Former NSA Director Patenting Computer Security Techniques

Former NSA Director Keith Alexander is patenting a variety of techniques to protect computer networks. We're supposed to believe that he developed these on his own time and they have nothing to do with the work he did at the NSA, except for the parts where they obviously did and therefore are worth $1 million per month for companies to license.

No, nothing fishy here.

EDITED TO ADD (8/14): Some more commentary.

Posted on August 4, 2014 at 6:26 AM • 44 Comments

Comments

AlexTAugust 4, 2014 7:14 AM

I muss confess this is nothing short of amazing - the guy has no limits apparently

LarkinAugust 4, 2014 7:27 AM

That's nothin'...let's wait and see if the application(s) get rubber-stamped at the PTO.

CharlesAugust 4, 2014 7:46 AM

Fishy? Given your stance on patents altogether, this sounds like sour grapes to me. Why would your response be to suggest impropriety, and not to question validity?

AndyAugust 4, 2014 7:47 AM

Alexander is a bureaucrat, who is the technical talent he's brought on board. How many other former NSA employees are working at his new firm?

JoeAugust 4, 2014 8:13 AM

Andy writes: "Alexander is a bureaucrat, who is the technical talent he's brought on board. How many other former NSA employees are working at his new firm?"

Exactly. NSA secrets are not to be shared with the public. Sold for private gain is a different story in our "free enterprise" country.

The Last Stand of FrejAugust 4, 2014 8:57 AM

Four-star generals don't have free time. I call shenanigans.

CatMatAugust 4, 2014 10:05 AM

@Charles,
Validity is currently mostly irrelevant as far as the USPTO is concerned. Impropriety is not.

DanielAugust 4, 2014 12:16 PM

@John

See, this is what happens when a person is open about bugs in the system--it just encourages the criminals. If Eisenhower had kept his mouth shut until this security hole in Democracy could have been patched everything would be OK and there would be no Keith Alexander.

JohnAugust 4, 2014 12:26 PM

@Daniel

“You Keep Using That Word(Democracy), I Do Not Think It Means What You Think It Means”

US is designed as a Republic my friend.

Non PosterAugust 4, 2014 1:30 PM

So, yet another ex-employee making money off the backs of the taxpayer.

Nick PAugust 4, 2014 1:34 PM

My previous proposal of secure computing built on 20+ year old techniques is looking better every year. All I need is one precedent on a certain argument to greatly reduce the costs of all future cases.

43g34uiug4hAugust 4, 2014 2:34 PM

@John: Good luck teaching what "Republic" and "electoral college" actually are from a economical/logical stand-point.. Disinformation is too much of a science now..

FarluizAugust 4, 2014 3:55 PM

Here in Brazil, former government employees with sensitive information can not work in the private sector and not to the private sector, for a time which we call "quarantine". Quarantine can usually have a duration of up to 2 years and the assets or wealth of the former employee is monitored well beyond that period. This measure is not perfect but it serves as a warning to the former employee.

BenniAugust 4, 2014 5:05 PM

Regarding Alexander:

We go back to the year 2007. At that time, there was no Snowden, but even other NSA employees were disgusted by what the NSA was developing. The german computermagazine C't mentions in an article from 2007:

http://www.heise.de/newsticker/meldung/US-Geheimdienst-NSA-hat-Schwierigkeiten-mit-der-Internet-ueberwachung-146028.html

"After trailblazer, a program for internet surveillance had to be cancelled in 2005, its successor turbulence is in difficulties. Turbulence was started at the time when Alexander became director of the NSA, and for Alexander, turbulence has the highest priority.

According to an anonymous NSA employee, it should cost 2 billion dollars. Up to 500 million dollar each year are invested for the project which gets delayed again and again, and faces technical difficulties. Apparently, the NSA fears that the democrats which lead the security councils will look closer than this has happened before.

