Tag Archives: NSA

What Bezos got when he bought the Washington Post

Posted on by
Reply

What Bezos got when he bought the Washington Post

The new purchaser of the Washington Post, Jeffrey Bezos of Amazon, has stated publicly that when he takes the Post private the newspaper will be a stand-alone business, separate from the company of which Bezos is CEO. Bezos has also assured Post employees that he is committed to quality journalism, even suggesting a new golden era at the Post. There is no reason to doubt the statements, but independence from Amazon is hardly the sole concern raised by this remarkable purchase.

Bezos

Consider the concerns raised by the equally remarkable material leaked by former NSA employee and Booz Allen Hamilton contractor Edward Snowden. While Snowden may not have carried “four laptops” laden with documents, as first reported, he left Booz Allen loaded with information, and what he turned over to the Washington Post, the Post now owns.

 

Snowden

Not that you can accuse the Post of bragging about it. The exact extent of material provided by Snowden to the Post has not been fully reported. The material may not even be catalogued, although there have been hints in print that it is secure.

Still, according to the Post’s own reporting, the NSA material includes information on the U.S. intelligence budget; extrajudicial killings in Pakistan; CIA investigation of applicants seeking jobs in the U.S. intelligence community; an estimated 4,000 recent NSA internal probes of staff activity; information about the investigation of the 2009 Detroit ‘underwear bomber’; “231 offensive cyber-operations” by U.S. intelligence in 2011; the GENIE program, where “U.S. computer specialists break into foreign networks so they can be put under surreptitious U.S. control”; major expansion of the CIA’s Information Operations Center (IOC); information on NSA bulk collection of hundreds of millions of Americans’ phone records under a program started in 2006; construction and expansion of NSA data storage facilities in Ft. Meade and Utah; the official “178-page budget summary for the National Intelligence Program,” which “details the successes, failures and objectives” of the intelligence community with its (reported) “107,035 employees”; and “cutting-edge technologies, agent recruiting and ongoing operations.” This in just a quick overview, with presumably more revelations to come.

And all of this invaluable material will now be owned by one man, Jeffrey Bezos. Or looking at it another way, the trove of material will no longer be owned by Post Company shareholders including the Graham family, and will be owned instead by the private company Bezos sets up, whose management will have corporate authority to call the shots on the foregoing. In short, Mr. Bezos now owns documents concerning NSA metadata.

 

Amazon book sales

Not to be accused of being anti-business, and in the interest of full disclosure, I should clarify that I am an Amazon customer myself. I am generally a fan of delivery in commerce, saving time, travel, traffic and the nation’s energy resources–UPS, eBay, Amazon, FedEx, etc. As such, I deplore Texas Governor Rick Perry’s slapping an 8.25 percent sales tax on online sales to Texas customers. So much for that anti-tax, anti-Big Brother, pro-‘growth’ Red State policy we hear so much about. EBay sellers have to stick on an extra eight-and-a-quarter-per-cent for customers in Texas.

Amazon’s service has been generally okay, if nothing to write home (to Texas) about. Amazon makes millions from selling books, and the process seems to be getting smoother. However, the company has been no help whatsoever for individual authors trying to track the sales of their books, when publishers fail to pay royalties owed under contract to their authors. Perhaps that will improve over time, but I have found what a company does in one direction to be a pretty accurate gauge of its quality in another. It is a reasonable working hypothesis, for example, that federal contractor Booz Allen’s faulty vetting of Snowden was not the company’s only lapse.* (For what it’s worth, Amazon Web Services partners with Booz Allen on ‘data science’ and ‘cloud infrastructure’, and Booz Allen has rolled out a cloud computing service using Amazon SQS elements.)

Speaking of intellectual property, Bezos is now also the proud owner of information about data encrypting by competitors Apple, Facebook, Google, Hotmail, Microsoft, and Yahoo. In other words, the CEO of Amazon now owns a trove of NSA information about Amazon’s top competitors.

