New book: The Secret Sentry

[Douglas Caddy]

The New York Review of Books

November 9, 2009

Who's in Big Brother's Database?

By James Bamford

The Secret Sentry: The Untold History of the National Security Agency

by Matthew M. Aid

Bloomsbury, 423 pp., $30.00

http://www.nybooks.com/articles/23231#

[David Andrews]

Hope they're good. Over the last three years I've been reading a number of agency and bureau histories, "unauthorized histories," and "secret histories." Most come off as fawning and slight.

One book on the CIA-FBI relationship, "Wedge," by Mark Riebling, has only a half-paragraph on Bush's CIA directorship. The time seems right for upgrades of the offerings of the 1990s and the post-9/11 cash-in books.

I wonder if people would chime in and post their candidates for best books on intelligence and investigative agencies, US and other.

Edited October 28, 2009 by David Andrews

[William Kelly]

The Google-NSA Alliance: Questions and Answers

JR Raphael, PC World

timestamp(1265324640000,'longDateTime')Feb 4, 2010 6:04 pm

http://www.pcworld.com/article/188581/the_...nd_answers.html

Google's facing a gaggle of questions over reports that it's working with the National Security Agency. According to a story first published by The Washington Post on Thursday, Google's enlisting the help of the NSA to better secure its electronic assets. The partnership is reportedly a response to the recent attack on Google's networks -- you know, the one that led to the whole "we're leaving China" debacle.

The news, not surprisingly, is generating a wave of reaction on the Web: Is this normal? Is our information still secure? Is Google really evil after all? And has the NSA been writing those crazy Google interview questions all along?

I'll leave those last two in your hands to decide. As for the rest, I spent some time sifting through the facts to find some answers.

<H2 class=articleBodyContentSubHed>Is the Google-NSA alliance really happening? </H2>On the record, no one is saying much. The original story in The Post cites "sources with knowledge of the arrangement " for its information. A follow-up story by The New York Times refers to details provided by "a person with direct knowledge of the agreement."

An NSA spokesperson told me the following:

"NSA is not able to comment on specific relationships we may or may not have with U.S. companies. We can say as a general matter, however, that ... [the] NSA works with a broad range of commercial partners and research associates."

A Google spokesperson also declined to comment specifically on the claims, though he did point to the company's original blog posting about the cyberattacks. The blog states that Google is "working with the relevant U.S. authorities."

<H2 class=articleBodyContentSubHed>What would be the point of a Google-NSA partnership? </H2>In theory, the NSA could help Google defend its systems (and thus your information) from future attacks. The newspapers' reports describe the arrangement as providing a kind of "technical assistance" that'd allow Google to better understand who breached its network and how they managed to pull it off.

<H2 class=articleBodyContentSubHed>Would the government gain access to my personal information? </H2>Thus far, most signs point to no. Sources from both The Post and The Times say Google would not share user search data or e-mail information as part of the NSA partnership.

<H2 class=articleBodyContentSubHed>Why would Google work with the NSA instead of the Department of Homeland Security? </H2>This is an interesting point: The Department of Homeland Security apparently has the legal authority to investigate criminal acts in America, while the NSA does not. The report in The New York Times suggests this distinction shows Google is trying to "avoid having its search engine, e-mail and other Web services regulated as part of the nation's 'critical infrastructure.'"

<H2 class=articleBodyContentSubHed>Has the NSA worked with Google before? </H2>According to the anonymous sources, this would mark the first time Google has teamed up with the NSA for any type of "formal information-sharing relationship."

<H2 class=articleBodyContentSubHed>What about the NSA and other tech companies? </H2>Back in 2006, reports suggested that the NSA used information provided by AT&T to secretly build detailed records of phone calls made by tens of millions of Americans.

"The NSA program reaches into homes and businesses across the nation by amassing information about the calls of ordinary Americans, most of whom aren't suspected of any crime," USA Today reported at the time. "The spy agency is using the data to analyze calling patterns in an effort to detect terrorist activity."

<H2 class=articleBodyContentSubHed>So is there cause for concern now? </H2>Both sources who provided the Google-NSA information say this arrangement isn't about sharing user data, but rather analyzing Google's networks and the apparent weaknesses that were exploited. Google would more likely be sharing details about the attacks and the malicious code that was detected, the sources say.

Still, privacy advocates are expressing concern. The Electronic Privacy Information Center (EPIC) has filed a Freedom of Information Act request with the NSA to try to obtain records about the organization's relationship with Google.

