[iwar] [fc:James.Bamford.Talk.at.Berkeley]

From: Fred Cohen (fc@all.net)
Date: 2002-02-17 21:29:53
Next message: e.r.: "[iwar] Re: [iwar)Singers started whining, but software makers loose too"
Previous message: Fred Cohen: "[iwar] [fc:Software.Snags.Crooks,.Sneaking.Spouses,.but.Alarms.Privacy.Advocates]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-Id: <200202180529.g1I5Trh28603@red.all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
From: Fred Cohen <fc@all.net>
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Precedence: bulk
Date: Sun, 17 Feb 2002 21:29:53 -0800 (PST)
Subject: [iwar] [fc:James.Bamford.Talk.at.Berkeley]
Reply-To: iwar@yahoogroups.com
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 8bit

<a href="http://www.lewrockwell.com/orig2/bamfordreport.html">http://www.lewrockwell.com/orig2/bamfordreport.html>

Report on a
James Bamford Talk at Berkeley

James Bamford is the author of The Puzzle Palace and Body of Secrets, books
about the National Security Agency. He is visiting Berkeley in the School
of Public Policy, and gave a talk entitled "Intelligence Failures that Led
to the September 11th Attacks."

He was introduced by the Dean of the School, who explained that the school
has a new emphasis on information technology and public policy. The Dean
explained that while it is generally true that "Those who know don't speak,
and those who speak don't know," James Bamford is the exception. The Dean
said that Bamford was working on a new book A Killing Sleep: Anatomy of
America's Greatest Intelligence Failure, a description of what happened
prior to Sept. 11.

Bamford started by providing lots of background. He was fresh out of law
school and didn't want to practice law, so he had the idea of writing about
the most secret agency in the US Government, the National Security Agency
(NSA). This led to the now twenty year-old book, The Puzzle Palace. NSA
eventually found out that he was writing, and tried very hard to stop him.
NSA twice arranged to have him criminally prosecuted for revealing secrets,
but he was able to show that he had used material in the public domain.
Bamford explained that he had become an expert in using the Freedom of
Information Act (FOIA) to get a lot of information. It's not so easy,
because the FOIA doesn't apply to the NSA since the NSA almost doesn't
exist. It was not created by Congress, but by a memorandum. When he wrote
his first book, the rule was that once a document was declassified, it
could not subsequently be reclassified (sort of a no ex post facto idea).
According to Bamford, Reagan changed those rules, allowing and in fact
doing a lot of reclassification, Clinton didn't change the Reagan rule but
didn't do reclassification, and the current Bush administration has adopted
the Reagan rules.

NSA was created after WWII from the code breaking activity that had
proceeded during the war. At the time it was created, no one but a couple
of people even knew it had been created. NSA stands for no such agency, or
never say anything, or after Puzzle Palace, not secret anymore. To
illustrate how secret NSA is, after Puzzle Palace was published, Bamford
went on a book tour. At one point he was scheduled onto a PBS show where
the other guest was Sen. Bill Bradley. Prior to the show, the Senator asked
Bamford why he was on the show, and he explained that he had written a book
on the NSA. Bradley asked him what that was, and Bamford explained. Then
Bradley went on the show to explain his ideas for the economy, or whatever,
and then the interview switched to Bamford. Bamford explained that the NSA
was a secret agency. The interviewer said "How secret?" And, naturally,
Bamford did not pass on the opportunity to say that it was so secret that
not even Sen. Bradley knew about it. Bradley was not pleased.

Years later, having worked on television news shows, Bamford did a second
NSA book. It also took three years. His first idea was to go to NSA and ask
for a tour, interviews, and documents. They were not accommodating, to say
the least. "Enemy of the state." "Not in your interest to proceed."
However, eventually NSA turned around, and eventually provided him with
access to lots of information, although they never provided documents.
Again, FOIA came through.

