Why the NSA-Twitter Rumor Is Dumb
July 15th, 2009The NSA wouldn’t have to ask Twitter for permission to install a dump feed because NSA already has it. It’s very safe to assume that NSA is already splitting everything off from NTT/Verio, Twitter’s hosting provider. In other words, the NSA had the capability in place long before Twitter was even a glimmer. There’s no mystery about where the traffic is going. Maybe the people at ValleyWag have amnesia and don’t remember terms like Mark Klein and NarusInsight Intercept Suite.
Besides, check this out: U.S. State Department speaks to Twitter over Iran:
The U.S. State Department said on Tuesday it had contacted the social networking service Twitter to urge it to delay a planned upgrade that would have cut daytime service to Iranians who are disputing their election.
Confirmation that the U.S. government had contacted Twitter came as the Obama administration sought to avoid suggestions it was meddling in Iran’s internal affairs as the Islamic Republic battled to control deadly street protests over the election result.
And if you believe that the U.S. State Department thought up the idea to call Twitter over the Iran thing all by themselves, I’ve got a bridge to sell you.
Finally, here’s a bit of interesting history on NTT/Verio. NTT is, of course, Nippon Telegraph and Telephone, the largest telecom company in Japan (and all of Asia, for that matter). When NTT was looking to buy Verio back in 2000, it was a serious national security matter. Cryptome has some of the old articles archived. This was what the tone was like back then:
In an agreement with broad implications for the future of the Internet, the Federal Bureau of Investigation has resolved U.S. national-security concerns over a Japanese phone company’s $5.5 billion plan to buy the U.S. Web-hosting company Verio Inc.
The agreement, aspects of which still need to be finalized, was crafted over weeks of intense negotiations between Nippon Telegraph & Telephone Corp. and officials from the FBI and the Justice Department, U.S. officials said. The Clinton administration has struggled for months to allay worries that the NTT purchase of Verio could present a foreign-espionage risk by giving the Japanese-government-controlled company access to U.S. wiretapping activity.
The FBI’s handling of the NTT-Verio transaction will set an important precedent for law-enforcement involvement in the growing, but largely unregulated Internet. U.S. officials have long scrutinized foreign acquisitions in the aerospace, defense and telecommunications sectors, but this is the first time they have weighed an Internet deal for national-security implications.
The NTT negotiations highlight growing law-enforcement fears that the entry of foreign companies into the booming U.S. telephone and Internet markets could undermine the FBI’s ability to investigate criminals by tapping into their digital communications.
FBI. HA. *wink* Get it?
Remember, these were the days before it was publicly admitted that the NSA had its tentacles all over the show. The handful of us who read books like Puzzle Palace and Secret Power were able to parse that NTT/Verio drama for what it actually was back then. In the post Mark Klein ATT case era, we have confirmation about what’s happening at the network provider level.
Via: ValleyWag:
The Twitterati are only too happy to take their private moments public. But Silicon Valley’s technical wizards are whispering to one another over lunch that the the federal intelligence apparatus wants more, and is taking it. (Update: Twitter denies)
Whoever is seeding the restaurant gossip is being fairly specific. A source tells us that a loose-lipped Twitter staffer recently dished at a lunch that the company has allowed a federal agency to set up a tap to monitor a “firehose” of its data, including private details on users, presumably including private “direct messages,” IP addresses and account information. The Feds — the NSA would seem the most logical agency —then analyze the data to mine for information they deem of interest.
Twitter, it is said, is one of only a handful of internet companies large enough for the Feds to bother setting up such monitoring.
We called and emailed Twitter’s PR department and the company’s director of operations, and have not yet heard back. (Update: See below.) But it’s hard to imagine the microblogging company would be happy about such an arrangement. The San Francisco company’s top two executives, Evan Williams and Biz Stone, live in SF and Berkeley, respectively, and show every sign of having absorbed the Bay Area’s left-field, anti-establishment culture.
“the Bay Area’s left-field, anti-establishment culture”
Yeah. This is the same culture that has given us such ardent revolutionaries and anti-establishment types as Larry Page and Sergey Brin, Len Bosack and Sandy Lerner, Steve Jobs, John McAfee, and Jim Barton and Mike Ramsay.
ValleyWag has an over-inflated sense of Bay Area companies’ firmly held beliefs compared to their well-established desire to make money.
Even if you do have a full mirror/tap from the upstream provider, it’s easier to extract and correlate bits if you can just query the damn databases behind the service.
Anyway, it’s just a matter of resources and time required to get at the same end result.
Oh, and don’t discount the possibility that there’s multiple government actors here. Just because No Such Agency could read data right off the wire doesn’t mean that the FBI wouldn’t request “special” access to systems or switches or routers, or that the State Department wouldn’t “priority notification” of particular topics or data-feeds of interest.
Why spend the money and effort on monitoring just once, when could you do it two or three or five times over, spread over different agencies’ budgets, for no additional net benefit? 🙂
bleargh. Is there a preview button? 🙂
Previous comment should read:
Oh, and don’t discount the possibility that there’s multiple government actors here. Just because No Such Agency could read data right off the wire doesn’t mean that the FBI wouldn’t request “special” access to systems or switches or routers, or that the State Department wouldn’t want “priority notification” on particular topics or data-feeds of interest.
Why spend the money and effort on monitoring just once, when you could do it two or three or five times over, spread over different agencies’ budgets, for no additional net benefit? 🙂