"We would like to see Google develop stronger security standards and safeguards for protecting themselves," EPIC Executive Director Marc Rotenberg told PCWorld sister publication Computerworld. "But everyone knows the NSA has two missions. One is to ensure security and the other is to enable surveillance."

Since neither Google nor the NSA is formally acknowledging any partnership as of now, official information is tough to come by. You can, however, read Google's original blog post about the attacks and its relationship with China. You can also check out the NSA's Information Assurance Web site, which talks about the agency's focus on protecting information systems.

JR Raphael is a PCWorld contributing editor and the co-founder of eSarcasm. He's on Facebook: facebook.com/The.JR.Raphael

http://www.nytimes.com/2010/02/05/science/05google.html

SAN FRANCISCO — Google has turned to the National Security Agency for technical assistance to learn more about the computer network attackers who breached the company’s cybersecurity defenses last year, a person with direct knowledge of the agreement said Thursday.

The collaboration between Google, the world’s largest search engine company, and the federal agency in charge of global electronic surveillance raises both civil liberties issues and new questions about how much Google knew about the electronic thefts it experienced when <A title="Times article" href="http://www.nytimes.com/2010/01/13/world/asia/13beijing.html">it stated last month that it might end its business operations in China, where it said the attacks originated. The agreement was first reported on Wednesday evening by The Washington Post.

By turning to the N.S.A., which has no statutory authority to investigate domestic criminal acts, instead of the Department of Homeland Security, which does have such authority, Google is clearly seeking to avoid having its search engine, e-mail and other Web services regulated as part of the nation’s “critical infrastructure.”

The United States government has become increasingly concerned about the computer risks confronting energy and water distribution systems and financial and communications networks. Systems designated as critical infrastructure are increasingly being held to tighter regulatory standards.

On Jan. 12, Google announced a “new approach to China,” stating that the attacks were “highly sophisticated” and came from China. At the time, it gave few details about the attacks other than to say that a theft of its intellectual property had occurred and that a primary goal of the attackers had been to gain access to the Gmail accounts of Chinese human rights activists.

In reaching out to the N.S.A., which has extensive abilities to monitor global Internet traffic, the company may have been hoping to gain more certainty about the identity of the attackers. A number of computer security consultants who worked with other companies that experienced attacks similar to those of Google have stated that the surveillance system was controlled from a series of compromised server computers based in Taiwan. It is not clear how Google determined that the attacks originated in China.

A Google spokeswoman said the company was declining to comment on the case beyond what it published last month. An N.S.A. spokeswoman said, “N.S.A. is not able to comment on specific relationships we may or may not have with U.S. companies,” but added, the agency worked with “a broad range of commercial partners” to ensure security of information systems.

The agency’s responsibility to secure the government’s computer networks almost certainly was another reason Google turned to it, said a former federal computer security specialist.

“This is the other side of N.S.A. — this is the security service that does defensive measures,” said the specialist, James A. Lewis, a director at the Center for Strategic and International Studies. “It’s not unusual for people to go to N.S.A. and say ‘please take a look at my code.’ ”

The agreement will not permit the agency to have access to information belonging to Google users, but it still reopens long-standing questions about the role of the agency.

“Google and N.S.A. are entering into a secret agreement that could impact the privacy of millions of users of Google’s products and services around the world,” said Marc Rotenberg, executive director of the Electronic Privacy Information Center, a Washington-based policy group. On Thursday, the organization filed a lawsuit against the N.S.A., calling for the release of information about the agency’s role as it was set out in National Security Presidential Directive 54/Homeland Security Presidential Directive 23 , a classified 2008 order issued by President George W. Bush dealing with cybersecurity and surveillance.

Concerns about the nation’s cybersecurity have greatly increased in the past two years. On Tuesday, Dennis C. Blair, the director of national intelligence, began his annual threat testimony before Congress by saying that the threat of a crippling attack on telecommunications and other computer networks was growing, as an increasingly sophisticated group of enemies had “severely threatened” the sometimes fragile systems behind the country’s information infrastructure.

“Malicious cyberactivity is occurring on an unprecedented scale with extraordinary sophistication,” he told the committee.

The relationship that the N.S.A. has struck with Google is known as a cooperative research and development agreement, according to a person briefed on the relationship. These were created as part of the Federal Technology Transfer Act of 1986 and are essentially a written agreement between a private company and a government agency to work together on a specific project. They are intended to help accelerate the commercialization of government-developed technology.

In addition to the N.S.A., Google has been working with the F.B.I. on the attack inquiry, but the bureau has so far declined to comment publicly or to share information about the intrusions with Congress.