Turbulence consists of many subprograms and should monitor the internet, as well as manipulat data streams in order to block the information flow if necessary.
Turbulence should monitor individual network routes and thereby filter suspected data packets or block their transmission. Parts of turbulence should identify social networks, install programs in networks in order to collect data, or search after patterns in databases. Compared to trailblazer, turbulence uses a different method. Trailblazer should collect all data from the internet first, and then analyze it"


Now, thanks to edward snowden, we know what turbulence is. The wikipedia article on it

http://en.wikipedia.org/wiki/Turbulence_(NSA)

mentions this document, where NSA tried to sell turbulence to Congressmen.

The slides show turmoil to be a part of turbulence

http://en.wikipedia.org/wiki/File:What_A_Success.pdf

And what is turmoil?

Well that is this:

How the NSA Plans to Infect ‘Millions’ of Computers with Malware:

https://firstlook.org/theintercept/article/2014/03/12/nsa-plans-infect-millions-computers-malware/

From the slides above, it becomes clear that turmoil was not just a small misguided project of NSA. Instead it was a major effort that was backed up by congressmen.


And now you have to Imagine. How rotten and disgusting must congressmen be, when they approve a project, even spending 2 billion dollar on it, that aims to infect millions of computers with malware?

And how rotten must NSA director Alexander be, when he made this his primary project in 2007?

Yes, that man knows much about persistent advanced threats.

Because he was personally responsible for developing them....

No, this is not just a corrupt agency. This is a completely rotten and disgusting government and agency that we deal with here.

What do they think they are? Do these congress men really think that non-us persons do not have a right on a computer that is free of malware?

And they have criticized turmoil because of what? Because it was "not effective" and "its development was delayed" and "bureaucratic"?

Apparently, the US congress thinks US malware on millions of foreign computers is a good thing, as long as it supports them in their goals. This is the thinking of a rotten government that believes the foreign population around it consists entirely of unworthy underlings.

BenniAugust 4, 2014 5:14 PM

And then there is this: the foreign policy magazine writes:

"Alexander used his influence to warn companies that they were blind to cyberthreats that only the NSA could see, and that unless they accepted his help, they risked devastating losses. Alexander wanted to install monitoring equipment on financial companies' websites, but he was rebuffed, according to financial executives who took part in the discussions. His attempts to make the NSA a cyber-watchdog on corporate networks were seen as a significant intrusion by government into private business."


So perhaps Alexander just did not stop working for NSA, but he is still working for them somehow.

Now he just installs NSA deep packed inspection technology to the american companies that refused to have this technology installed by NSA itself...

Installing monitoring equipment on financial companies...
Yeah that is what NSA can do best...

And if the companies do not want it from NSA, then they will get it installed by former NSA employees.....

NSA seems to find a creative solution to every problem... And they do not easily give up....

RQAugust 4, 2014 6:13 PM

@Benni:
Alexander used his influence to warn companies that they were blind to cyberthreats that only the NSA could see, and that unless they accepted his help, they risked devastating losses.

Especially ridiculous, considering that the guy charges 1M per month.

Same greed as what drives the creators of SynoLocker and other ransomware.

BenniAugust 4, 2014 6:37 PM

Well, NSA can not force financial companies based in US to install NSA monitoring technology, when they are not some telecommunication provider...

So, in order to install " install monitoring equipment on financial companies" they have to make the US companies to agree to this voluntarily. Since the companies did not gave into the pressure to install tech from NSA directly, NSA now has to try it differently, by using former NSA employees to install the monitoring system...

How do they say:

Sniff it all, partner it all, exploit it all, know it all

So, NSA monitoring technology simply has to be placed at US financial companies.

Brandioch ConnerAugust 4, 2014 6:49 PM

I'm interested in what he is going to attempt to patent.

Because there are only so many avenues of attack (Bruce's "Attack Trees") with regards to a computer.

