Sunday, March 29, 2015

Surveillance, Grown Up: Broader and Deeper than Eavesdropping of Yore

The revelations of mass global surveillance in recent years by the United States and its global partners have exposed a dramatic shift in how law enforcement and intelligence agencies conduct and justify surveillance activities.  Modern surveillance has gone from passive capture of signals to active interference with devices, systems, networks, and communications; from targeted scrutiny of individuals to surveillance of millions in bulk; from examining basic communications content and metadata to fundamentally intrusive analytical techniques.  All of these changes are occurring over a backdrop of rapid changes in communications technologies and services that have rendered legal distinctions between foreign and domestic communications artificial and unworkable.

Wiretapping and other forms of eavesdropping have traditionally been the standard for law enforcement and intelligence agencies that need to gain access to the communications of alleged criminals to prevent crime and enforce the law.  While much of this activity involved passive capture of communications – essentially the equivalent of listening in on a conversation – increasingly we see evidence of active attacks – that is, actively interfering and modifying the communications en route to accomplish a surveillance goal.  For example, this can involve performing what is technically referred to as an active “man in the middle” (MITM) attack against encrypted communications, where an eavesdropper pretends to be another party in a communication, but modifies the relevant credentials attached to the communication, and then passes the underlying communication on to the intended recipient.  This is called “active” by the technical community because the MITM must send erroneous credentials to the sender so that the sender unknowingly encrypts their communications to the MITM instead of the intended recipient.  The MITM then decrypts the communication, re-encrypts with a different set of spoofed credentials and passes the communication on to the recipient.  Further, systems like those revealed as part of the NSA’s QUANTUM program go even further to mount attacks: QUANTUM represents what is essentially an automated attack infrastructure embedded in the internet, where not only can it perform active surveillance – like the active MITM attack described above – but also it can inject malicious software into the communication stream intended to compromise a user’s device and establish a presence for other forms of surveillance.

The first revelation from Edward Snowden in June of 2013 showed that the NSA was compelling US domestic telecommunications providers to produce each day, comprehensive databases of many millions of call details, including all phone numbers people call and the time and length of each call.  This evidence provided the first hint that surveillance and national security activities were not narrowly targeted to potential wrongdoers or those that law enforcement had probable cause of committing a crime.  Increasingly, surveillance is performed in bulk, capturing and storing information and communications of many millions of individuals, most of which are decidedly innocent.  In a particularly audacious program, MUSCULAR, the NSA and the UK’s Government Communications Headquarters (GCHQ) captured all the data shared on internal networks of Yahoo! and Google, hoovering up emails, phone calls, files, chat sessions, and video conferencing sessions.  The NSA and its global surveillance partners appear to be one of the earlier converts in the 2000s to what we today call “big data” – collecting as much data as possible about a population and employing sophisticated algorithmic techniques to infer relationships and predict behaviors.

Whereas historically only narrow classes of communications – telephone, fax, postal mail, etc. – could be captured and analyzed by surveillance authorities, the increasing use of computerized networked technologies by society and the increasing sophistication of analytical techniques – including powerful machine learning and social network analysis techniques coupled with technical subversion of hardware and software – result in modern surveillance being comparatively much more intrusive.  For example, the NSA regularly captures account login credentials through its XKEYSCORE program, which indexes metadata (email addresses, phone numbers, usernames, passwords, etc.) globally for intelligence and law enforcement use.

Finally, the characteristics of historical telecommunications technologies and services tended to ensure a well-bounded geographic extent of their operations while modern networking and internet-based analogs have very little grounding in geographic and political boundaries.  That is to say, the shortest “distance” between two computing devices over a network like the internet may often have very little correspondence with geographic distance between the two points, and instead internet traffic favors network routes that result in the quickest transmission of the data from sender to receiver, even if two neighbors result in sending information around the world to reach one another.  Given the extent to which national law enforcement and surveillance authorities distinguish between foreign and domestic communications – typically requiring much greater protection of domestic persons – modern technologies render those distinctions increasingly unworkable and artificial.  It can be very difficult to determine the geographic location of someone engaged in an internet communication, especially since technologies like Virtual Private Networks (VPN) – used by many business customers to secure their connections to corporate servers – may result in the communication appearing to come from a very different geographic location than where the person is actually located.

These factors – passive to increasingly active, targeted to increasingly bulk, narrow to increasingly intrusive, and unworkability of classifying communications as foreign or domestic – together combine to make the surveillance climate of today much broader and deeper than the surveillance activities of the past.

Chief Technologist, Center for Democracy & Technology 

No comments:

Post a Comment