One of three decisions of which I am most proud in my life is, that I served in the U.S. Army, but didn’t or don’t work any longer for the National Security Agency. (Ending my legal relationship with my father and my marriage ar the other two, BTW). Yet, I left a career in signals intelligence that was more than just a job; it was my calling, the only job I am trained to do and for which I have a native talent. Ethically, I could not do it. I now work for pay in a job honestly which I loathe on good days. But, the one advantage is, that a college in a foreign country is not NSA. I could copulate with dogs, become a gay prostitute, drop acid daily, or start a terrorist organization. I should write “Fuck NSA” blogs daily, but I think living in Korea is enough. And, I don’t talk about my former career. Fuck NSA, two things about intelligence bothered me.
Firstly, and what convinced me to get the hell out, was, that no careerist non-commissioned officer could honestly tell me he thought his career in intelligence was worth the 15+ years or so he had comitted to it. I even told each sergeant, “All I need is one NCO with a positive answer, and I’ll re-enlist!” No one could even look me in the eyes.
The other thing that bothered me was working with South Koreans. And, that brings me to what has prompted a few days of morose, “”knife-in-the-hand” soul-searching and outright anger (via Democracy Now!).
Under construction by contractors with top-secret clearances, the blandly named Utah Data Center is being built for the National Security Agency. A project of immense secrecy, it is the final piece in a complex puzzle assembled over the past decade. Its purpose: to intercept, decipher, analyze, and store vast swaths of the world’s communications as they zap down from satellites and zip through the underground and undersea cables of international, foreign, and domestic networks. The heavily fortified $2 billion center should be up and running in September 2013. Flowing through its servers and routers and stored in near-bottomless databases will be all forms of communication, including the complete contents of private emails, cell phone calls, and Google searches, as well as all sorts of personal data trails-parking receipts, travel itineraries, bookstore purchases, and other digital “pocket litter.” It is, in some measure, the realization of the “total information awareness” program created during the first term of the Bush administration-an effort that was killed by Congress in 2003 after it caused an outcry over its potential for invading Americans’ privacy.
But “this is more than just a data center,” says one senior intelligence official who until recently was involved with the program. The mammoth Bluffdale center will have another important and far more secret role that until now has gone unrevealed. It is also critical, he says, for breaking codes. And code-breaking is crucial, because much of the data that the center will handle-financial information, stock transactions, business deals, foreign military and diplomatic secrets, legal documents, confidential personal communications-will be heavily encrypted. According to another top official also involved with the program, the NSA made an enormous breakthrough several years ago in its ability to cryptanalyze, or break, unfathomably complex encryption systems employed by not only governments around the world but also many average computer users in the US. The upshot, according to this official: “Everybody’s a target; everybody with communication is a target.”
Back in the late 90s, the South Koreans I worked with often listened to their fellow South Koreans: mostly adult phone lines, but also person-to-person calls that weren’t erotic, like arguments between couples, and really anything that rose to the level of titillation. Memos circulated that forbid the practice, but American and South Korean practice and law were in conflict. American law forbid eavesdropping; South Korean law allowed it. The punishment usually involved anything from a verbal warning to fulll body treatment, where the South Korean NCO would take the offending soldier behind the racks of monitoring equipment and just pummel him in the groin and throw small objects at him. I was naive, I guess. I told myself, that American law and practice was superior, and I was relieved I didn’t live in South Korea where even its college-educated elites despised their own people. I also preferred not to listen to South Koreans whine about what I should do for them, because they were the ones in the crosshairs. I rarely understod when American and South Korean interests coincided.
Maybe I should have saved myself the adolescent moral indignation, and just re-upped. They say, the first step is always the hardest. Fortunately, there are solutions.
AMY GOODMAN: Jacob Appelbaum, I asked you before how people can protect themselves. I remember you mentioned, when they took your computer, the authorities at the border, there wasn’t a hard drive in it. Explain what people can do.
