Sunday, February 17, 2008

FBI is getting more than its money's worth

Looks like the FBI sometime gets more than it paid for:
A technical glitch gave the FBI access to the e-mail messages from an entire computer network - perhaps hundreds of accounts or more - instead of simply the lone e-mail address that was approved by a secret intelligence court as part of a national security investigation, according to an internal report of the 2006 episode.


Bureau officials noticed a surge in the e-mail activity they were monitoring and realized that the provider had mistakenly set its filtering equipment to trap far more data than a judge had actually authorized.
I commented on Glenn Greenwald's blog on this:

The filters can be programmed to search RADIUS logins (and grab the "framed IP address" for the session) or just grab by IP (also MAC, ESN, MSISDN, or other identifier, depending type of traffic being snooped). If you are doing raw IP (for static IPs), you can avoid having to do the RADIUS login detection. But if you put in the wrong IP address, such as the [mail] server's address, you'll get all the traffic handled by the server. Or if you snoop at the wrong place, you may be capturing all traffic on an "encapsulated PPP" link where that link is carrying all the traffic flow for all users to a remote switch/NAS.

I know for some equipment, there were some requests for filtering by IP port (that is, to capture traffic from anyone using a specific IP port). This might be useful for capturing P2P "file sharing" stuff, but it hardly meets the specificity requirement for wiretaps; AFAIK, such snoops should be illegal.

So much for tech talk.... Back to the story.
The episode is an unusual example of what has become a regular if little-noticed occurrence, as American officials have expanded their technological tools: Government officials, or the private companies they rely on for surveillance operations, sometimes foul up their instructions about what they can and cannot collect.


But an intelligence official, who spoke on condition of anonymity because surveillance operations are classified, said: "It's inevitable that these things will happen. It's not weekly, but it's common."

A report in 2006 by the Justice Department inspector general found more than 100 violations of federal wiretap law in the two prior years by the Federal Bureau of Investigation, many of them considered technical and inadvertent.
Many? Not all? What were the other ones???
In the warrantless wiretapping program approved by President Bush after the Sept. 11 terrorist attacks, technical errors led officials at the National Security Agency on some occasions to monitor communications entirely within the United States - in apparent violation of the program's protocols - because communications problems made it difficult to tell initially whether the targets were in the country or not.
But we're only spying on Terra-ists....


Post a Comment

Links to this post:

Create a Link

<< Home