrupted before I could tell you that you need to use that mass to create two equally sized hemispheres of U235. Fix one against a solid wall (e.g. the inside of a steel casing would do) and position the other a short distance away. (Preferably on some sort of guides that force it to face the other hemisphere. Again, steel casing is a good idea here.) Pack explosives behind the loose hemisphere. The explosives will thrust the loose hemisphere toward the fixed hemisphere, hopefully with enough force to compact the U235 and cause a super-critical reaction.

If you manage a super-critical reaction, then *BOOM*. If you fail at it, then no boom today. Boom tomorrow. Always boom tomorrow.

Re:

[X0563511]

Heh, the hard part is getting the U235 and handling it safely. Any monkey can hop on the internet and learn what to do with it.

Re:

[AKAImBatman]

Oh, come on! A little neutron radiation never hurt anybody! ... Much. ... Okay, so it slowly turned them into swiss cheese. Not to mention the gamma ray burst after they accidentally set the hemispheres too close to each other. *cough* But that's beside the point! :-P

Joking aside, I'd say the problem is even deeper than proper handling. Once it's all processed for you, shaped, and clad in a protective carton or sheath for transport, U235 is relatively harmless. It's the processing that will kill you. Proces

Re:

[blincoln]

Of course, I've always had a soft spot for the TXT file floating around that describes how to enrich uranium in your backyard with little more than a bucket. Perfect (and humorous) example of what NOT to do when processing uranium. ;-)

That's what DIY telepresence waldoes are for. Er, not that I have any such plans myself.

Re:

[X0563511]

You know, that's not that bad an idea. But then, why go through the trouble to work with the reflector as well? Just more complexity. I understand beryllium is difficult to machine.

Re:

[HardCase]

If you have to explain the joke...

Re:

[Kjella]

All you need is a critical mass of U235--

Which just happens to be much, much rarer than gold. They'd never refine uranium and build a bomb from scratch, they'd be buying a functioning bomb somewhere in which case the instructions would be more like "enter code, press button, BOOM!" than anything remotely connected to nuclear science. Knowing the theory of building a nuke is like a theoretical physicist knowing how to win the world weightlifting championship, but it's a bloody long way from doing it.

Re:

[oodaloop]

I work in the intelligence community, and I can assure that most people here don't even know what /. is, let alone do they monitor what a bunch of geeks talk abou...what's that? Whoooooosh? Dammit.

Re:On an unrelated note...

[SemiSpook]

Well, ex-spook here, and at my organization, I was able to peruse /. before I left. Couldn't do normal things like webmail or eBay, but apparently wasting time at /. was perfectly acceptable.

Re:

[danieltdp]

Could you all please look at this red light?

Re:

[danieltdp]

And everyone that posts something about the NSA... Oh, wait. Too late!

Re:

[mcgrew]

No we won't. Because we already are.
</tinfoil hat>

Longest Story Summary Ever

[54mc]

As a typical /.er, I might just RTFA, rather than the summary!

[Redacted]

[Phrogman]

[Redacted]

Re:

[gehrehmee]

My mother was a SAINT!

Re:

[mcgrew]

I found it odd that they redacted the programmer's name. Whay would the man's neame be a matter of national security? I could see if he was a field agent, but a PROGRAMMER?

Are there any NSA spooks out there who can shed some light on this?

Re:[Redacted]

[dave562]

I'm not a spook or NSA employee but it seems that the simple explination would be that they don't want to publish their personnel details much like you don't want to advertise your servers to the internet. The less information that the "bad guys" have about the internal workings of your organization, the harder it will be for them to penetrate it. In the specific case of a programmer, that programmer can be working on all sorts of highly classified projects. Even the most innocuous conversation can often times to be used to gain details about a subject.

Re:

[socz]

yah imagine if people knew the names of MS windows programmers... they'd be tied up somewhere in nor cal forced to fix things the users didn't like!

"We'll see how well you'll do with a blue screen of death in front of YOU"

Re:

[ArcherB]

I found it odd that they redacted the programmer's name. Whay would the man's neame be a matter of national security? I could see if he was a field agent, but a PROGRAMMER?

Are there any NSA spooks out there who can shed some light on this?

First, I would guess that any NSA employee's names would be held back for a couple of reasons. First, would be from anarchist/hippie types that would want to torment this poor fellow or his family for helping out what they view as an evil organization, even if only as a programmer. Next, this guy might be privy to security issues, default passwords or back doors in the applications or IT setup at NSA. This information would be very valuable to foreign intelligence agencies.

Re:

[nsaspook]

"Are there any NSA spooks out there who can shed some light on this?"

NO.

Writes its own limerick, really.

