Las Vegas -- The head of the NSA sought the help of security pros at Black Hat to advise on an intelligence-gathering system that collects the same data as recently publicized domestic spying programs but without the same perceived civil-liberties shortcomings.
"The whole reason I came here is to ask you to help us make it better," Gen. Keith Alexander said during his keynote address at the security conference, which is noted for its briefings on how to break into computer systems and networks. He announced an email address firstname.lastname@example.org to which to write suggestions.
BLACK HAT:Top 20 hack-attack tools
Alexander says he wants to lay out the facts about the data-gathering program that includes Prism, the effort that collects information about domestic phone calls and that was revealed by documents leaked by NSA contractor Edward Snowden.
The data gathered does not include phone conversations, SMS messages, names, addresses or the content of emails, he says. It does not include credit card numbers, or locational information, either, he says.
The list of information gathered is: date and time of calls, calling number or IP address, called number or IP address, duration of calls or length of emails and the origin of the metadata information.
Within NSA there are 22 people authorized to approve adding given phone numbers or email accounts to the query database. There are 35 analysts authorized to run queries on the database, he says. In 2012, fewer than 300 phone numbers were approved for queries, he says, and these checks resulted in 12 reports being made to the FBI for further investigation.
Phone numbers and emails are targeted only when they are linked to foreign terrorist suspects and after the traffic information is analyzed it is passed on to the FBI for possible action. The FBI must seek court permission or use national security letters they issue themselves to link the numbers and addresses to individuals and locations, says Alexander.
Congress reviewed four years' worth of the program's records and "found no willful or knowledgeable violations of law or intent of law," he says.
He says NSA has been mischaracterized as snooping into all phone and email traffic and the content of that traffic. "What comes out is we are collecting everything. That is not true," he says. "What you quickly believe is what's written in the press without looking at the facts. I ask that you all look at the facts."
He characterized NSA workers as "noble folks" who are well trained to carry out surveillance in accordance with laws and overseen by courts, Congress, the presidential branch as well as via internal reviews and controls that prevent abuse of the power it has to gather the communications data.
The programs have 100% auditability and are overseen by the NSA inspector general as well as the agency's general counsel.
Providers of phone and internet service who turn over records to the NSA do so compelled by court orders. The FISA court that issues these orders has been wrongly accused of being a rubber stamp, he says. "Going by the wire-brushings I've received [from the FISA justices] they are not a rubber stamp," Alexander says. "No one at the NSA ever went outside the boundaries of what we have been given."
Some critics say the NSA could violate the rules. "Well they could but the fact is that they don't," Alexander says. "An audit would find it and they would be accountable."
There are 54 "terrorist-related activities" that have been stopped due to the program, he says, 13 of them in the U.S.
Alexander says the oversight and compliance that the program undergoes has been glossed over in public discussion of the Snowden leaks.
He says the Prism system and FISA court orders came about after U.S. intelligence failed to spot the 911 terrorists beforehand. It failed to connect the dots between suspected terrorists abroad and one who was actually living in the U.S. and training on flight simulators in preparation for the Sept. 11 hijackings.
More than 6,000 NSA personnel have been deployed to Iraq and Afghanistan to set up intelligence gathering networks, and 20 of them have died doing so, Alexander says.
Alexander was interrupted by an audience member who called out, "Read the Constitution," which drew scattered applause. Alexander's response, "I have. You should, too," drew widespread applause, as did his defense of the domestic spying.
The Snowden leaks have weakened national security by letting adversaries know what tools the U.S. has to fight them. "The damage to our country is significant and irreversible," Alexander says. "Will we have the same success in the next 10 years that we did in the past?" He cited that 42 of 54 cases using Prism blocked terrorist activities. "If they were successfully executed, what would that do to civil liberties?"
Read more about wide area network in Network World's Wide Area Network section.