The Washington Post is not Amazon, of course. But it is ironic that Bezos’ Amazon cut off services for Wikileaks in 2010 after Wikileaks’ famous document dump, mostly from recent years, and now Amazon’s CEO owns copious information on “data from American technology companies, including Google,” collected by PRISM. The Post reported September 6 that the NSA “has made great strides in foiling encryption techniques used to protect Internet communications, and has established back doors to some companies’ encryption software,” according to Snowden documents.

Encryption, NSA bring the world together

By the way, we now also know via Snowden and the Post that under the Corporate Partner Access Project, NSA has paid “hundreds of millions of dollars a year to U.S. companies for clandestine access to their communications networks.” Not all of the companies compensated are Amazon competitors, although some are. Presumably Amazon was not among those compensated.

One final note. It is intriguing that the above story has been so little reported, i.e. not at all. No one pointed out the Snowden acquisition when Bezos purchased the Washington Post. No one has pointed it out since, either, until this writing. Arguably the two biggest names in the Post’s orbit this year were, one, Snowden, and two, Bezos, and until now, no one has connected the two.

 

This lacuna may be the power of narrative–the arc of the story dominates its content. Two flamboyant stories, one about Snowden and the NSA, and the other about the sale of the Washington Post to the CEO of Amazon, have been completely two different and separate stories.

The stories were separate for me also, as a reader; reading about them separately, I was slow putting them together, although presumably the lawyers doing due diligence for the sale took them into account. Exact dates for the chronology of the newspaper sale have not been reported. Edward Snowden’s first releases came the first week of June; the Post went quietly on the market, or put out feelers, reportedly early this year. I for one cannot help wondering whether Snowden would have given his information to the Post if he had known the newspaper was going to be sold. He was not in a position to hire due diligence attorneys.

*We now know that the same contractor who vetted Snowden, USIS, also vetted Washington Navy Yard shooter Aaron Alexis.

 

BOOZ ALLEN ETC and the Washington Post

Posted on by
3

BOOZ ALLEN ETC and the Washington Post

 

The Washington Post has extensively covered Edward Snowden, the 29-year-old hacker hired by prime contractor Booz Allen Hamilton to work for the National Security Agency, who was given global access to online information that he then leaked. One question still unanswered, however, is how much material if any Snowden gave to the Post itself. Follow-up: what if anything does the Post have from Snowden, or from the NSA?

 

Future plans

According to the Guardian interview with Snowden, in the extensive June 9 article revealing Snowden’s identity, he had “copied the last set of documents he intended to disclose” three weeks earlier. Snowden then packed and boarded a plane for Hong Kong.

Questions for the press: Where are those documents? What is in them?

Snowden, as quoted in the Guardian interview, distinguishes himself from Daniel Ellsworth and Bradley Manning thus:

“”I carefully evaluated every single document I disclosed to ensure that each was legitimately in the public interest,” he said. “There are all sorts of documents that would have made a big impact that I didn’t turn over, because harming people isn’t my goal. Transparency is.””

The quoted statement comes in a long article written mostly in third-person paraphrase. Along with the previous question–what is on the documents Snowden turned over to the press?–it raises another. What is on the documents he has not disclosed?

 

Former Booz Allen executive and now DNI, testifying

Among the items of information paraphrased third person:

  • Snowden broke both his legs training in the U.S. Army Special Forces, at some time between 2003 and 2007
  • he then got his first NSA job, as a security guard in a covert NSA facility at the University of Maryland
  • “From there, he went to the CIA, where he worked on IT security.”
  • he rose quickly in the CIA because of his computer skills, without a high school diploma
  • “By 2007,” the CIA stationed him in Geneva, “with diplomatic cover”
  • in 2009 he went to work for a private contractor for NSA, on a military base in Japan

Edifice wrecks

It would be good to know the exact date on which Snowden began working for Booz Allen Hamilton. The company’s publicly released statement and news reports put it at about three months before Snowden leaked the NSA material–the company says “less than three months.” That would be early March, 2013. The Guardian’s first exclusive, based on contacts with Snowden, appeared June 5. In an online chat, Snowden subsequently said he had taken the Booz Allen job for the purpose of collecting proof of NSA surveillance activities.

“”My position with Booz Allen Hamilton granted me access to lists of machines all over the world the NSA hacked,” he told the [South China] Post on June 12. “That is why I accepted that position about three months ago.”