Bamford explained that he was amazed by some of the material he was able to
get. For example, he found a detailed 1962 plan to invade Cuba. In the wake
of the failed Bay of Pigs invasion, the US was embarrassed and wanted to
dump Castro some other way. The idea was to have the US Armed Forces invade
Cuba, deposed and kill the leadership, and establish a new government.
Basically do to Cuba what we just did to Afghanistan, Bamford explained.
However, there was a problem. The US needed a pretext to invade.
Unfortunately for the invasion plan, we didn't know of anything that Castro
was doing to the US besides sitting there being decidedly Communist. So, a
pretext had to be created. The plan Bamford found, through FOIA, sent a
chill down his back. The US would arranged to have Americans shot on the
streets of US cities, we would set off bombs in crowded areas of US cities,
and there was a detailed plan to blow up a commercial airliner over Cuba.
This plan was approved, in 1962, by every member of the Joint Chiefs,
including the chairman. [If this is true, the plan was never executed.]

About NSA: it is 38,000 people, 50 buildings, on a campus in Maryland, in
suburban Washington DC. The have the most powerful computers in the world,
1.6 million tapes in their tape library [tapes?]. Basically they do signals
intelligence, listening to phone calls, faxes, email, and any sort of
communication. To do this they have extensive facilities all around the
world. One technique that Bamford mentioned was how they capture microwave
signals. Microwave, unlike high frequency signals [HF are actually lower
frequency than microwave, in case you care], do not bounce off the
ionosphere and travel in a straight line. Towers must be line of sight from
each other. So how's the NSA going to listen to this? Answer is that some
of the radiation goes past the receiving station, and continues in its
straight line out into space. The NSA has satellites out there to grab the
signals. [Bamford described the satellites as geosynchronous, but that
wouldn't work.] NSA also makes and breaks codes. The big nasty secret
within NSA is that in the forty years or more that NSA spent billions of
dollars on breaking the Soviet codes, they made no progress. No important
Soviet code was ever broken by the NSA, or by anyone.

NSA has a whole bunch of listening posts around the world. There's one in
England. Each post captures about two million messages per hour. They cull
out the interesting ones in many ways - limiting prefixes, etc. The Soviets
had a listening post in Cuba for forty years (they are only just now
dismantling it) and they knew how to filter out the interesting stuff. For
example, any phone call to prefix 456 in the DC area code was a call to the
White House, any call to 688 is a call to NSA.

So what about NSA's involvement in Sept. 11. Some have compared the failure
to the "failure" at Pearl Harbor. Actually, Pearl Harbor was quite a
success for the predecessor agencies to NSA. The US had managed to
completely break the key Japanese codes (Purple), and the German codes
(Enigma) were also broken. In the case of Pearl Harbor, the US signals
people picked up the key message to the Japanese embassy in Washington,
decoded it (it said something like break off relations and destroy all your
crypto equipment) well in advance of the attack. The message did not say
where an attack would come, so the US sent the message to everyone saying
"Japanese attack expected." The weather was wrong over the Pacific so the
usual HF path did not work. Instead the message was sent to Honolulu via
Western Union, where it arrived a few hours after the attack.

In contrast, NSA did nothing to help prior to Sept. 11. No monitoring of
Osama Bin Laden (OBL) was done. The hijackers of the plane that would up
hitting the Pentagon lived in Laurel, MD, the same town that NSA was in.
When the hijackers drove from Laurel down US 1 toward Dulles, the traffic
in the other direction was mostly NSA employees on their way to work.
Rather embarrassing to the NSA, in fact a disaster of major proportions.
Realize that the primary goal of NSA, the justification for the billions of
dollars per year of our citizens money spent by the NSA, is simply to
prevent a surprise attack. Yet the US and NSA was caught totally
unprepared. Bush was reading to first graders in Sarasota, the head of NSA
was having breakfast in downtown Washington.

