The full power of the United States government is awesome. The Edward Snowden revelations regarding NSA gathering and analysis of communications (foreign and domestic) highlights two important principles of U.S. intelligence agencies’ approaches: macro- and micro-.
On the macro-level Snowden has shown us that the U.S.’s approach has been to gather everything: all electronic communications and store these data in huge data centers, including their newest archive in Utah.
On the micro-level Snowden’s revelations demonstrated that the mechanism to gather these data is to hack major transit points (massive telecommunications data switches that route them). Historically the NSA tapped intercontinental telephone communications cables (for example, undersea cables) by splicing these copper cables by teams based on submarines. Later they splicing progressed to fiber-optical cables which is done in such a way that the data can both be harvested and appear to be untouched as they continue on to their intended designations.
The NSA’s modi operandi have been to exploit any concentration of data — why hack millions of individual computers when hacking one communication switch would yield the same effective result?
Hacking these switches (for example those manufactured by Cisco Systems) can be effectuated by the NSA by one of two methods: reprogramming the firmware (programmable software embodied within the chips that are used to build the switches) or by hardware modifications to components on the switches themselves. Heretofore it has not been seriously considered that these hardware hacks could have been made as it was “obvious” that no such modifications could have gone undetected for many years. Undetected by the designers and implementers of the chips themselves.
But there is little doubt in my mind that it is only a matter of time before it is revealed to the public that the U.S. intelligence community (likely the NSA) has implemented hardware changes within the end-user computers (e.g., Windows PCs, Mac laptop, and UNIX, Windows or Linux servers) and personal smartphones to make at least targeted- (and perhaps wholesale-) gathering of the actions performed on these devices possible.
These NSA hardware hacks (micro-level approaches) would be put in place to enable the gathering of specific user actions (even keystrokes, or hijacking cameras and microphones on these computing devices) at the lowest level of components on the circuit boards of these devices.
The reader may recall that Iranian centrifuges were hacked through the joint efforts of the NSA and Israeli intelligence by creating the Stuxnet worm. The worm was placed within the Siemens programmable logic controllers that directed the functions of the centrifuges through the oldest of intelligence techniques: exploiting human frailties. In that case, a USB drive was purposely “lost” in an area where an Iranian with access to these centrifuges would find it, then plug it into a computer that was located within the physically-separated (and internet-detached) centrifuge environment. Once the USB drive was inserted into that computer, it would look for Siemens PLCs on that supposedly secure and isolated network and infect them with the Suxnet worm.
In a similar way, we will undoubtedly soon discover that the NSA has been able to insert “back doors” into physical hardware components (such as keyboard controllers or other specialized ASIC chips) that are part of all of our personal computers and smartphone devices. That is, seemingly off-the-shelf electronic components will be shown to have been altered to have back doors inserted into the mass market computer chips themselves, most likely without the knowledge of the manufacturers of those very components or of the manufacturers (e.g., Apple, Hewlett Packard and IBM) of the computing devices that make use of them in their designs.
It will likely be revealed that some of these back doors were implemented with the cooperation of the computer manufacturers. But the far more onerous reveal will be of the modifications to the low-level components that even those who use — and the companies that designed these chips were not aware.
How would this have been accomplished? Through human intervention. It would only take one well-placed employee in, say, Texas Instruments or American Semiconductor, to insert such a backdoor into such a seemingly pedestrian physical component. Such a hack would not be easily detectable through normal operations (just as the syphoning off of mounds of data from Cisco switches by the NSA was undetected, only to eventually be revealed by Snowden).
That is, we will soon learn that every single personal computer, personal smartphone and probably even basic cell phones have been turned by the NSA into devises that can be controlled by the United States intelligence community remotely.
You may recall that in the May 28, 2014 NBC interview of Edward Snowden by Brian Williams, Snowden revealed that smartphones which were seemingly powered off could be remotely turned on and taken over by the NSA.
The revelation that the NSA has the capacity to look at every function that is performed by the vast majority of personal computers and cellphones will be forthcoming. Perhaps it is the “even bigger” revelation that Glenn Greenwald mentioned during the same Brian WIlliams show that he would soon be making.
The U.S. intelligence community has the capability of gathering a huge amount of data on the macro-level by making targeted changes to vulnerable components (the micro-level) that have up until now been assumed to be benign.
The power of the U.S. intelligence community is awesome indeed. And that is precisely why we need to keep it in check, lest we slip into into a true security state in which all personal communication is accessible by the U.S. government.
That could be world changing and frightening power indeed, and power that is currently insufficiently balanced by legislative checks on that executive power.