Nov 7, 2007

CATCH-ALL: Suck It Up - All Of It

As we recently boasted,
for over a year and a half, readers here have been treated to details of the CATCH-ALL program that are only now being uncovered by our intrepid news media.
An article hacked & jacked from today's business section of the Washington Post might be of some interest to our readers that have followed SMC's mumbling & fumbling exposition of the Catch-All saga from scratch.

The plain-spoken, bespectacled Klein, 62, said he may be the only person in the country in a position to discuss firsthand knowledge of an important aspect of the Bush administration's domestic surveillance program. He is retired, so he isn't worried about losing his job. He did not have security clearance, and the documents in his possession were not classified, he said. He has no qualms about "turning in," as he put it, the company where he worked for 22 years until he retired in 2004.

In an interview yesterday, he alleged that the NSA set up a system that vacuumed up Internet and phone-call data from ordinary Americans with the cooperation of AT&T . Contrary to the government's depiction of its surveillance program as aimed at overseas terrorists, Klein said, much of the data sent through AT&T to the NSA was purely domestic. Klein said he believes that the NSA was analyzing the records for usage patterns as well as for content.

He said the NSA built a special room to receive data streamed through an AT&T Internet room containing "peering links," or major connections to other telecom providers. The largest of the links delivered 2.5 gigabits of data -- the equivalent of one-quarter of the Encyclopedia Britannica's text -- per second, said Klein, whose documents and eyewitness account form the basis of one of the first lawsuits filed against the telecom giants after the government's warrantless-surveillance program was reported in the New York Times in December 2005.

In summer 2002, Klein was working in an office responsible for Internet equipment when an NSA representative arrived to interview a management-level technician for a special job whose details were secret.

"That's when my antennas started to go up," he said. He knew that the NSA was supposed to work on overseas signals intelligence.

"What the heck is the NSA doing here?" Mark Klein, a former AT&T technician, said he asked himself.

The job entailed building a "secret room" in an AT&T office 10 blocks away, he said. By coincidence, in October 2003, Klein was transferred to that office and assigned to the Internet room. He asked a technician there about the secret room on the 6th floor, and the technician told him it was connected to the Internet room a floor above. The technician, who was about to retire, handed him some wiring diagrams.

"That was my 'aha!' moment," Klein said. "They're sending the entire Internet to the secret room."

The diagram showed splitters, glass prisms that split signals from each network into two identical copies. One fed into the secret room, the other proceeded to its destination, he said.

"This splitter was sweeping up everything, vacuum-cleaner-style," he said. "The NSA is getting everything. These are major pipes that carry not just AT&T's customers but everybody's."

One of Klein's documents listed links to 16 entities, including Global Crossing, a large provider of voice and data services in the United States and abroad; UUNet, a large Internet provider in Northern Virginia now owned by Verizon; Level 3 Communications, which provides local, long-distance and data transmission in the United States and overseas; and more familiar names such as Sprint and Qwest. It also included data exchanges MAE-West and PAIX, or Palo Alto Internet Exchange, facilities where telecom carriers hand off Internet traffic to each other.

"I flipped out," he said. "They're copying the whole Internet. There's no selection going on here. Maybe they select out later, but at the point of handoff to the government, they get everything."

Another document showed that the NSA installed in the room a semantic traffic analyzer made by Narus, which Klein said indicated that the NSA was doing content analysis.

Claudia Jones, an AT&T spokeswoman, said she had no comment on Klein's allegations. "AT&T is fully committed to protecting our customers' privacy. We do not comment on matters of national security," she said.

The NSA and the White House also declined comment on Klein's allegations.

Klein is in Washington this week to share his story in the hope that it will persuade lawmakers not to grant legal immunity to telecommunications firms that helped the government in its anti-terrorism efforts

Klein is urging Congress not to block Hepting v. AT&T, a class-action suit pending in federal court in San Francisco, as well as 37 other lawsuits charging carriers with illegally collaborating with the NSA. He was accompanied yesterday by lawyers for the Electronic Frontier Foundation, which filed Hepting v. AT&T in 2006. Together, they are urging key U.S. senators to oppose a pending White House-endorsed immunity provision that would effectively wipe out the lawsuits. The Judiciary Committee is expected to take up the measure Thursday.


zenpundit said...