The surveillance license was approved on April 25. In other reports, The Guardian’s Glenn Greenwald and documentary film maker Laura Poitras began working with Snowden back in February 2013.

 

Poitras

Questions about the documents and other NSA material are by no means the only questions. They are just the biggest, the weirdest, and the most immediate elephant-in-the-room. What if anything is the Post sitting on? As a Washington Post subscriber and faithful reader, I would like to be alerted beforehand, if my paper plans to run a series based on primary sources from inside the NSA. I would think Post reporters not in the loop would be curious themselves. Where if anywhere is the Post housing these materials, if any? Who is responsible for them, if anyone? Are there backup copies, and if so, where? According to The Hindu, Snowden left carrying “four laptop computers.”

 

Further questions, as mentioned, are not as big–less global–but still intriguing. Here are a few, categorized for convenience into first, the question of particular fact, and second, the broader questions stemming from the fact.

Fact question one:

As we know, Reuters reported days ago that Booz Allen hired Snowden despite “discrepancies” on his resume. What were the discrepancies?

Broader question/s one:

Why is it not policy to deny a security clearance to any job applicant, anyone without exception, whose resume or job application contains “discrepancies”?  Has acceptance of middle-class, white-collar lying on the job gotten so broad that anything goes, even in high-level clearance work? Have four-plus years of relentless press trashing the national economy taken such a toll that no (white-collar) job can be denied or removed, even justifiably?

 

Fact question two:

Aside from the Booz Allen job, how long, exactly, had Snowden been working for or on NSA facilities? Snowden told the Guardian four years; NSA Director Keith Alexander testified to Congress that Snowden had held a position at the NSA for twelve months.

Broader question/s two:

Are there any safeguards in place [YES, FUNNY WAY TO START A QUESTION], so that red flags go up when a subcontractor jumps from job to job, especially in high-level clearance positions? Have the broader attacks on 1) company pensions and 2) “government jobs” taken such a toll nationally that job-jumping is now assumed to be a resume brightener, even in high-level clearance positions?

 

Fact question three:

How, exactly, did Snowden get his series of NSA jobs? Did he apply through regular channels? Was it through someone he knew? We already know that he was ‘vetted’ for Booz Allen by USIS. Who recommended him? Who if anyone were his references, for a string of six-figure high-level security jobs?

Broader question/s three:

Is there such a thing as ‘regular channels’ when you apply for a job as a security contractor for the NSA? Are there any protocols in place [YES, YES, I KNOW; FUNNY WAY TO BEGIN A QUESTION] applied uniformly to every applicant? Or are the hoops just something to be sidestepped, rather than jumped through, for someone who knows someone?

 

As both a U.S. citizen and a journalist, I am eager not to jump to conclusions. We have an ethical obligation to use our judgment to the best of our ability. I cannot see Snowden as either a ‘hero’ or a ‘traitor.’ I have no desire to see him hounded into prison or chased around the globe, let alone worse. There is far too much passive complicity at multiple levels in the quasi-private, excessively outsourced, limply ‘privatized’ intelligence-security realm that hired Snowden and basically bred him, to make him a person of interest in isolation.

Both as a person and a journalist, however, I cannot help being curious. As indicated in the previous posts, I continue to be curious about the multi-billion layers of private contracting–an ironic term, at this point–as well as about government surveillance. So questions will continue to arise.

Back to that press coverage. The Guardian, unlike the Washington Post, has published aptly on Booz Allen. See here and here and here, for example.

To be continued

 

BOOZ ALLEN ETC Continued

Posted on by
Reply

BOOZ ALLEN ETC Continued

 

Again, the point of the reminders below is not that the more things change, the more they stay the same. The point is that previous lessons need to be re-learned. Next-to-the-top echelons in the defense and security contracting world, effectively ensconced in government, do not tend to head for the door when an administration changes. The recent news that 29-year-old Edward Snowden, employed by a major government contractor, wielded global cyber intrusions and then revealed them is another reminder that we are still dealing with the problems.

