I dressed up like a rich Yankee. This means simple, tailored, good quality and went to the Jeep dealership and picked out the car I wanted. We came to a price, they asked me if I wanted financing. I said, "Yes". They asked me to fill out an application form. I said that I earned over $100,000 a year and had hundreds of thousands in the bank. Five minutes later I drove out of the lot in my new car. No computers. No phone calls. Simple sweet deal.
I have no idea where I got the guts to do that. I figured there was nothing to loose. If they had checked me out, all I would have had to say was, "I must have been mistaken." I met every payment except one for the next five years. They didn't make a mistake giving me the car and maybe they knew I was full of it the whole time. I don't have a clue.
But, these days with computers and all, anyone can find anything anytime about everyone. This seems to me to take a lot of the fun out of life. I used to love calling the Research Librarian at the Boston Public Library with questions. If I couldn't find the right book for research and the encyclopedia didn't give me enough, I called these genius ladies and they would call back with the info. Yes, it is easier now to whip out my phone and Google something, but it lacks the fun, the mystery and most of all the human connection. Another old lady mourning the past. Sorry.
So, we are all hearing all the time about the NSA with its ability to know everything about everyone. So I looked up the NSA in the wikipedia. From what I have read this is just the tip of the iceberg because in addition to the obscene number of employees mining data, the NSA now uses mercenary companies (Blackwater ilk) in pretty enormous numbers. Scary some of those guys. In any case below is the scoop on the NSA. We might as well know what we are up against and who the research librarians of today are.
The National Security Agency (NSA) is the central producer and manager of signals intelligence for the United States. The NSA operates under the jurisdiction of the Department of Defense, and reports to the Director of National Intelligence.
Estimated to be one of the largest U.S. intelligence agencies in terms of personnel and budget, the NSA is primarily tasked with collecting and analyzing information and data of foreign intelligence and counterintelligence value, including through clandestine means.[5] The agency is also responsible for the protection of U.S. government communications and information systems,[6] which involves information security, cryptanalysis and cryptography. Due to the organization's secrecy, NSA is at times explained to stand for "No Such Agency" or "Never Say Anything".[7]
While the CIA serves as the national coordinator for human intelligence (HUMINT), the NSA is tasked with coordination and deconfliction of national SIGINT missions across the intelligence community, with all other government establishments being prevented by law from engaging in such activities without the approval of the Defense Secretary following consultations with the NSA.[8][broken citation] As part of these streamlining responsibilities, the agency has a co-located organization called the Central Security Service, which was created to facilitate cooperation between NSA and other U.S. military cryptanalysis components. The NSA Director, who is at least a lieutenant general or vice admiral, also serves as the Commander of the United States Cyber Command and Chief of the Central Security Service.
In December 1951, President Harry S. Truman ordered a study to correct AFSA's failures. Six months later, the four members finished and issued the Brownell Report, which criticized AFSA, strengthened it and resulted in its redesignation as the National Security Agency.[10] The agency was formally established by Truman in a memorandum of October 24, 1952, that revised National Security Council Intelligence Directive (NSCID) 9.[11] Truman's memo was later declassified.[11]
Insignia
When the NSA was created, the agency had no emblem and used that of the Department of Defense.[13] The agency adopted its first of two emblems in 1963.[13] The current NSA insignia has been in use since 1965, when then-Director, LTG Marshall S. Carter (USA) ordered the creation of a device to represent the agency.[14]
Memorials
The National Security Agency/Central Security Service Cryptologic Memorial honors and remembers the fallen personnel, both military and civilian, of these intelligence missions.[16] It is made of black granite, and has 171 names (as of 2013) carved into it.[16] It is located at NSA headquarters. A tradition of declassifying the stories of the fallen was begun in 2001.[16]