The exploit has to live in:
A. RAM / ROM
B. Software
C. Firmware
D. Hardware

The exploit has to get there by:
1. from the factory
2. between the factory and you
3. at your site (after you've received the clean equipment)

Once you've received the clean equipment then it's down to:
a. sneaker-net attack
b. network exploit

So what new insight can he have on that? Unless I'm missing a category?

BenniAugust 4, 2014 7:42 PM

I think this is probably some deep packet inspection stuff, the sort of thing you would need against turbulence malware. Note that the article on Alexander says:

"Alexander wanted to install monitoring equipment on financial companies' websites" so his solution is probably an inspection technique for datapackets that come through the web.


And that is also sort of thing where he, or the NSA gets a good method for analyzing traffic once every company installs that, which can be assumed to have some kind of backlink to Forth Meade analysts, who are searching through the data of the financial company (just in order to spy, eehh no, to protect the bank from malware of course)...

Up to now the proposals of Alexander are in fact extremely similar to the ones made by BND officials recently:

http://www.bnd.bund.de/DE/Themen/Reden%20der%20Leitung/Redetexte/Rede_BfV-Symposium2014.html

the BND president said here on a project for which the service wants additionally 300 mio euros:

"In detail, this can look like this: With our foreign signals intelligence, we recognize a Cyper Attack on french companies or institutions with a new, and unknown malware. We then give this information to the office for security in information technology and to the german service for the protection of the constitution. They then can take measures that appropriate firewall settings are used in germany"

The question is just: What does the BND have to sniff in data packets of french companies?

They are obviously selling their spying software that targets allies as a security solution against malware.

I guess NSA tried this at the first place, but it did not work. The article on Alexander says:

"His attempts to make the NSA a cyber-watchdog on corporate networks were seen as a significant intrusion by government into private business."

Note that this is essentially the same as this BND project, where they want 300 mio euros to analyze the data of french companies, just to protect us from malware....

AlanSAugust 4, 2014 9:41 PM

@Joe, Andy

Nah, the 'free enterprise' system is much more 'efficient' than that. Post 9/11 the agency turned into a system for managing how to dole out money to private contractors. In and out the revolving door and it's a lucrative gig.


65535August 5, 2014 5:34 AM

Alexander the Great:

"Currency trading front-running can be quite lucrative if have the right back-doors to the major trading systems. Think about the possibilities!"

"You have heard of those stories about a certain spy organization ‘manipulating’ internet poles – they are true. And, I can do the same with currency trading pricing systems! Your bank could make George Soros look like a piker with my “real time” backdoor implants – and nobody would be the wiser."

"Take the oil business; I have accumulated persistent back-doors to the major players. Just think of huge profits you could make in oil futures with my patented real time oil trading information kit!"

"And, those pesky Senate sub-committee hearings are easy to avoid if you have the right telephone interchange tapped. I have you covered!"

"My one million dollar per month fee could return you five times that amount in the international trading markets! Naturally, all deals will be cash up-front and you will have to sign a non-disclosure agreement.”

don't remember my name...August 5, 2014 6:56 AM

I have no doubt Gen. Alexander will be highly successful on his new business. After all, he demonstrated a lot of experience stopping security treats (e.g. Snowden) on his previous job.

A Telco Security DweebAugust 5, 2014 9:34 AM

In view of the (non-existent) veracity of Mr. Alexander's previous testimony in front of Congress, not to mention his long track record of systematic lying to the press, if I were the CIO of any company to which Mr. Alexander was trying to peddle his "innovative security solutions"... well, I'd want some penalty clauses in the contract, let's just put it that way.

So, in addition to being a primary enforcer of the U.S. military-industrial police state, the NSA is also now in the corruption game. I guess their top execs were getting jealous of the CIA being able to pay off all those foreign leaders.

Next up : Michael Hayden selling an add-on to "auto-complete" for smartphones; the value proposition is, "it automatically deletes two out of every three words that you send in a text or tweet".

Such "innovation" we're getting out of America, these days!