[Net0ps]

A young systems engineer named [redacted]
Was urging the NSA to look at some [redacted]
    He [redacted] the [redacted],
    so they [redacted] in [redacted],
and [redacted] the [redacted] in [CLASSIFIED DUE TO MATTERS OF NATIONAL SECURITY].

Re:

[MartinSchou]

So ... basicly the NSA is made up of Smurfs?

Don't Smurf smurf up every other word they smurf? That's the smurfpression I've gotten from smurfing the Smurfs on smurf. I might be smurf, but then again, I might also be smurf.

Re:

[QRDeNameland]

Sorry, I can't marklar what you marklar.

Re:

[Anonymous Coward]

Oo! I know! It's a mad lib!

A young systems engineer named Tom Bombadill
Was urging the NSA to look at some cheese.
    He climbed the coffee cup
    so they extinguished in nail-clipper
and fricasseed the business card in area 51.

Re:

[Zegoma_beach]

I accidentally [redacted] the whole thing!

Re:

[moosesocks]

Who ever said that censorship can't be funny [youtube.com]?

Intesesting museum

[plopez]

The National Cryptologic Museum, I found it very interesting. If you are in the area you might give it an hour or two.

http://www.nsa.gov/MUSEUM/museu00009.cfm [nsa.gov]

Re:Intesesting museum

[SemiSpook]

Especially when they tell you about the Wall of Honor, and the fact that there are several individuals that cannot be revealed because those missions are still classified.

But, if you do get a chance to go, play with the Enigma machine they have on display. That was something that practically blew my mind when I first encountered it in the flesh.

Well, if you ask me...

[SemiSpook]

If the declassification folks took the time to blot out some of the finer details that probably do need the use of some classified network to read, you would think they'd remove the particular classification compartments on the actual pages. Now everyone on the intarwebs can see it. Oh noes!

I forgot, this is apparently good enough for government work. Awesome.

How about

[Corpuscavernosa]

a 3 volume history of NSA activities 2000-2008? Those would have to be much larger volumes I'm guessing.

Re:

[failedlogic]

Usually I use books as a door stop. I think this 3 volume collection you are referring to would be a door stop for Fort Knox!

A dinosaur zoo in 1990

[Anonymous Coward]

I visited the NSA many times from 1986 to 1990 - I found their computer systems to be abysmal. After several tours, and it was obvious that the whole place had a 1960's mindset towards computing. Namely, get the biggest, fastest, and most expensive computers, then build your own software around them.

Yes, they had the very first Cray and CDC supercomputers - each had a homebrew operating system, written in house, and practically undocumented. Horribly expensive to maintain your own custom operat

If you haven't been to NSA in nearly two decades

[daveschroeder]

...and even then, only did so as a guest/contractor, then you have no idea about what is going on at NSA currently.

Computing under DOD has always been an exercise in maintaining extreme reliability, sometimes at the cost of (perceived) modernization. Many enterprise organizations still use several-year-old, proven systems because that's what's reliable and that's what works. And what ignorant managers proudly attest to in any organization is usually separated by a gulf from reality.

But you're right: things have changed. There's a lot of old technology all over the military and the IC, but there is also a lot of conventional modern -- and even "bleeding edge" -- gear. The mindset has drastically changed from "must be built here" to the extensive use of commercial-off-the-shelf (COTS) solutions. And that was already happening in the mid- to late-1990s.

Funny you should mention universities -- academia is simultaneously a fantastic dinosaur zoo of its own, and simultaneously a breeding ground for some of the most exciting and groundbreaking work. NSA has long had this same duality. If you saw the NSA of the last 10-15 years, you'd be surprised at the technology in play -- warts and all.

Who cares?

[PPH]

'If you are performing an operation that violates a statute like FISA, it's going to come out. It always comes out.'

So what? Nobody is going to jail over it. Political coups facilitated by such activities are not reversed. Prosecutions stemming from them are not overturned. Ill-gotten gains from such information illegally used for profit are not confiscated.

So 50 years later documents are declassified and people are identified who broke the law back then. They're all dead by now.

Re:

[PPH]

Like good old Mr. [redacted].

FISA compliant operations.

[LoyalOpposition]

If you are performing an operation that violates a statute like FISA, it's going to come out," he says in an interview. "It always comes out.

Mr. Johnson went on to explain that there were no operations that violate a statute like FISA that have not been revealed. It's futile to look for operations that violate a statute like FISA, as all of them have been revealed. No unrevealed operations violating a statue like FISA remain. All unrevealed operations comply with all statutes like FISA.

-Loyal

Re:

[daveschroeder]

Believe it or not, everything someone says, just because they are affiliated with NSA, isn't always all propaganda or misinformation.