In 1999, NSA founded the NSA Hall of Honor, a memorial at the National Cryptologic Museum in Fort Meade, Maryland.[17] The memorial is a "tribute to the pioneers and heroes who have made significant and long-lasting contributions to American cryptology".[17] NSA employees must be retired for more than fifteen years to qualify for the memorial.[17]
Facilities
Headquarters
Headquarters for the National Security Agency is set apart from but is technically inside Fort George G. Meade, Maryland. Ft. Meade is about 20 mi (32 km) southwest of Baltimore,[18] and 25 mi (40 km) northeast of Washington, DC.[19] The NSA has its own exit off Maryland Route 295 South labeled "NSA Employees Only".[20][21] The exit may only be used by people with the proper clearances, and security vehicles parked along the road guard the entrance.[22] NSA is the largest employer in the U.S. state of Maryland, and two-thirds of its personnel work at Ft. Meade.[23] Built on 350 acres (140 ha; 0.55 sq mi)[24] of Ft. Meade's 5,000 acres (2,000 ha; 7.8 sq mi),[25] the site has 1,300 buildings and an estimated 18,000 parking spaces.[26][19]
The employees at the NSA headquarters reside in various places in the Baltimore-Washington area, including Annapolis, Baltimore, and Columbia in Maryland and the District of Columbia, including the Georgetown community.[35]
History of headquarters
Construction of additional buildings began after the agency occupied buildings at Ft. Meade in the late 1950s, which they soon outgrew.[38] In 1963 the new headquarters building, nine stories tall, opened. NSA workers referred to the building as the "Headquarters Building" and since the NSA management occupied the top floor, workers used "Ninth Floor" to refer to their leaders.[39] COMSEC remained in Washington, D.C., until its new building was completed in 1968.[38] In September 1986, the Operations 2A and 2B buildings, both copper-shielded to prevent eavesdropping, opened with a dedication by President Ronald Reagan.[40] The four NSA buildings became known as the "Big Four."[40] The NSA director moved to 2B when it opened.[40]
Planned headquarters expansion
NSA had a groundbreaking ceremony at Ft. Meade in May 2013 for its High Performance Computing Center 2, expected to open in 2016.[41] Called Site M, the center has a 150 megawatt power substation, 14 administrative buildings and 10 parking garages.[32] It cost $3.2 billion and covers 227 acres (92 ha; 0.355 sq mi).[32] The center is 1,800,000 square feet (17 ha; 0.065 sq mi)[32] and initially uses 60 megawatts of electricity.[42]Stretching 16 years into the future, increments 2 and 3 would quadruple the space, covering 5,800,000 square feet (54 ha; 0.21 sq mi) with 60 buildings and 40 parking garages.[32]
International stations
Following the signing in 1946–1956[44] of the UKUSA Agreement between the United States, United Kingdom, Canada, Australia and New Zealand, who then cooperated on signals intelligence and Echelon,[45] NSA stations were built at GCHQ Bude in Morwenstow, United Kingdom; Geraldton, Pine Gap and Shoal Bay, Australia; Leitrim and Ottawa, Canada; Misawa, Japan; and Waihopai and Tangimoana,[46] New Zealand.[47]NSA operates RAF Menwith Hill in North Yorkshire, United Kingdom, which was, according to BBC News in 2007, the largest electronic monitoring station in the world.[48] Planned in 1954, and opened in 1960, the base covered 562 acres (227 ha; 0.878 sq mi) as of 1999.[49]
In 2013, a new Consolidated Intelligence Center, also to be used by NSA, is being built at the headquarters of the United States Army Europe in Weisbaden, Germany.[50] NSA's partnership with Bundesnachrichtendienst (BND), the German foreign intelligence service, was confirmed by BND president Gerhard Schindler.[50]
Other U.S. facilities
NSA had facilities at Friendship Annex (FANX) in Linthicum, Maryland, which is a 20 to 25-minute drive from Ft. Meade;[52] the Aerospace Data Facility at Buckley Air Force Base in Aurora outside Denver, Colorado; NSA Texas in the Texas Cryptology Center at Lackland Air Force Base in San Antonio, Texas; NSA Georgia at Fort Gordon in Augusta, Georgia; NSA Hawaii in Honolulu, the Multiprogram Research Facility in Oak Ridge, Tennessee, and elsewhere.[35][51]
On January 6, 2011 a groundbreaking ceremony was held to begin construction on NSA's first Comprehensive National Cyber-security Initiative (CNCI) Data Center, known as the "Utah Data Center" for short. The billion data center is being built at Camp Williams, Utah, located 25 miles (40 km) miles south of Salt Lake City. The data center will help support the agency's National Cyber-security Initiative.[53] It is expected to be operational by September 2013.[51]