Thomas CherryhomesAugust 5, 2014 1:42 PM

Truly, I'm just in awe. As Bill Hicks would say, "This guy has to carry his balls in a wheel barrow." "'SCUSE ME! 'SCUSE ME! *scoot*scoot* MAN WITH BIG BALLS COMING THROUGH!"

Why can't this guy just meet the blunt end of a falling piano?

-Thom

TomAugust 5, 2014 5:20 PM

I don't understand, who is the dumb/naive company who will use his services at all. After all, it's quite clear that he will charge money and share the info after that with the NSA. Once a spy, always a spy.

tyrAugust 6, 2014 1:49 AM

I for one am glad to see Spandam screwing the banksters instead of
busily undermining the constitution.
I don't consider terrorists to be much of a threat as long as we
stop killing grandmas with anti-tank missles.

The real problem for America is that our spooks should have been
kept on a short leash and never trusted in anything they said until
it was parsed by someone rational. Giving them 52 billion to play
around with and no accountability has created the current mess.

kevinAugust 6, 2014 10:09 AM

The difference between being charged under the Espionage Act and charging clients $1MM/month appears to be having an IP attorney and a compelling business model. As the head of Boston's Big Dig once said privately to State Treasurer Joe Malone, "Don't you get it? There's enough here for everybody."

AlexTAugust 6, 2014 12:33 PM

I believe this whole thing is simply a way to pay him out for whatever information in his possession and might leverage. Blackmail 101.

TomAugust 6, 2014 2:27 PM

@AlexT to get information from him is one thing, he deserves some payment (even though 1M is quite a lot), but besides that, he actually installs them monitoring system/malware/APT is completely other thing. They are penalized 3 times ( one is the payment, 2nd is monitoring/malware/APT install and 3rd because he transfers the info to NSA). It's like " I spit on you and the company says it's raining". I wonder who are those companies. I wouldn't trust such a company.

SmidgenAugust 6, 2014 6:54 PM

Fishy is so quaint, but I think the term in vogue is now "smidgen," as in "Alexander hasn't a smidgen of corruption." Nobody believes that, though.

With Whoosh-Beep-Beep sound effectsAugust 6, 2014 10:05 PM

Patent No. 192,173,283,028. A junior space cadet Starship bridge for spying on the personal lives of your employees and customers.

NovaAugust 8, 2014 2:40 PM

Alexander's continuing reprehensible behavior which sours the entire legal system....

Sadly, many who work in that system, even believing they uphold it, stand with him. And they stand against brave patriots like Snowden.

In the US, the prisons - a very savage environment - remain full of people who have performed only victimless crimes. Men like Alexander and the institutions he still represents effectively as a leader, a spokesperson, if they were treated as equals to the poor and powerless imprisoned would be in jail for the rest of their lives.

And so the innocent are trumpted as guilty, while the guilty are trumpeted as innocent.

This hits at the core of stability in the world as a corrupting influence.

Sad so many who work in those areas are blind to this.

NovaAugust 9, 2014 4:21 PM

I just can not wait until they make a movie of "all this". Snowden, Alexander, Obama and his administration. Right now, the public really does not understand what went on. Same situation with the financial industry, only the financial industry members were not sworn to protect their country.

Which makes it very much worse.

As simple as this math is, people do not understand it. Cops do not have the right to spy on systems without a warrant anymore then they have the right to smoke crack. Spies are not cops and should not pretend to be.

If you want to sum up the corruption of the administration, Alexander's behavior here does it well. Until the guys doing all the real dirty stuff get busted. Patenting government secrets he stole for his own financial gain, charging millions for it? It is insane.

You expect this stuff in North Korea, not here.

It is so much worse to do it here because I do believe there is some glory to the founding documents and spirit.

Just a deplorable shame. Like any bad guy, they just live for today like tomorrow will never come.


delia ruheAugust 20, 2014 9:34 PM

I guess his impunity carries over into civilian life -- just one of many perqs.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Resilient Systems, Inc.