JACOB APPELBAUM: Well, I think one thing that is important is to know that if you’re being targeted, these people, they’re, you know, in the weapons industry. It turns out that they also have the ability to break into computers. So, if you’re being targeted, you have to take a lot of precautions. For example, there’s a bootable CD called “Tails,” and the idea is you run Linux, and all your traffic routes over Tor, so you don’t have something like Adobe Flash trying to update itself, and then the NSA or someone else gets to perform what’s called a “man in the middle” attack. Instead of using Gmail, using something like Riseup. I mean, after their server was just seized, I think kicking them some cash is probably a good thing. They provide mutual aid for people all around the world to have emails that are not just given up automatically, or even with a court battle. They try to encrypt it so they can’t give things up. So people can make choices where their privacy is respected, but also they can make technical choices, like using Tor, to ensure, for example, that when data is gathered, it’s encrypted and it’s worthless. And I think that’s important to do, even though it’s not perfect. I mean, there is no perfection in this. But perfection is the enemy of “good enough.”
AMY GOODMAN: How do you download Tor, T-O-R?
JACOB APPELBAUM: You go to TorProject.org, https://www.torproject.org. And the “S” is for “secure,” for some value of “secure.” And you download a copy of it, and it’s a web browser, for example. And the program, all put together, double-click it, run it, you’re good to go.
AMY GOODMAN: You can even Skype on it?
JACOB APPELBAUM: You-I would really recommend using something like Jitsi instead of Skype. Every time you use proprietary software-
AMY GOODMAN: “Jitsi” is spelled…?
JACOB APPELBAUM: J-I-T-S-I. So, every time you use proprietary software, you have to ask yourself, “Why is this provided to me for free?” And now that Microsoft is involved with Skype, the question is: Doesn’t Microsoft have some sort of government leaning on them, say the U.S. government, to give them so-called lawful interception capabilities? And of course the answer is going to be yes, right? If you log into Skype on a computer you’ve never used before, you get all your chat history. Well, why is that? Well, that’s because Skype has it. And if Skype can give it to you, they can give it to the Feds. And they will. And everybody that has that ability will. Some will fight it, like Twitter. But in the end, if the state asserts it has the right to get your data, sometimes without you even knowing that that’s happening, they’re going to get it, if they can get it.
So we have to solve these privacy problems with mathematics, because it’s pretty hard to solve math problems with a gun or threat of violence, right? No amount of violence is going to solve a math problem. And despite the fact that the NSA has got a lot of people working on those math problems, you know, podunk cops in Seattle, for example, they’re not going to be able to do that, and the NSA is not going to help them. Now, they may have surveillance capability. They may have IMSI catchers. They might have automatic license plate readers. They have an incredible surveillance state. They’re still not the NSA.
And even if they are sharing information, what we want to do is make whatever information they would share worthless, especially if it’s encrypted. So if your browsing is going over Tor, at least if someone is watching your home internet connection, they don’t see that you’re looking at Democracy Now!‘s website. They don’t see that you’re checking your Riseup email. They see that you’re talking to the Tor network. And there’s a lot of value in that, especially because your geographic location is hidden. So when you log into Gmail-let’s say you still use Gmail-but you don’t want Gmail to have a log of every place you’ve been, you use Tor, and Gmail sees Tor, and anyone watching you sees Tor. And that’s really useful, because it means that they don’t get your home address, they don’t know when you’re at work. You make the metadata worthless, essentially, for people that are surveilling you.
I don’t want this to be a regular feature. I don’t blog intelligence. I’ve never read Bamford or other journalists who cover this bailliwick. I don’t talk about this with Army buddies. I’ve kept my oath never to divulge secrets – what few I think I know. I will never work in the business, which is a shame. And, I will never be happy with one of the most important decisions in my life. Many days I try to console myself, that I don’t spy on people, and that life is good. I’m never convinced. Sometimes in life one does everything well and right, and it’s still wrong.