In 2009, to protect its assets and to access more electricity, NSA sought to decentralize and expand its existing facilities in Ft. Meade and Menwith Hill,[54] the latter expansion expected to be completed by 2015.[43]
The Yakima Herald-Republic cited Bamford, saying that many of NSA's bases for its Echelon program were a legacy system, using outdated, 1990s technology.[55] In 2004, NSA closed its operations at Bad Aibling Station (Field Station 81) in Bad Aibling, Germany.[56] In 2012, NSA began to move some of its operations at Yakima Research Station, Yakima Training Center, in Washington state to Colorado, planning to leave Yakima closed.[57] As of 2013, NSA also intended to close operations at Sugar Grove, West Virginia.[55]
Employees
The number of NSA employees is officially classified,[58] but in 2012, the NSA said more than 30,000 employees work at Ft. Meade and other facilities.[1] In 2012 John C. Inglis, the deputy director, said that the total number of NSA employees is "somewhere between 37,000 and one billion" as a joke.[58] In 2013 Der Spiegel stated that the NSA had 40,000 employees.[59] In 2012 Inglis stated that the agency is "probably the biggest employer of introverts."[58] More widely, it has been described as the world's largest single employer of mathematicians.[60] It is the owner of the single largest group of supercomputers.[61]Polygraphing
In 2010 the NSA produced a video explaining its polygraph process.[66] The video, ten minutes long, is titled "The Truth About the Polygraph" and was posted to the website of the Defense Security Service. Jeff Stein of the Washington Post said that the video portrays "various applicants, or actors playing them -- it’s not clear -- describing everything bad they had heard about the test, the implication being that none of it is true."[67] AntiPolygraph.org argues that the NSA-produced video omits some information about the polygraph process; it produced a video responding to the NSA video.[66] George Maschke, the founder of the website, accused the NSA polygraph video of being "Orwellian".[67]
Operations
Mission
NSA's eavesdropping mission includes radio broadcasting, both from various organizations and individuals, the Internet, telephone calls, and other intercepted forms of communication. Its secure communications mission includes military, diplomatic, and all other sensitive, confidential or secret government communications.[68]According to the Washington Post, "[e]very day, collection systems at the National Security Agency intercept and store 1.7 billion e-mails, phone calls and other types of communications. The NSA sorts a fraction of those into 70 separate databases."[69]
Because of its listening task, NSA/CSS has been heavily involved in cryptanalytic research, continuing the work of predecessor agencies which had broken many World War II codes and ciphers (see, for instance, Purple, Venona project, and JN-25).
In 2004, NSA Central Security Service and the National Cyber Security Division of the Department of Homeland Security (DHS) agreed to expand NSA Centers of Academic Excellence in Information Assurance Education Program.[70]
As part of the National Security Presidential Directive 54/Homeland Security Presidential Directive 23 (NSPD 54), signed on January 8, 2008 by President Bush, the NSA became the lead agency to monitor and protect all of the federal government's computer networks from cyber-terrorism.[6]
Power consumption
Baltimore Gas & Electric (BGE, now Constellation Energy) provided NSA with 65 to 75 megawatts at Ft. Meade in 2007, and expected that an increase of 10 to 15 megawatts would be needed later that year.[72] In 2011, NSA at Ft. Meade was Maryland's largest consumer of power.[23] In 2007, as BGE's largest customer, NSA bought as much electricity as Annapolis, the capital city of Maryland.[71]
One estimate put the potential for power consumption by the new Utah Data Center at $40 million per year.[51]
Echelon
Main article: ECHELON
Echelon was created in the incubator of the Cold War.[73] Today it is a legacy system, and several NSA stations are closing.[55]NSA/CSS, in combination with the equivalent agencies in the United Kingdom (Government Communications Headquarters), Canada (Communications Security Establishment), Australia (Defence Signals Directorate), and New Zealand (Government Communications Security Bureau), otherwise known as the UKUSA group,[74] was reported to be in command of the operation of the so-called Echelon system. Its capabilities were suspected to include the ability to monitor a large proportion of the world's transmitted civilian telephone, fax and data traffic.[75]
