Black Hat: Alexander defends surveillance programs in keynote

Share this article:
Gen. Alexander presents in front of a packed audience hall at Black Hat 2013 in Las Vegas.
Gen. Alexander presents in front of a packed audience hall at Black Hat 2013 in Las Vegas.

The director of the National Security Agency spent most of his hourlong keynote at the Black Hat conference in Las Vegas justifying the agency's mass surveillance and bulk data collection programs in an attempt to assure the public that its intentions are justified, legal and noble.

The morning address from Gen. Keith Alexander was highly anticipated, both because Alexander, who also runs the U.S. Cyber Command, rarely speaks publicly but mostly because of interest over how the privacy-conscious crowd that attends Black Hat would respond.

Alexander was one year removed from delivering the keynote at DefCon – a talk that focused on encouraging skilled hackers to consider working for the U.S. government – but this year he swapped a T-shirt and jeans for formal military attire as he spoke to the crowd of several thousand.

Alexander was deliberate and equanimous as he spoke, seemingly aware of the growing outrage that has resulted in the wake of NSA leaks by whistleblower Edward Snowden. The general was interrupted several times, mostly by the same person, but remained in control of the talk throughout and seemed to have the support of a large majority of the room.

"Our job is defending this country," he said. "Saving lives.

Throughout, Alexander leaned heavily on the wars in Iraq and Afghanistan, 9/11 and ensuing terrorism investigations to justify the agency's use of an expansive surveillance apparatus that monitors both call information (known as metadata) and online communications and content. He said the programs have helped bust would-be terrorists, including someone plotting to blow up the New York subway system in 2009, though reports have argued this may not be the case.

He specifically addressed Patriot Act Section 215, which authorizes the collection of call records, including the data and time of the call, the number calling and called, duration of the call and the origin of the metadata record –but not the content of the call. Some have found this information being potentially in the hands of the U.S. government to be very troubling. The program is designed, Alexander said, to intercept the communications of suspected terror associates communicating with someone inside the U.S. 

Later, he addressed, FISA Amendments Act Section 702, which enables the so-called Prism program. He defended any technology companies that provide information to NSA under the program: "They are compelled by a court order to comply," Alexander said. And he said its goal is for foreign intelligence, not to target U.S. citizens. 

But Glenn Greenwald, The Guardian journalist who has broken many of the NSA stories, has written: "The decisions about who has [the] emails and telephone calls intercepted by the NSA is made by the NSA itself, not by the FISA court, except where the NSA itself concludes the person is a US citizen and/or the communication is exclusively domestic. But even in such cases, the NSA often ends up intercepting those communications of Americans without individualized warrants, and all of this is left to the discretion of the NSA analysts with no real judicial oversight."

Alexander said the programs have received Congressional support and have retained judicial oversight. He shot back against contentions that the FISA court simply "rubber stamps" requests it receives, saying the court isn't one to be bulldozed, "even from a four-star general." 

Some, however, believe the problem with FISA goes beyond a rubber-stamp mentality. The ACLU and EFF, for example, have filed lawsuits challenging FISA amendments to learn whether the NSA's surveillance efforts are constitutional, but they have so far been rebuffed because FISA rulings are kept in secret.

The Black Hat crowd was largely supportive of Alexander, though there were some disruptions.

"We stand for freedom," Alexander said at one point. "Bullsh*t," an audience member responded. There was some applause, but not nearly as much as when Alexander answered an audience member at the end of his talk, when questioned on the general's allegiance to the U.S. Constitution: "I read the Constitution. You should too," 
Alexander said.

Afterward, noted privacy researcher Moxie Marlinspike, who briefly disrupted the talk by asking Alexander "why he lied to Congress," said he found the largely receptive, if not welcoming, reaction from the crowd to be "disgusting" but predictable.

"A lot of people here work in the defense industry, and that's where they get their paycheck from," Marlinspike told SCMagazine.com. He added that Alexander used the "same talking points" as the government has before to describe the surveillance programs, and the points were meant to justify their existence. There remains many more questions than answers due to the immense secrecy shrouding the NSA's work, Marlinspike said.

Alexander's keynote came hours after The Guardian dropped a new exclusive that the NSA is operating a program known as XKeyscore.

"...XKeyscore provides the technological capability, if not the legal authority, to target even US persons for extensive electronic surveillance without a warrant provided that some identifying information, such as their email or IP address, is known to the analyst," according to the story.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Information sharing requires breaking down barriers, White House cyber guru says

Information sharing requires breaking down barriers, White House ...

The White House has advanced an agenda to promote and facilitate information sharing on security threats and vulnerabilities.

Worm variant of Android ransomware, Koler, spreads via SMS

Worm variant of Android ransomware, Koler, spreads via ...

Upon infection, the Koler variant will send an SMS message to all contacts in the device's address book.

Patch for Windows flaw can be bypassed, prompts temporary fix from Microsoft

Patch for Windows flaw can be bypassed, prompts ...

The Windows zero-day received a patch last week, but the fix can still be bypassed by crafty attackers.