[107463] in Cypherpunks
Re: Echelon Targeting
daemon@ATHENA.MIT.EDU (Information Security)
Thu Jan 14 16:23:53 1999
From: Information Security <guy@panix.com>
Date: Thu, 14 Jan 1999 15:57:54 -0500 (EST)
To: cypherpunks@cyberpass.net
Reply-To: Information Security <guy@panix.com>
> From: scoops <scoops@quiknet.com>
> Subject: Echelon Targeting
>
> My hunch/hope is that it is rare that someone becomes a target for
> investigation based on routine Echelon processing. I think it is much more
> likely that a target or target group is pre-selected and then Echelon goes
> to work.
>
> I suppose another way to ask the question is -- was Echelon designed to
> ferret out new targets as its primary mission or as a secondary tool for
> follow-on tracking and investigation after a target has been selected?
Clearly is it designed for both.
---guy
[snip]
******************************************************************************
Over the Top
---- --- ---
I haven't received the "Spyworld: Inside the Canadian and American
Intelligence Establishments" book by Mike Frost yet.
So for now I'll quote from his article in CAQ, an issue entitled "The New
Age of Surveillance".
Covert Action Quarterly, Winter 1996-97, Number 59
1500 Massachusetts Ave. NW #732
Washington, DC 20005
202/331-9763, caq@igc.org, http://mediafilter.org/caq
Article: "Second Thoughts from the Second Oldest Profession.
Inside the US-Canada Spyworld."
By Mike Frost
[ Pictured is him on two of his Canadian security IDs ]
I was a spy. For almost two decades, I spied for Canada's Communications
Security Establishment (CSE), the most secret and least known branch of
National Defense. But although my paycheck came from the Canadian government,
more often than not, my orders, assignments, and much of my training ---
like those of many other CSE operators --- came from the National Security
Agency (NSA) in Fort Meade, Maryland.
Over the twelve years I spied for CSE, it became increasingly to resemble
the NSA. Both specialize in providing secure communications and signals
intelligence (SIGINT); both operated for years with little public knowledge
or legislative oversight until they were exposed by the media.
[snip]
Despite the similarities, CSE is treated more like a subsidiary than an
equal partner. US military and economic clout, as well as NSA's vastly
superior technical capabilities and near unlimited funds, allow Washington
to dominate.
And while CSE has only a $200-300 million dollar budget, NSA has an
estimated annual budget of almost $4 billion.
But the relationship is not without mutual benefits. CSE, NSA, and Britain's
Government Communications Headquarters (GCHQ) use each other's facilities
and personnel to spy on friend and foe alike and, more alarmingly, to
circumvent domestic laws and spy on their own populations.
[snip]
I either participated in or had direct knowledge of operations in which
CSE operated alone or joined with NSA or GCHQ to:
o intercept communications in other countries from the confines of
Canadian embassies around the world with the knowledge of the
ambassador;
o aid politicians, political parties, or factions in an allied country
to gain partisan advantage
o spy on its allies
o spy on its own citizens; and
o perform "favors" that helped its allies evade domestic laws against
spying.
[snip]
Although I visited NSA headquarters at Fort Meade dozens of times, it was
at the Special Collection Services (SCS) at College Park, Maryland, that
I received my covert operation training and assignments.
This facility, set in suburban Washington, DC, dealt exclusively with
covert operations. [The facility was relocated closer to Fort Meade in
the early 1990s]
The first time I was driven there in 1978, I entered through a strip mall
and then through a door in the back of a restaurant; the second time, via
a dry cleaners.
These dinky businesses in a fake shopping center were all owned, operated,
and staffed by US espionage agencies. From the street, the installation's
high-tech capacity, its antennae and satellite receptors, were camouflaged
and it is unlikely that neighbors suspected anything out of the ordinary.
But the inside was anything but ordinary. There were scores of rooms crammed
with administrative functions, equipment, wires, jury-rigged gizmos, a
currency bank, and computers.
Every electronic intercept capability NSA denied having was right there.
In a small black box, not much bigger than a briefcase, was "Oratory."
This portable key-word selection computer could be taken almost anywhere
and set to pick out pre-selected words and automatically monitor and
record fax, voice, or teletype messages that contained them.
Developed by NSA, "Oratory" was "tempest-proof" (i.e. shielded to
prevent emmisions that could lead to detection), small, virtually
indestructible, and easy to repair: all you had to do was open the
lid and replace the self-diagnosed defective component.
[snip]
In pursuit of plausible deniability, CSE, GCHQ, and NSA have used each
others' personnel and resources to evade laws against domestic spying.
[ an example given in which the NSA wanted to spy on someone within
the US, even though they had no authorization for such an operation ]
...So, two Canadians were sent to conduct a counter-espionage operation
on US soil at US taxpayer expense so that NSA could maintain deniability.
In every way that counts, NSA broke US law and spied on its own citizens.
[ A UK operation by CSE described next. Margaret Thatcher (then Prime
Minister) thinks two of the ministers in her cabinet are not 'on side'
...so she wants to find out if they are... So GCHQ asked CSE operators
to come to London to bug the ministers ]
Increasingly though, both because it's possible and because it's desired,
individuals are caught in the broad net of electronic surveillance.
The experts can record and analyze all your communications at will.
SIGINT organizations in Canada, US, UK, Australia, and New Zealand use
supercomputers such as the Cray to select items of interest. The list
is very fluid and is adapted rapidly to monitor people and policy areas.
At any time, it is likely to contain names of all world leaders, terrorists,
drug lords, mafia dons, members of radical groups, labor union activists
and leaders, types of weaponry, explosives, financial dealings, money
transfers, airline destinations, stock information, international
conferences, demonstrations, and politically suspect groups and individuals.
As is the case with operations, countries maintain deniability by getting
information gathered on their domestic situations by allies.
Under development is even more sophisticated "topic recognition" which
can home in on guarded conversations that avoid potential trigger words.
Nothing and no one is exempt.
For example, you are talking on the telephone to a friend discussing
your son's school play. "Boy," you say sadly, "Bobby really bombed last
night," or perhaps you use the word "assassination" or "sabotage" or any
one of the key words the computer has been told to flag.
A hard copy of your conversation is produced, passed to the appropriate
section (in this case terrorism), and probably ends up in the garbage.
But perhaps the conversation is not so clear-cut or the analyst has poor
judgement. Then your name is permanently filed under "possible terrorist".
Weeks or even years later, you have a similar conversation and use the
same words; the computer filters it out again. Since this is your second
time, your name moves from the "possible" to the "probable" file.
Sound absurd? Not at all; it actually happened while I was at CSE.
[snip]
SIGINT specialists are honing their skills at monitoring digital
information. SIGINT agencies everywhere are increasingly throwing
their surveillance web over the Internet and other data networks
of interest.
[snip]
