Common Americans are no longer considered worth protecting as part of national security. ----------- Mr. Carboni, Thank you for providing the information below. We have conducted an initial search within the organization that is most likely to hold records. That organization advised that the request, as worded, is overly broad. Querying any of our organizations would likely result in the same response. The phrase “malware transmitted through USB firmware” is overly broad, such that any of our internal organizations would not be able to determine which files to search or be able to conduct a search with a reasonable amount of effort. Terms such as “malware” or “firmware” may turn up in any number of NSA records and most likely would not be related to securing home networks. Furthermore, added search without a clarification of context and specific records sought, would incur significant fees which would be passed on to you as an “all other” requester. A large facet of the NSA/CSS mission is to protect National Security (i.e. government, DoD, Industry partners) information systems. In doing so, this Agency provides guidance on Information Assurance security solutions to our Industry and Government customers regarding risk, vulnerabilities, mitigations, and threats. While it is not part of our mission to provide guidance on securing home networks, we may occasionally post information on our website as you may recall from our letter. Our Information Assurance Directorate (IAD) has provided some information to the public that may be of interest to you. Here are some additional links that you may peruse: https://www.nsa.gov/ia/mitigation_guidance/index.shtml https://www.nsa.gov/public_info/press_room/2014/nsa_seal_scam_alert.shtml (this is a recent article the does provides a link regarding malware) https://www.nsa.gov/ia/index.shtml The last paragraph provides a video link under “IAD's Latest Security Guide Helps Customers Protect Home Networks,” and there is also a fact sheet titled “Best Practices for Keeping Your Home Network Secure.” Since the information you appear to be requesting (protecting home networks) does not fall under the purview of NSA/CSS missions, continued search of our files would not be productive. Your request will be administratively closed as an improper FOIA. If, after reviewing the information on our website, you wish to submit a FOIA request on similar topic(s), please provide enough detail to allow for an accurate and focused search. Regards, Cindy B NSA/CSS FOIA Requester Service Center (301)688-6527
Could you please post your FOIA and the address you mailed it to? I am interested in filing a FOIA on NSA. Thanks. On 12/18/2014 5:22 pm, Ryan Carboni wrote:
Common Americans are no longer considered worth protecting as part of national security. -----------
Mr. Carboni, Thank you for providing the information below. We have conducted an initial search within the organization that is most likely to hold records. That organization advised that the request, as worded, is overly broad. Querying any of our organizations would likely result in the same response. The phrase “malware transmitted through USB firmware” is overly broad, such that any of our internal organizations would not be able to determine which files to search or be able to conduct a search with a reasonable amount of effort. Terms such as “malware” or “firmware” may turn up in any number of NSA records and most likely would not be related to securing home networks. Furthermore, added search without a clarification of context and specific records sought, would incur significant fees which would be passed on to you as an “all other” requester.
A large facet of the NSA/CSS mission is to protect National Security (i.e. government, DoD, Industry partners) information systems. In doing so, this Agency provides guidance on Information Assurance security solutions to our Industry and Government customers regarding risk, vulnerabilities, mitigations, and threats. While it is not part of our mission to provide guidance on securing home networks, we may occasionally post information on our website as you may recall from our letter. Our Information Assurance Directorate (IAD) has provided some information to the public that may be of interest to you. Here are some additional links that you may peruse:
https://www.nsa.gov/ia/mitigation_guidance/index.shtml
https://www.nsa.gov/public_info/press_room/2014/nsa_seal_scam_alert.shtml (this is a recent article the does provides a link regarding malware) https://www.nsa.gov/ia/index.shtml The last paragraph provides a video link under “IAD's Latest Security Guide Helps Customers Protect Home Networks,” and there is also a fact sheet titled “Best Practices for Keeping Your Home Network Secure.” Since the information you appear to be requesting (protecting home networks) does not fall under the purview of NSA/CSS missions, continued search of our files would not be productive. Your request will be administratively closed as an improper FOIA. If, after reviewing the information on our website, you wish to submit a FOIA request on similar topic(s), please provide enough detail to allow for an accurate and focused search.
Regards,
Cindy B NSA/CSS FOIA Requester Service Center
(301)688-6527
On 12/29/14 5:10 PM, bluelotus@openmailbox.org wrote:
Could you please post your FOIA and the address you mailed it to? I am interested in filing a FOIA on NSA. Thanks.
Consider using MuckRock to file your FOIA request, track the response schedule, and automatically post responsive documents publicly: https://www.muckrock.com/agency/united-states-of-america-10/national-securit... You can review successful requests to the NSA to discern ways to encourage timely responses, or use them as templates. The MuckRock folks are doing important work to provide an environment for FOIA requestors to avoid duplicative efforts, automate the tedium, and create a powerful new community. You can follow interesting requests to be notified when there are status changes and get the docs immediately. gf -- Gregory Foster || gfoster@entersection.org @gregoryfoster <> http://entersection.com/
http://www.nsa.gov/public_info/foia/submit_foia_request/foia_request_form.cf... Records Requested: I request any information the NSA has on malware transmitted through USB firmware. I request this for personal, noncommercial purposes, particularly for securing my own personal computer. I authorize fees up to $20.
participants (3)
-
bluelotus@openmailbox.org -
Gregory Foster -
Ryan Carboni