Friday, August 2, 2013

NSA Leaks : Part XI

So after reading about the NSA's "X-KeyScore" servers that apparently collect everything a user does online, I just have to ask: Where exactly is that little red dot in Northwest? Yakima-Echelon? JBLM? Bangor-Kitsap? Whidbey Island AFB? .  The server(s) are probably located so as to be close to the undersea cables that transit the Northwest. Most probably they would be part of a large scale server infrastructure involving many servers and lots of cooling capacity.  They may want to be near internet exchanges like SIX or BCIX.  But certainly "X-KeyScore" server infrastructure would result in a significant physical presence, perhaps even multiple significant presences. And there would be interfaces....

The slides are from 2008, so one can only imagine significant "X-KeyScore" server growth since then. You can bet the hunt is on by state security services and rogue hackers across the world to find these servers and their interfaces.

From The Guardian

What I find so astounding about all these revelations is not the comprehensiveness of the surveillance, the arrogance of the NSA lying before Congress, or the fact that all my web searches, email, and blog posts are probably being logged for all eternity.  What I find so astounding is the fact that slides like the one above were ever produced let alone made available to a network administrator like Edward Snowden. You see, these slides don't contain the specific information that a network administrator would need to work on a particular set of servers. The slides seemed to be designed for a collection analyst, yet that type of analyst really wouldn't need to see a bunch of vague red dots showing world wide collection points in order to perform data queries.

Apparently, nobody at the NSA gave any thought as to what the reaction would be if this information ever escaped. This would imply that the NSA thought their security was bulletproof, which is really, really strange. Because no one I know in the security field has believed such braggadocio for a long time now.  Did anyone at the NSA stop to think of the potential scope of economic catastrophe if the internet users of the world suddenly stopped trusting their desktops and internet? How about the counter-intelligence catastrophe if someone actually penetrated X-KeyScore servers once their general locations were revealed? And  how was it exactly that a contract network administrator like Edward Snowden, employed in the top security organization in the world came to have access to so much sensitive material? Is the national security establishment in the United States simply too big and too complex now to be secured?

To say that the NSA's  information access policy was (is)  designed in an insecure and careless fashion is an understatement.  The exposure of this type of information is simply going to result in economic, communication, national, and security based "creative destruction" to use Joseph Schumpeter's phrase.  In effect, the continuing exposure itself is not just a form of counter-intelligence. It is a harbinger of world-wide revolution.  Whether you think Edward Snowden and Glen Greenwald are traitors is beside the point. The carelessness of which your many tax dollars were spent is going to fund a worldwide devaluation of  global capitalism and a revolution in the information industry.