During the early 1970s, the first of what became more than eight large satellite communications dishes were installed at Menwith Hill.[76] Investigative journalist Duncan Campbell reported in 1988 on the Echelon surveillance program, an extension of the UKUSA Agreement on global signals intelligence Sigint, and detailed how the eavesdropping operations worked.[77] In November 3, 1999 the BBC reported that they had confirmation from the Australian Government of the existence of a powerful "global spying network" codenamed Echelon, that could "eavesdrop on every single phone call, fax or e-mail, anywhere on the planet" with Britain and the United States as the chief protagonists. They confirmed that Menwith Hill was "linked directly to the headquarters of the US National Security Agency (NSA) at Fort Meade in Maryland".[78]
NSA's United States Signals Intelligence Directive 18 (USSID 18) strictly prohibited the interception or collection of information about "... U.S. persons, entities, corporations or organizations...." without explicit written legal permission from the United States Attorney General when the subject is located abroad, or the Foreign Intelligence Surveillance Court when within U.S. borders. Alleged Echelon-related activities, including its use for motives other than its national security, including political and industrial espionage, received criticism from countries outside the UKUSA alliance.[79][80]
Data mining
Main articles: PRISM (surveillance program), Data mining, analytics, information extraction, and data analysis
NSA is reported to use its computing capability to analyze
"transactional" data that it regularly acquires from other government
agencies, which gather it under their own jurisdictional authorities. As
part of this effort, NSA now monitors huge volumes of records of
domestic emails and Internet searches as well as bank transfers,
credit-card transactions and travel and telephone records, according to
current and former intelligence officials interviewed by The Wall Street Journal.[81]The NSA began the PRISM electronic surveillance and data mining program in 2007.[82][83] PRISM gathers communications data on foreign targets from nine major U.S. internet-based communication service providers: Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube and Apple. Data gathered include email, video and voice chat, videos, photos, voice-over-IP chats such as Skype, and file transfers. Another program, Boundless Informant, employs big data databases, cloud computing technology, and Free and Open Source Software (FOSS) to analyze data collected worldwide by the NSA, including that gathered by way of the PRISM program.[84][citation needed]
The Real Time Regional Gateway was a data collection program introduced in 2005 in Iraq by NSA during the Iraq War. It consisted of gathering all Iraqi electronic communication, storing it, then searching and otherwise analyzing it. It was effective in providing information about Iraqi insurgents who had eluded less comprehensive techniques.[85] Glenn Greenwald of The Guardian believes that the "collect it all" strategy introduced by NSA director Alexander shows that "the NSA's goal is to collect, monitor and store every telephone and internet communication" worldwide.[86]
Office of Tailored Access Operations (TAO)
In May 2013, it was revealed that the NSA runs a secretive unit called Tailored Access Operations (TAO) which hacks into foreign computers to conduct cyber-espionage. According to a Bloomberg BusinessWeek article titled How the U.S. Government Hacks the World, Pentagon hackers within the NSA harvest nearly 2.1 million gigabytes of stolen data every hour. That is the equivalent of hundreds of millions of pages of text. For years, the NSA did not acknowledge the unit's existence, but a Pentagon official confirmed the unit conducts what it calls "computer network exploitation."Two-man rule
As of 2013 about 1,000 system administrators work for the NSA.[87] Edward Snowden's leaking of PRISM in 2013 caused the NSA to institute a "two-man rule" where two system administrators are required to be present when one accesses certain sensitive information.[87]Domestic activity
| National Security Agency surveillance |
|---|
Map of global NSA data collection
|
NSA's domestic surveillance activities are limited by the requirements imposed by the Fourth Amendment to the U.S. Constitution; however, these protections do not apply to non-U.S. persons located outside of U.S. borders, so the NSA's foreign surveillance efforts are subject to far fewer limitations under U.S. law.[88] The specific requirements for domestic surveillance operations are contained in the Foreign Intelligence Surveillance Act of 1978 (FISA), which does not extend protection to non-U.S. citizens located outside of U.S. territory.[88]
