[IP] Arrests key win for NSA hackers

Dave Farber dave at farber.net
Thu Apr 8 01:41:45 PDT 2004


 http://www.globeandmail.com/servlet/ArticleNews/freeheadlines/LAC/20040406/T
ERROR06/international/International

Arrests key win for NSA hackers

By DAVID AKIN

UPDATED AT 4:38 AM EDT Tuesday, Apr. 6, 2004

a530ea8.jpg


A computer hacker who allowed himself to be publicly identified only as
"Mudhen" once boasted at a Las Vegas conference that he could disable a
Chinese satellite with nothing but his laptop computer and a cellphone.

The others took him at his word, because Mudhen worked at the Puzzle Palace
-- the nickname of the U.S. National Security Agency facility at Fort
Meade, Md., which houses the world's most powerful and sophisticated
electronic eavesdropping and anti-terrorism systems.

It was these systems, plus an army of cryptographers, chaos theorists,
mathematicians and computer scientists, that may have pulled in the first
piece of evidence that led Canadian authorities to arrest an Ottawa man on
terrorism charges last week.

Citing anonymous sources in the British intelligence community, The Sunday
Times reported that an e-mail message intercepted by NSA spies precipitated
a massive investigation by intelligence officials in several countries that
culminated in the arrest of nine men in Britain and one in suburban
Orleans, Ont. -- 24-year-old software developer Mohammed Momin Khawaja, who
has since been charged with facilitating a terrorist act and being part of
a terrorist group.

The Orleans arrest is considered an operational milestone for this vast
electronic eavesdropping network and its operators. But Dave Farber, an
Internet pioneer and computer-science professor at Carnegie-Mellon
University in Pittsburgh, said the circumstances are also notable because
it will be the first time that routine U.S. monitoring of e-mail traffic
has led to an arrest.

"That's the first admission I've actually seen that they actually monitor
Internet traffic. I assumed they did, but no one ever admitted it," Mr.
Farber said.

Officials at the NSA could not be reached for comment. But U.S. authorities
are uniquely positioned to monitor international Internet and
telecommunications traffic because many of the world's international
gateways are located in their country. And once that electronic traffic
touches an American computer -- an e-mail message, a request for a website
or an Internet-based phone call, for instance -- it is routinely monitored
by NSA spies.

"Foreign traffic that comes through the U.S. is subject to U.S. laws, and
the NSA has a perfect right to monitor all Internet traffic," said Mr.
Farber, who has also been a technical adviser to the U.S. Federal
Communications Commission.

That's what happened in February, when NSA officers at Fort Meade
intercepted a message between correspondents in Britain and Pakistan, The
Sunday Times reported. The contents of that message have not been revealed,
but are significant enough that dozens of intelligence officials were
mobilized in Britain, Canada and the United States.

The intelligence officers at Fort Meade rely on a sophisticated suite of
supercomputers and telecommunications equipment to analyze millions of
messages and phone calls each day, looking for certain keywords or traffic
patterns.

Internet traffic is chopped up into small chunks called packets, and each
individual package is then routed over the Internet, to be reassembled at
the recipient's end. The packet is wrapped in what computer scientists
sometimes refer to as the envelope. And just as the exterior of a regular
piece of mail contains important addressing information, so does the
envelope of a digitized packet. These bits of information are called
headers, and they can be valuable to investigators as well.

Headers typically contain generic descriptions of the packet's contents, in
order to let computers make better decisions about how to route the packet
through the Internet. E-mail traffic gets a lower priority than Internet
video traffic, for instance.

Headers also pick up the numeric or Internet Protocol (IP) address of all
the computers a packet touches as it travels from its originating machine
all the way to its destination. Every computerized device connected to the
Internet has its own unique IP number.

Investigators could program their supercomputers to flag packets of
information that met certain criteria, such as a certain IP number, a
certain traffic pattern or a certain kind of content. As soon as a packet
is flagged, investigators would apply for warrants to assemble the packets
and read the messages' contents.

-------------------------------------
You are subscribed as eugen at leitl.org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/



----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07078, 11.61144            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE
http://moleculardevices.org         http://nanomachines.net

[demime 1.01d removed an attachment of type application/pgp-signature]





More information about the cypherpunks-legacy mailing list