Exceedingly interesting post.

My poor understanding of the internet is that it has not yet been accurately mapped. That there are "continents" of activity that are effectively "dark" by virtue of being isolated from the mainstream of net traffic.

I'm not a tech guy, so my comment here is speculative, but the post presupposes that the USG had the foresight (and capability) to map the step by step expansion of the internet/WWW from 1995 forward.

I'm somewhat skeptical we had the computing power at the time, much less the ability to anticipate the direction network growth before network theory had been postulated, disseminated, understood and adapted to by math whiz types. The complexity would seem to be daunting. Like playing three dimensional chess with a board that you assemble yourself atom by atom. If we're that good, icing Bin Laden should be cake.

Tanji should comment on this one.

Meatball One said...

Greetings, honorable Count Pundit von Zen

I appreciate your, per usual, reflective commentary. I am inclined however to take issue with your statement the post presupposes that the USG had the foresight (and capability) to map the step by step expansion of the internet/WWW from 1995 forward.

Not at all, I profess. Not at all. In fact, I do not quite understand why you so presuppose. Do explain if you can steal the time to do so. Perhaps I'm missing something here. (It's usually my fault when I stand bewildered)

I shall return to Catch-All and address one of the rather brilliant (and primary at that) aspects of the program. For the moment though,I dare profess that not devising and implementing Catch-All would've been downright irresponsible when judged from a perspective that places value on national competitiveness and global primacy - aspects that dwarf the programs possible utility value when it comes to shaking out the occasional bearded & confused whacko besieged by dreams of asymmetric justice.

Three hints on where I'm going with this:

1 Hong Kong International Airport

2 Origins of crude oil and natural gas

3 This video/graphic found over at NPR

mark said...

I may be wrong here M-1. SIGINT type stuff is not my field, which is why I'd like to hear Tanji opine, if he is able, given his prior employment.

The USG has tried to read what it deemed it must from the days of monitoring Western Union and FBI clerks opening mail. Perhaps "mapping" and "sucking it all up" are really two different questions, here and the second would have allowed a way to do the former. I'm just a little skeptical about the sheeer number of variables as the internet really took off in the late 1990's

Meatball One said...

Fair enough, Wise One. But I'm not letting MT anywhere near this shack until he rids himself his garlic and whiskey breath. Geez.

I think one of my minor points here is that it ain't half bad an idea at all to collect all the transactionals that can be collected/generated - even if the tools and needs aren't quite yet upon us at present so as to make optimal use of these mounds of amassed transactionals.

When such time arrives as to render us equipped with the appropriate tools and queries to completely exploit present day transactionals, it will be nice to realize that someone called our own had the foresight to collect the substrate needed upon which we might deploy novel tools and queries for competitively advantageous reason.

Noteworthy be it perhaps in this context to point out that these transactionals can be mined for goodies whose relevance extends beyond the time frame from which the transactionals were captured.

If transactionals are lost per way of not being captured during effervescent generation then they are lost forever. As we at present are producing more quality transactionals than our enemies and global competitors, we are thereby creating more exploitable informational real estate, and a head start in this informational/transactional land creation scheme should not be squandered. It would be akin to dumping high-grade gold ore out to sea because of a temporary chokes in refining capabilities.

That we failed to capture the transactionals of originating yesteryear need not negate the value of getting our act together sometime thereafter - especially when we manage to do so ahead of our still lagging competitors.

Now, not a few unsuspecting citizens would be most surprised by some of the specific transactionals being captured because of their forgivable prejudices related to privacy. We will touch on these transactionals in subsequent posts as we are still in the process collecting OSINT corroboration for such claims.

Anonymous said...

Yes, really.