These activities, especially the publicly acknowledged domestic telephone tapping and call database programs, have prompted questions about the extent of the NSA's activities and concerns about threats to privacy and the rule of law.[citation needed]
Criticism
The NSA received criticism early on in 1960 after two agents had defected to the Soviet Union. Investigations by the House Un-American Activities Committee and a special subcommittee of the House Armed Services Committee revealed severe cases of ignorance in personnel security regulations, prompting the former personnel director and the director of security to step down and leading to the adoption of stricter security practices.[89] Nonetheless, security breaches reoccurred only a year later when in an issue of Izvestia of July 23, 1963, a former NSA employee published several cryptologic secrets. The very same day, an NSA clerk-messenger committed suicide as ongoing investigations disclosed that he had sold secret information to the Soviets on a regular basis. The reluctance of Congressional houses to look into these affairs had prompted a journalist to write "If a similar series of tragic blunders occurred in any ordinary agency of Government an aroused public would insist that those responsible be officially censured, demoted, or fired." David Kahn criticized the NSA's tactics of concealing its doings as smug and the Congress' blind faith in the agency's right-doing as shortsighted, and pointed out the necessity of surveillance by the Congress to prevent abuse of power.[89]The number of exemptions from legal requirements has also been criticized. When in 1964 the Congress was hearing a bill giving the director of the NSA the power to fire at will any employee, the Washington Post wrote: "This is the very definition of arbitrariness. It means that an employee could be discharged and disgraced on the basis of anonymous allegations without the slightest opportunity to defend himself." Yet, the bill was accepted with overwhelming majority.[89]
Domestic wiretapping under Richard Nixon
Further information: Church Committee
In the years after President Richard Nixon resigned, there were several investigations of suspected misuse of Federal Bureau of Investigation (FBI), Central Intelligence Agency (CIA), and NSA facilities.[90] Senator Frank Church headed a Senate investigating committee (the Church Committee) which uncovered previously unknown activity,[90] such as a CIA plot (ordered by the administration of President John F. Kennedy) to assassinate Fidel Castro.[91] The investigation also uncovered NSA's wiretaps on targeted American citizens.[92] After the Church Committee hearings, the Foreign Intelligence Surveillance Act of 1978 became law, limiting circumstances under which domestic surveillance was allowed.[90]IT projects: ThinThread, Trailblazer, Turbulence
NSA created new IT systems to deal with the flood of information from new technologies like the internet and cellphones.ThinThread contained advanced data mining capabilities. It also had a 'privacy mechanism'; surveillance was stored encrypted; decryption required a warrant. The research done under this program may have contributed to the technology used in later systems. Thinthread was cancelled when Michael Hayden chose Trailblazer, which did not include Thinthread's privacy system.[93]
Trailblazer Project ramped up circa 2000. SAIC, Boeing, CSC, IBM, and Litton worked on it. Some NSA whistleblowers complained internally about major problems surrounding Trailblazer. This led to investigations by Congress and the NSA and DoD Inspectors General. The project was cancelled circa 2003-4; it was late, overbudget, and didn't do what it was supposed to do. The Baltimore Sun ran articles about this in 2006–07. The government then raided the whistleblower's houses. One of them, Thomas Drake, was charged with in 2010 in an unusual use of espionage law. He and his defenders claim that he was actually being persecuted for challenging the Trailblazer Project. In 2011, all 10 original charges against Drake were dropped.[94][95]
Turbulence started circa 2005. It was developed in small, inexpensive 'test' pieces rather than one grand plan like Trailblazer. It also included offensive cyber-warfare capabilities, like injecting malware into remote computers. Congress criticized Turbulence in 2007 for having similar bureaucratic problems as Trailblazer.[95] It was to be a realization of information processing at higher speeds in cyberspace.[96]
Warrantless wiretaps under George W. Bush
Main article: NSA warrantless surveillance controversy
On December 16, 2005, the New York Times reported that, under White House pressure and with an executive order from President George W. Bush,