 

At home in Washington

The NSA contractor, of course, is Booz Allen Hamilton, the giant ex-spooks and black-hats company with government ties at federal, state and local levels. With Snowden, the company deviated from its strengths, hiring not an ex-spook but a future spook who seems to have decided he had gotten onto the wrong career path. Again ironically, in light of recent events, Booz Allen’s services include monitoring other surveillance programs. The recent predictable problems are now part of a well established track record.

 

Snowden

Take the 2006 flap over Booz Allen’s monitoring the SWIFT project. This, to recap briefly, was the George W. Bush administration’s examination of records of the Society for Worldwide Interbank Financial Telecommunication (SWIFT), headquartered in Belgium. The government eyeballing gave the Bush administration access to millions of financial messages per day involving payments, securities transactions, etc., between thousands of banks and other financial entities around the world. SWIFT touted its safety and security as a financial messaging system. (For what it’s worth, Booz Allen itself uses SWIFT.) Such financial surveillance being too much for Wall Street to stomach even from a super-friendly administration, uproar ensued. Thus Booz Allen was said to be monitoring it. This was less than reassuring, to Wall Street as well as to the ACLU (linked above), given the contractor’s numerous and profitable ties to the feds it was supposed to oversee.

 

Vox populi

The ties were pointed out again in 2011 by, among others, Anonymous. The notorious cyber vigilantes gleefully hacked–wait for it–Booz Allen, apparently with ease, getting access to among other things thousands of military emails. Here for fun is Anonymous‘ own take on the exploit:





"Hello Thar!


Today we want to turn our attention to Booz Allen Hamilton, whose core business is contractual work completed on behalf of the US federal government, foremost on defense and homeland security matters, and limited engagements of foreign governments specific to U.S. military assistance programs.




So in this line of work you’d expect them to sail the seven proxseas with a state- of-the-art battleship, right? Well you may be as surprised as we were when we found their vessel being a puny wooden barge.




We infiltrated a server on their network that basically had no security measures in place. We were able to run our own application, which turned out to be a shell and began plundering some booty. Most shiny is probably a list of roughly 90,000 military emails and password hashes (md5, non-salted of course!).




We also added the complete sqldump, compressed ~50mb, for a good measure. We also were able to access their svn, grabbing 4gb of source code. But this was deemed insignificant and a waste of valuable space, so we merely grabbed it, and wiped it from their system.”


No clarification yet on whether SWIFT or, for that matter, Booz Allen will be involved if complicated extradition proceedings get underway for Edward Snowden. But then exactly what material Snowden had access to in general has not been clarified–and presumably will not be. How much Snowden got from SWIFT specifically has also not been clarified. The footprint of the financial messaging service is large on the internet, given the nexus of the NSA, private contracting, and foreign policy. SWIFT was among the levers used against Iran.


 


Before SWIFT, there was TIP, or the Total Information Awareness program, run by Admiral John Poindexter, back in 2002. To recap very briefly, Booz Allen was also in this one up to the eyeballs (along with SAIC among others). The TIP or TIA program was short-lived because of the uproar–although one of its leading lights, Mike McConnell, stayed in the administration as George W. Bush’s second Director of National Intelligence, before returning to Booz Allen to serve as Senior Vice Chairman.


Summing up, ties between administrations and Booz Allen have been numerous and have been written about by a number of authors. The ties between Booz Allen, its brothers in arms in the contracting world, and the now-cyber-ghost-town PNAC, or Project for the New American Century, alone have been more than friendly. When PNAC-er Dov Zakheim left the Pentagon, in April 2004, he became a partner at Booz Allen. Former CIA director R. James Woolsey, another PNAC signatory, was a vice president at Booz Allen.


Thus signatories fervently bent, by their own hand, on war with Iraq rotated through the intelligence-security industry revolving door, to become part of a company frequently paid for monitoring intelligence and security work–including some of their own previous work.


The way a good corporate candidate for major contracts is chosen continues to baffle. One fundamental problem is the lack of protection against potential conflicts of interest. It is anomalous that a major military contractor and a major security contractor for the federal government could be given oversight or a supervisory role in surveillance conducted by the federal government. The potential conflict of interest is too large. Suppose, hypothetically, that the sifting through discloses some previous lapse by the contractor itself?


To be continued