NSA Director Faces Cybersecurity Community At Black Hat
Gen. Keith Alexander aims to set the record straight on controversial NSA spying programs, calling out how leaked surveillance programs helped derail specific terror plots.
Alexander said the reason for his appearance was to set the record straight on reports about secret NSA spying activities and to solicit the security industry's input on how to balance national defense and the protection of civil liberties. "I promise to tell you the truth about what we know and what we're doing. What I cannot tell you ... is because we don't want to jeopardize our future defenses," he told attendees.
Alexander's appearance came on the day of yet another revelation from whistleblower Edward Snowden's leaks to The Guardian -- this time, of another tool reportedly called XKeyScore, which Snowden said collects everything a user does online, including email, social media, and browsing history. According to The Guardian report, NSA documents say the XKeyscore program encompasses "nearly everything a typical user does on the internet." That includes "the content of emails, websites visited and searches, as well as their metadata."
The NSA director did not mention XKeyScore in his presentation, nor did the program come up during the question-and-answer period when Alexander responded to queries that Black Hat organizers had gathered from the conference community in advance of the keynote. "The issue that stands before us today is one of what do we do next -- how do we start this discussion on defending our nation and protecting our civil liberties and privacy?" Alexander said. "The reason I'm here is you may have some ideas on how to do it better. We need to hear those ideas. But equally important from my perspective is that you get the facts."
NSA's additional surveillance programs came in the wake of the 9/11 terrorist attacks, which the independent 9/11 commission's report concluded was, in part, the result of a failure of the U.S. intelligence community to "connect the dots."
"So we had to come up with a way to help stop the attacks ... The Congress, administration, and the courts all joined together to come up with programs that meet our Constitution and help us connect those dots," Alexander said.
That led to the two now hotly debated programs, the so-called Section 215 Authority, a.k.a. the PRISM program, and Section 702 Authority, which allows the NSA to acquire content when needed. Alexander says the discussion surrounding those programs so far hasn't taken into consideration the oversight -- Congress, the courts, and the administration -- and compliance that goes hand in hand with them.
"It's not true that we are collecting everything," he said. He showed a screenshot of what he says NSA analysts actually can see under the Section 215 Authority under FISA, for counterterrorism efforts: date and time of a phone call, the calling number, the called number, the duration of the call, and the origin of the metadata. No voice calls, SMS text messages, names, or location information, he said. "This does not include the content of communications, your phone calls or mail, not my phone calls or emails.. There is no content: no names, addresses, in the database or locational information used," Alexander said.
... Read full story on Dark Reading
Post a comment to the original version of this story on Dark Reading