Hint: no one has found operations that are allegedly in violation of any law by "looking for them" from the outside. They've all been leaked to the media. And the legality of the various operations is anything but clear cut [slashdot.org], and will likely be a subject of legal debate for years to come.

NSA doesn't just invent things to do on its own. Intelligence agencies serve one primary pu [intelligence.gov]

Re:FISA compliant operations.

[copponex]

Believe it or not, everything someone says, just because they are affiliated with NSA, isn't always all propaganda or misinformation.

Correct. It is also always what they want you to hear. The chief enemy of every state is it's own people, because that's the most likely entity that will end their rule.

As far as intelligence agencies and "nuanced" truth, you only have to look at Operation AJAX. We quite simply overthrew a democratic government so we could have better access to oil. If you think any modern conflict is any different, I can only ascribe it to purposeful ignorance.

Even from an intelligence standpoint, the NSA and CIA are nearly useless. They didn't predict the collapse of the Soviet Union. They missed 9/11 by a mile. When they were trying to discover whether Ho Chi Minh was taking orders from Russia or China, the most they found was a single Russian newspaper at a Vietnamese Embassy. Their end analysis? The Vietcong were so loyal they didn't even need to receive orders, they "just knew" what their communist masters wanted. I think they call it "groupthink," though political malice seems like a much easier explanation.

They are just unaccountable agencies with no oversight that serve the interests of the ruling party, and as a side benefit inject technology into private industry for the benefit of the same power center. Everything they touch is propaganda, and they have no constitutional authority to exist. So, they shouldn't. One thing has not changed since the dawn of time: concentration of power in a centralized fashion leads to corruption and misery, whether it's in a government, corporation, or your local PTA. If you cover that up with secret budgets and unaccountable violence, you shouldn't be surprised that the results are so bad.

Biggest Failure??

[hemp]

In the lead-up to the Cuban Missile Crisis, NSA and military spies missed the Soviets transferring a battery of offensive missiles to Cuba. That "marked the most significant failure" by government eavesdroppers to warn national leaders since World War II, Mr. Johnson wrote.

I guess 9/11 won't be included until Volumn 4 due out in 2058.

Re:

[Phrogman]

I believe these volumes only cover the NSA up until 1989, so missing out on 9/11 predictions is probably not their fault. Unless you want to blame the Men who stared at goats [wikipedia.org] for failing to psychically predict the attack, and that was an US Army operation anyways.

Re:

[Bearhouse]

Urm, think that should be modded 'insightful', rather than 'funny' guys..

Re:

[Hatta]

I'm more interested in their biggest success. What has the NSA actually done for us to justify its existence?

Re:

[ElAurian]

The Cuban Missile Crisis was VASTLY more significant an intelligence failure than 9/11. There's no comparison!

Simply put: If the Cuban Missile Crisis had gone south, billions of people would have been dead in a few short years. (After nuclear winter set in, and all the crops died.)

9-11 involved the destruction of some buildings in one city, and the deaths of thousands of people.

There's no comparison.

Re:Biggest Failure??

[Sanat]

I was in the Cuban Missile Crisis. I was a systems analyst for the minuteman missiles systems which carry nukes.

I was a member of the Combat Targeting team made up of three team members and our job was to program the missile's computer with target data and other information and to aim/align its guidance system optically to true north.

The half finished missile sites in Montana were taken away (literally commandeered) from Boeing and new missiles postured for use adding a larger quantity of nukes than the USSR had counted on facing.

The Strategic Air Command (SAC) was at its finest with the B47's ready and the B52's ready as well.

This was a time to remember.

we assumed we were going to die but did not know much about what was going on (all portable radios were confiscated) so just did our jobs to the best of our abilities.

Probably the NSA is going to look me up for sharing this.

 

Re:

[caluml]

Posts like this are what makes Slashdot truly interesting. The fact that you can read what Hans Reiser says, Bruce Perens, or people that were actually involved in the Cuban Missile Crisis.
I've actually wondered what other huge names read this site, read the comments/jokes about them, and just chuckle. Obama, if you're reading this, leave a message anonymously.

Is google scanning it and putting it online?

[Ginsu2000]

Come on google!

internal feuds

[nurb432]

Sounds like any other company to me.

NSA failures.

[nsaspook]

The total lack of security with keying material until this guy was caught.
http://www.bop.gov/iloc2/InmateFinderServlet?Transaction=IDSearch&needingMoreList=false&IDType=IRN&IDNumber=22449-037&x=0&y=0 [bop.gov]

http://www.fas.org/irp/eprint/heath.pdf [fas.org]

silly hacker names

[griffman99h]

sheesh. Leave it to some NSA hacker geek at DARPA to use the handle [redacted].

I mean come on, be original for once.

:P