OBL moved his operations from the Sudan to Afghanistan. The infrastructure
there was insufficient for OBL's needs, so he contacted an intermediary in
London who in turn arranged for a student in the US to buy a satellite
phone. The phone was mailed to London, the service activated there, and the
phone mailed to OBL. It was an Inmarsat phone. So NSA has a billion
dollars, they figured this out and got good eavesdropping on OBL. NSA was
very proud of this, and would show off their abilities to distinguished
guests at NSA. They would laugh as he called his mother and talked to her.
Unfortunately, OBL seemed to sense something, because he never used the
satphone for operational material. Just used it for calls home. But this is
still useful: at least we know where he is, because the phone radiates, and
that radiation can be tracked. And we took advantage of that: Clinton
called for reprisals against OBL after the embassy bombings in E. Africa,
and we sent missiles to a training base in Afghanistan that we knew about
because of the satphone. Unfortunately, two bad things resulted: one, OBL
was not there when the missiles arrived, and two, OBL, no dummy, stopped
using the satphone when he realized it was being used to track him. The NSA
never heard from him again. Never. NSA went deaf.

NSA had other problems: only one or two (at the most) NSA people can speak
an Afghan language. And there were lots of other structural problems at
NSA. To understand this, understand that until ten years ago, NSA had
essentially a single mission: track the Soviets. NSA knew about Russian
missiles and submarines. They looked for the missiles, and set up very
advanced equipment that could provide early warning if a Soviet missile
were launched. To illustrate this capability, recall that a few months ago
an Israeli plane was shot down on its way from Israel to Russia. The US
immediately announced that a missile had shot down the plane. The guys who
did the deed denied it initially, but soon it came out that the US was
right. These are your NSA tax dollars at work. That's what we do, but
that's the wrong thing if you are worried about terrorists. Ten years after
the end of the cold war, the NSA still has the wrong technology in the
wrong places.

Technology has shifted under NSA's feet. For example, we could intercept
Russian communications. They used HF, and we had huge antennae that could
catch the stuff as it bounced around the world We had antennas, some called
Elephant Cages, that were a half mile wide, to intercept Russian HF
signals. Unfortunately, no one but the Russians used this.

Another technology used by potential adversaries was satellite. The use of
satellites for phone conversations declined dramatically in the last ten
years as other technologies (cable, fiber) replace satellite which had too
much delay (40,000 miles up and back) and was too expensive. That was too
bad for NSA because satellites are easy to eavesdrop on, fiber is tough.
Actually, NSA can tap fiber (no mean achievement) but the fiber is
underground or under the ocean, making it difficult to get to. Too bad for
NSA.

After the cold war, NSA's budget was cut by a third and targets increased.
There were targets in Africa, in the Balkans, in North Korea. NSA continued
to miss opportunities: NSA completely missed the atomic tests in India. NSA
completely missed the bombing of the Cole. In both cases the US was
surprised.. The bombing of the African embassies was missed. Once you know
the track record, it is no surprise that NSA completely missed Sept. 11.
It's what you'd expect.

Language skills continue as a problem. The US was involved in Haiti, the
NSA had one Creole speaker.

The other "intelligence" agency that might have helped with Sept 11 is the
Central Intelligence Agency (CIA). CIA missed Sept 11 completely too. This
not much of a surprise. CIA itself does not collect much information,
instead CIA specializes in analysis. What intelligence they do gather is
done in a peculiar way. The CIA has "case officers." They are assigned to
embassies around the world, typically as "cultural attaches." Their job is
to enlist spies from the area. They pay the spies to report back to them
periodically and tell them what's going on. This is called "human
intelligence" (humint) in contrast to the material that the NSA gathers.
Unfortunately, humint is very unreliable. You'll read that the "CIA needs
more case officers." For example, this point is made in a recent book on
the CIA by Robert Baer ("See No Evil: The True Story of a Ground Soldier in
the CIA's War on Terrorism"). Bamford disagrees with this message, and in
fact has recently published a review of the Baer book where he pans it.
Bamford gives an example of how crummy humint is: Recently the TV show 60
Minutes had found a guy who knew all about something [can't remember, maybe
about how the terrorists operate]. Before putting him on the air, 60
Minutes wanted to confirm that this source was legit, so they retained
Robert Baer to check him out (Baer had left the CIA). Baer certified him as
a good source. Only later did we learn that everything was made up�the
source just wanted his 15 minutes of fame. As we said, human sources are no
good, and Baer is no better than anyone at detecting the good ones.

