USA Privacy – Utah NSA Data Center

At the moment the press is full of the stories of cyber spying, surveillance and the NSA whistleblower – William Binney.  Fair play to the man, it takes courage to stand up against the NSA but he’s definitely not the first.  This particular organisation have been spying on our internet traffic for years and the huge spying complex being completed in Utah is merely the centralization of a spying network which has been up and running for many years.  I am of course referring to the infamous Room 641A in San Francisco which was brought to the public attention by another brave whistle blower – Mark Klein.

Mark Klein was a contractor like William Binney working in AT&Ts switching center – a major part of the US internet backbone, when he became aware of a particular room in this building run by the NSA.   Room 641A had been set up as a network tap, with effectively all the internet traffic that passed through this center being copied and routed into this room.

Inside the high security of this room sat a device called the Narus STA 6400 – a device capable of intercepting and analysing huge amounts of network traffic.  No prizes for guessing what was going on here then! Mark Klein, gathered some proof together and exposed the room and it’s function to the world, leading to a court case brought by the EFF.

William Binney has brought the story up to date, and demonstrates that the NSA have never really stopped gathering this data. Here’s the story from Democracy Now – (edited ‘cos they deserve a link!)

The reality is that this new facility is no real secret, nor the methods being utilized by the world’s security organisations.  There were lots of ‘Room 641As’ all across the US and indeed the world, capturing, logging and storing details of all the network traffic on the planet.  It was always going to happen anyway, at least while we used an open, distributed and shared network like the internet to communicate.

The Mark Klein episode was nearly a decade ago now, and obviously just rooms are not quite enough nowadays.  There’s lots of talk about legality, permission and here in the UK the Foreign Minister insisting that legal due process is always followed.  The reality is that it’s much, much  easier for a security organisation to capture all traffic – emails, web browsing, phone calls, search enquiries  and everything else than it is to selectively capture the communications of individual suspects.  Far simpler to dump the whole lot into huge databases and then data mine, or search for the information you require.   If they could somehow just harvest ‘terrorist related data’ then I’m sure nobody would mind very much but they can’t.  The data is ours –

this data is your web history, your emails, your search history – what you do online – at anytime from anywhere.

Had a few drinks? Watched Zero Dark 30? Then proceeded to flounder around the web using lots of ‘terrorist keywords’ . Well it doesn’t matter if you’re a kitchen fitter from Manchester – you’ll raise a few flags on a database somewhere…..and it could very well be via PRISM and the NSA, who might mention it to GCHQ!

Anyone who would believe that all this data would sit untouched, unmonitored and unanalysed until it’s needed is I’m afraid sadly deluded.  Effectively we’re all turned into suspects – the PRISM project and the huge UTAH surveillance center changes nothing except perhaps the efficiency and scope.

So that’s it, all semblances of privacy whilst using any form of electronic communication gone.  Millions of people’s privacy waved aside on the chance of catching the odd terrorist now and again.  Of course there is another issue there, there are ways of keeping your privacy even now such as using a VPN.  The methods of using security products, VPNs, false IP addresses and encryption can ensure that your data is not accessible by  these broad sweeping exercises.  Of course this is what the terrorists will do, at least the ones with a half a brain cell between them.

Which leads to the conclusion that the NSA will most only be snooping on the innocent….

The Internet – A Forum for Free Speech

Freedom of expression is classed as a basic human right both in UN statute and International law. Of course this doesn’t mean that all countries and governments respect this right – clearly when you look at countries like Iran, China and Syria that certainly isn’t the case.

Post something critical online about the Thai royal family and if you live in Thailand, expect a knock on the door very soon. Egypt, Turkey, Gaddafi’s Libya and lots of other Middle Eastern countries also have take a very keen interest in controlling what is posted and discussed on the internet.

The control is usually implemented by fear supplemented by draconian filtering and censoring technologies. Facebook and YouTube are routinely blocked in lots of countries across the world simply because they are very lightly moderated and actively encourage free discussion.

Forums are also a great way for people to gather and discuss various topics and I want to tell you the story of an Arabic discussion forum called Tomaar.net. The site was initially created as a place for Saudis to discuss philosophical aspects of Islam – here’s a screenshot of it.

Tomaar Forum

The forum became very popular primarily because it was a place where subjects like women’s rights, equality and homosexuality could be discussed by Saudi’s in the context of their religion.  It soon started to attract visitors from across the world and became a hugely successful forum for Arabic speakers.  Needless to say that site was not very popular with the religious fundamentalists who hated this sort of free discussion – and this included the Saudi Government.

The forum was hosted in the USA, so it couldn’t be closed down by the Saudi Government who did however block all access from any ISP situated in their country.  Fortunately the forum users were sophisticated web users and were able to use circumvention tools like Identity Cloaker and TOR to bypass the blocks and filters.  Also many users lived outside Saudi Arabia and were not subject to the ban and so the forum continued to grow in popularity.

What Happened Next to Tomaar.net?

Well the forum had a pretty tough time over the coming months after the Saudi blocks were put up.   First of all their hosting providers suddenly pulled the plug, no warning just a letter terminating their contract.  Then followed a succession of hosting providers but all were unable to keep the forum up for very long.

Tomaar.net was being targeted and overloaded by frequent DDOS attacks.  DDOS stands for Distributed Denial of Service and is basically when a web server is overloaded by loads of computers (also called a botnet) all making repeated requests at the same time.  The server hosting the forum was being overloaded and falling over.

You can defend against these attacks and in fact they tried valiantly to keep the forum up commissioning specialist companies like Prolexic Technologies to protect the site.  However in the end it just became too costly to protect the site against these regular attacks, the Tomaar site died and a lively discussion forum exists only in the cache of sites like the Waybackmachine.

Was the Saudi Government responsible for all this, there’s no direct proof that I know of.  However there are many who strongly believe they were behind the attacks.  The reality is that is would be extremely easy for a Government to shut down a site like this, you can even buy large DDOS attacks online for a few hundred dollars.

This is perhaps the most worrying aspect that even a site hosted in a country famous for protecting freedom of speech is not safe.  It’s so very simple to close down a website if  you have some resources available – no problem at all if you’re an oil rich fundamentalist government.