An Engineer Blows The Whistle On AT&T - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Mobile // Mobile Applications
Commentary
4/13/2006
02:19 PM
Commentary
Commentary
Commentary
50%
50%

An Engineer Blows The Whistle On AT&T

I never believed that the Electronic Frontier Foundation's lawsuit against AT&T, alleging that the company helped the National Security Agency coduct illegal spy operations, had much of a future. Consider the EFF's central claim in the case -- that AT&T and NSA collaborated to spy upon tens of millions of American citizens, including both domestic and overseas phone calls. EFF isn't just looking for the proverbial smoking gun; it needs to find a smoking howitzer to prove such a dramatic, and p

I never believed that the Electronic Frontier Foundation's lawsuit against AT&T, alleging that the company helped the National Security Agency coduct illegal spy operations, had much of a future.

Consider the EFF's central claim in the case -- that AT&T and NSA collaborated to spy upon tens of millions of American citizens, including both domestic and overseas phone calls. EFF isn't just looking for the proverbial smoking gun; it needs to find a smoking howitzer to prove such a dramatic, and politically explosive, charge.

Boom. Meet Mark Klein, an AT&T engineer who spent 22 years working for the company's New York and San Francisco switching centers. His appearance as an EFF witness in the case -- with documents supporting many of his claims -- could change everything. His statements, assuming their veracity, are nothing short of infuriating.While on assignment in AT&T's San Francisco switching center during late 2002 and early 2003, Klein claims that he saw and heard about the NSA engaging, with AT&T's full support, in some profoundly disturbing activities:

AT&T provided National Security Agency eavesdroppers with full access to its customers' phone calls, and shunted its customers' internet traffic to data-mining equipment installed in a secret room in its San Francisco switching center, according to a former AT&T worker cooperating in the Electronic Frontier Foundation's lawsuit against the company.

Mark Klein, a retired AT&T communications technician, submitted an affidavit in support of the EFF's lawsuit this week. That class action lawsuit, filed in federal court in San Francisco last January, alleges that AT&T violated federal and state laws by surreptitiously allowing the government to monitor phone and internet communications of AT&T customers without warrants.

On Wednesday, the EFF asked the court to issue an injunction prohibiting AT&T from continuing the alleged wiretapping, and filed a number of documents under seal, including three AT&T documents that purportedly explain how the wiretapping system works.

A copy of Klein's full statement is available at Wired News. The following excerpt details how he discovered AT&T wasn't just diverting its own traffic through the NSA's traffic-analysis hardware, but was also giving the agency access to its peering partners' packet-switched traffic:
While doing my job, I learned that fiber optic cables from the secret room were tapping into the Worldnet circuits by splitting off a portion of the light signal. I saw this in a design document available to me, entitled "Study Group 3, LGX/Splitter Wiring, San Francisco" dated Dec. 10, 2002. I also saw design documents dated Jan. 13, 2004 and Jan. 24, 2003, which instructed technicians on connecting some of the already in-service circuits to the "splitter" cabinet, which diverts some of the light signal to the secret room. The circuits listed were the Peering Links, which connect Worldnet with other networks and hence the whole country, as well as the rest of the world.

One of the documents listed the equipment installed in the secret room, and this list included a Narus STA 6400, which is a "Semantic Traffic Analyzer". The Narus STA technology is known to be used particularly by government intelligence agencies because of its ability to sift through large amounts of data looking for preprogrammed targets. The company's advertising boasts that its technology "captures comprehensive customer usage data ... and transforms it into actionable information.... (It) provides complete visibility for all internet applications."

My job required me to connect new circuits to the "splitter" cabinet and get them up and running. While working on a particularly difficult one with a technician back East, I learned that other such "splitter" cabinets were being installed in other cities, including Seattle, San Jose, Los Angeles and San Diego.

Could the NSA possibly, by any stretch of a sane, sober observer'simagination, have required such a massive, geograhically distributed surveillance apparatus -- what one watchdog group describes (with the assistance of a diagram that will make your blood run cold when you realize the implications) as the "NSA Surveillance Octopus?"

"Based on my understanding of the connections and equipment at issue," Klein wrote in his statement, "it appears the NSA is capable of conducting what amounts to vacuum-cleaner surveillance of all the data crossing the internet -- whether that be peoples' e-mail, web surfing or any other data.

"And unlike the controversy over targeted wiretaps of individuals' phone calls," he concludes, "this potential spying appears to be applied wholesale to all sorts of internet communications of countless citizens"

President Bush has acknowledged that he repeatedly approved the NSA surveillance operations, in spite of the fact that conducting such operations within the United States is, at best, a legal gray area. Yet he also maintains that in rare cases when NSA wanted access to domestic communications, it would seek a search warrant to do so.

If Mark Klein does, indeed, represent the smoking gun in this case, then it looks to me like he's aimed not at AT&T or even the NSA, but rather at the Bush Administration itself. Indeed, this is the system whose existence the President says he personally approved on at least 30 occasions over the past year. If Klein's testimony holds up in court, it will fall upon the President to explain why this "limited" operation required a surveillance infrastructure capable of spying upon a substantial percentage of the American population.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Slideshows
What Digital Transformation Is (And Isn't)
Cynthia Harvey, Freelance Journalist, InformationWeek,  12/4/2019
Commentary
Watch Out for New Barriers to Faster Software Development
Lisa Morgan, Freelance Writer,  12/3/2019
Commentary
If DevOps Is So Awesome, Why Is Your Initiative Failing?
Guest Commentary, Guest Commentary,  12/2/2019
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
The Cloud Gets Ready for the 20's
This IT Trend Report explores how cloud computing is being shaped for the next phase in its maturation. It will help enterprise IT decision makers and business leaders understand some of the key trends reflected emerging cloud concepts and technologies, and in enterprise cloud usage patterns. Get it today!
Slideshows
Flash Poll