the National Security Agency, in an attempt to thwart terrorism, had
been tapping phone calls made to persons outside the country, without
obtaining warrants from the United States Foreign Intelligence Surveillance Court, a secret court created for that purpose under the Foreign Intelligence Surveillance Act (FISA).[97]One such surveillance program, authorized by the U.S. Signals Intelligence Directive 18 of President George Bush, was the Highlander Project undertaken for the National Security Agency by the U.S. Army 513th Military Intelligence Brigade. NSA relayed telephone (including cell phone) conversations obtained from both ground, airborne, and satellite monitoring stations to various U.S. Army Signal Intelligence Officers, including the 201st Military Intelligence Battalion. Conversations of citizens of the U.S. were intercepted, along with those of other nations.[98]
Proponents of the surveillance program claim that the President has executive authority to order such action, arguing that laws such as FISA are overridden by the President's Constitutional powers. In addition, some argued that FISA was implicitly overridden by a subsequent statute, the Authorization for Use of Military Force, although the Supreme Court's ruling in Hamdan v. Rumsfeld deprecates this view. In the August 2006 case ACLU v. NSA, U.S. District Court Judge Anna Diggs Taylor concluded that NSA's warrantless surveillance program was both illegal and unconstitutional. On July 6, 2007 the 6th Circuit Court of Appeals vacated the decision on the grounds that the ACLU lacked standing to bring the suit.[99]
On January 17, 2006, the Center for Constitutional Rights filed a lawsuit, CCR v. Bush, against the George W. Bush Presidency. The lawsuit challenged the National Security Agency's (NSA's) surveillance of people within the U.S., including the interception of CCR emails without securing a warrant first.[100][101]
In September 2008, the Electronic Frontier Foundation (EFF) filed a class action lawsuit against the NSA and several high-ranking officials of the Bush administration,[102] charging an "illegal and unconstitutional program of dragnet communications surveillance,"[103] based on documentation provided by former AT&T technician Mark Klein.[104]
AT&T Internet monitoring
Further information: Hepting v. AT&T, Jewel v. NSA, Mark Klein, NSA warrantless surveillance controversy
In May 2006, Mark Klein, a former AT&T employee, alleged that his company had cooperated with NSA in installing Narus (company) hardware to replace the FBI Carnivore program, to monitor network communications including traffic between American citizens.[105]Wiretapping under Barack Obama
In 2009 the NSA intercepted the communications of American citizens, including a Congressman, although the Justice Department believed that the NSA had corrected its errors.[106] United States Attorney General Eric Holder resumed the wiretapping according to his understanding of the Foreign Intelligence Surveillance Act amendment of 2008, without explaining what had occurred.[107]On April 25, 2013, the NSA obtained a court order requiring Verizon's Business Network Services to provide information on all calls in its system to the NSA "on an ongoing daily basis", as reported by The Guardian on June 6, 2013.[108][109]
Role in scientific research and development
NSA has been involved in debates about public policy, both indirectly as a behind-the-scenes adviser to other departments, and directly during and after Vice Admiral Bobby Ray Inman's directorship. NSA was a major player in the debates of the 1990s regarding the export of cryptography. Restrictions on export were reduced but not eliminated in 1996.Its secure government communications work has involved the NSA in numerous technology areas, including the design of specialized communications hardware and software, production of dedicated semiconductors (at the Ft. Meade chip fabrication plant), and advanced cryptography research. For 50 years, NSA designed and built most of its computer equipment in house, but from the 1990s until about 2003 when U.S. Congress curtailed the practice, the agency contracted with the private sector in the fields of research and equipment.[110]
Data Encryption Standard
Main article: Data Encryption Standard
Clipper chip
Main article: Clipper chip
Because of concerns that widespread use of strong cryptography would hamper government use of wiretaps, NSA proposed the concept of key escrow
in 1993 and introduced the Clipper chip that would offer stronger
protection than DES but would allow access to encrypted data by
authorized law enforcement officials.[114] The proposal was strongly opposed and key escrow requirements ultimately went nowhere.[115] However, NSA's Fortezza