A major justification for the CIAs modus operandi is that they can't get
their own people into various organizations. "They're all clan based, you
have to have been born there�., " the CIA argues. Let me ask one question:
how did a Marin county high school student get inside El Qaeda in less than
two years, learning major pieces of intelligence, meeting with OBL, etc.?
CIA couldn't do that?

Questions followed. Q: What about the Internet? A: That's another
technology they missed. OBL used email. OBL did not use encryption of any
sort on any communication. The best breakthrough in the whole intelligence
gathering surrounding Sept 11 was by the New York Times, who spent $1100
for a computer owned by one of the El Qaeda guys. The disk was encrypted,
but by a cheap encryption that the NYT broke easily, to find lots of info
about Al Qaeda plans. Another major failure of the CIA and NSA.

Q: Will NSA try to limit encryption? A: Yes, they'll try to place new
limits on encryption. And Clipper and key escrow will make a comeback. And
lots of other nonsense.

Q: Can we stop surprise attacks? A: No. We cannot avoid these kind of
attacks. We have to somehow explain to people that this is just one of the
hazards of life, like 50,000 Americans dying of colon cancer, or 50,000
Americans dying in car accidents every year. The government cannot bring
itself to say the truth, that terrorism is just one of the risks of life.

Q: What's your relationship with NSA? A: On the day the second book was
published, NSA held a book signing at NSA HQ. I teach a class at NSA. The
Defense Intelligence Agency used my first book as a textbook.

Q: What about the NSC. A: The National Security Council mostly has nothing
to do with NSA. Technically the NSA reports to the head of the NSC, but
besides some basic rules of engagement, there's no link. The difference
between them is remarkable: we've all heard of Condaleeza Rice, but who's
heard of the head of NSA, Gen. Mike Hayden?

Q: What about misinformation? A: It's a big problem. The FBI spy Robert
Hanssen worked closely with the NSA. Everything he knew about NSA's
progress or lack thereof was probably provided to the Russians. Also, the
Russians were provided with the names of all the CIA sources in Russia.
NET: the Russians knew everything we knew. Thus, we have to assume that
everything we got from the Russians or our spies was actually
misinformation. Or not. A "wilderness of mirrors."

Q: How does NSA work? A: Heavy use of polygraphs. Mandatory exams every
five years, plus random use of polygraphs, for every employee. NSA has more
PhDs in mathematics than any other organization in the western world. NSA
has a mental health unit for those who can't deal with the secrecy and
complexities of codes.

Q: Aren't most rules on government secrecy just ways to protect those in
power from looking like fools? A: Yes, pretty much. Best solution to this
is a diligent journalistic force (a free press) but today's press is
actually getting worse. Before Sept. 11 all the coverage was on Gary Condit
and on shark attacks, in spite of the fact that there are fewer shark
attacks every year. Sells papers.

Q: What should we do? A: Put national privacy at the same level as national
security. Support privacy groups.

------------------------ Yahoo! Groups Sponsor ---------------------~-->
Sponsored by VeriSign - The Value of Trust
When building an e-commerce site, you want to start with a
secure foundation. Learn how with VeriSign's FREE Guide.
http://us.click.yahoo.com/oCuuSA/XdiDAA/yigFAA/kgFolB/TM
---------------------------------------------------------------------~->

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
Next message: e.r.: "[iwar] Re: [iwar)Singers started whining, but software makers loose too"
Previous message: Fred Cohen: "[iwar] [fc:Software.Snags.Crooks,.Sneaking.Spouses,.but.Alarms.Privacy.Advocates]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
This archive was generated by hypermail 2.1.2 : 2002-12-31 02:15:03 PST