hardware-based encryption cards, created for the Clipper project, are
still used within government, and NSA ultimately declassified and
published the design of the Skipjack cipher used on the cards.[116][117]Advanced Encryption Standard
Main article: Advanced Encryption Standard
The involvement of NSA in the selection of a successor to DES, the
Advanced Encryption Standard (AES), was limited to hardware performance
testing (see AES competition).[118]
NSA has subsequently certified AES for protection of classified
information (for at most two levels, e.g. SECRET information in an
unclassified environment) when used in NSA-approved systems.[119]SHA
The widely used SHA-1 and SHA-2 hash functions were designed by NSA. SHA-1 is a slight modification of the weaker SHA-0 algorithm, also designed by NSA in 1993. This small modification was suggested by NSA two years later, with no justification other than the fact that it provides additional security. An attack for SHA-0 that does not apply to the revised algorithm was indeed found between 1998 and 2005 by academic cryptographers. Because of weaknesses and key length restrictions in SHA-1, NIST deprecates its use for digital signatures, and approves only the newer SHA-2 algorithms for such applications from 2013 on.[120]A new hash standard, SHA-3, has recently been selected through the competition concluded October 2, 2012 with the selection of Keccak as the algorithm. The process to select SHA-3 was similar to the one held in choosing the AES, which concluded in 2001.
Dual EC DRBG random number generator
Main article: Dual EC DRBG
NSA promoted the inclusion of a random number generator called Dual EC DRBG in the U.S. National Institute of Standards and Technology's 2007 guidelines. This led to speculation of a backdoor which would allow NSA access to data encrypted by systems using that random number generator.[121]Academic research
NSA has invested many millions of dollars in academic research under grant code prefix MDA904, resulting in over 3,000 papers (as of 2007-10-11). NSA/CSS has, at times, attempted to restrict the publication of academic research into cryptography; for example, the Khufu and Khafre block ciphers were voluntarily withheld in response to an NSA request to do so. In response to a FOIA lawsuit, in 2013 the NSA released the 643-page research paper titled, "Untangling the Web: A Guide to Internet Research,[122] " written and compiled by NSA employees to assist other NSA workers in searching for information of interest to the agency on the public Internet.[123]Patents
NSA has the ability to file for a patent from the U.S. Patent and Trademark Office under gag order. Unlike normal patents, these are not revealed to the public and do not expire. However, if the Patent Office receives an application for an identical patent from a third party, they will reveal NSA's patent and officially grant it to NSA for the full term on that date.[124]One of NSA's published patents describes a method of geographically locating an individual computer site in an Internet-like network, based on the latency of multiple network connections.[125] Although no public patent exists, NSA is reported to have used a similar locating technology called trilateralization that allows real-time tracking of an individual’s location, including altitude from ground level, using data obtained from cellphone towers.[126]
NSANet
NSANet is the official National Security Agency intranet.[127] It is a classified internal network,[128] and TS/SCI.[129] In 2004 it was reported to have used over twenty commercial off-the-shelf operating systems.[130] Some universities that do highly sensitive research are allowed to connect to it.[131] In 1998 it, along with NIPRNET and SIPRNET, had "significant problems with poor search capabilities, unorganized data and old information".[132]National Computer Security Center
The DoD Computer Security Center was founded in 1981 and renamed the National Computer Security Center (NCSC) in 1985. NCSC was responsible for computer security throughout the federal government.[133] NCSC was part of NSA,[134] and during the late 1980s and the 1990s, NSA and NCSC published Trusted Computer System Evaluation Criteria in a six-foot high Rainbow Series of books that detailed trusted computing and network platform specifications.[135] The Rainbow books were replaced by the Common Criteria, however, in the early 2000s.[135]On 25th July 2013 Template:This day has not happened yet, The Guardian newspaper's Glen Greenwald alleged that the infamous American whistleblower Edward Snowden held the blueprints of the National Computer Security Center, thereby sparking fresh controversy. [136]
No comments:
Post a Comment