Hayden Mocks NSA Reforms

Former NSA Director Michael recently mocked the NSA reforms in the recently passed USA Freedom Act:

If somebody would come up to me and say, "Look, Hayden, here's the thing: This Snowden thing is going to be a nightmare for you guys for about two years. And when we get all done with it, what you're going to be required to do is that little 215 program about American telephony metadata -- and by the way, you can still have access to it, but you got to go to the court and get access to it from the companies, rather than keep it to yourself." I go: "And this is it after two years? Cool!"

The thing is, he's right. And Peter Swire is also right when he calls the law "the biggest pro-privacy change to U.S. intelligence law since the original enactment of the Foreign Intelligence Surveillance Act in 1978." I supported the bill not because it was the answer, but because it was a step in the right direction. And Hayden's comments demonstrate how much more work we have to do.

Posted on June 23, 2015 at 1:39 PM • 25 Comments

Comments

rgaffJune 23, 2015 1:55 PM

@Bruce

Supporting 1 step forward sounds great and all.... except that we had just taken 50 steps forward the day before by letting the whole damn thing expire, and so from that vantage point that law actually didn't take 1 step forward, but 49 back!!! That's what really pisses me off about the whole "USA Freedom to Spy Act"

NotYouAgainJune 23, 2015 3:16 PM

Hi rgaff:
I am not sure where I read that, so I can't quote, but I remember that only around 2% of the activity of the NSA expired on June 1st: Section 215, mainly concerning the surveillance of domestic phone calls. Given how many communication channels there are and how many people live outside the US, I think that is pretty far off "letting the whole damn thing expire".
Would be great though. Wishful thinking?

Bob S,June 23, 2015 3:44 PM

I sense what little momentum for change that was generated from the Revelations has been spent. Congress in particular shows ZERO interest in true reform. Indeed, they show little interest in knowing what NSA & Co. are doing, have done or are prepared to do at all.

Someone suggested Congressmen are afraid to say or do anything that might show they are weak on security. In my view, however, their weaknesses are stupidity, incompetence, irresponsibility and corruption.

d33tJune 23, 2015 4:50 PM

Just when I thought there was no way Hayden could be more of an evil, ridiculous buffoon .. When does his trial for treason begin ? Ahh .. just wishful thinking. Justice is just a goofy myth on planet earth.

rgaffJune 23, 2015 5:10 PM

@ NotYouAgain

I didn't mean "letting the entire surveillance apparatus expire"... just section 215..... which the USA Freedom to Spy Act put most of it back in place! Only now it doesn't expire, by default it goes on forever now. Sound like leaps and bounds forward to you now? It's totally leaps and bounds backwards from letting it alone and stay expired.

The reason why people who support the constitution spin it as a win, is because nobody expected 215 to expire the day before... if it didn't expire, it would have been an improvement, if only a tiny little bit. The danger is going "alright, we won, we're done" and leaving it at that, which I'm sure almost all congresspeople who voted it in are trying to do....

@Bob S

Not "spent" so much as we're settling in for the long haul now... The initial shock of it is spent, sure, but now it's a long term decades-into-the-future resistance settling in, in ways that we don't even know how yet but we're figuring it out....

@ d33t

Yeah, but that doesn't mean we can't mock HIM over and over every chance we get for being a treasonous criminal! "ha, look, there goes one of those criminals that think they are 'too big to fail' so they even flaunt it" As someone once said, smart criminals wear suits and ties and work in large office buildings... But the smartest criminals also don't flaunt their criminality like Hayden, so he's not as smart as he thinks he is!

d33tJune 23, 2015 5:38 PM

@rgaff

Hayden is an easy target for sure, as well as hilarious, and I will admit, that after poking fun at him for only a few seconds, I feel mildly better.

SasparillaJune 23, 2015 9:16 PM

@rgaff

I feel much the same as you. One thing though:

"Only now it doesn't expire, by default it goes on forever now…."

Take a little bit of comfort here - the updated section 215 only goes until 2020 and then expires again, thank god. We weren't able to kill it now (but it was within the realm of possibility for the 1st time). The pendulum has changed direction - we'll get things changed in the future. Other sections supporting devious misdeeds by the NSA etc. expire on different timelines…if memory serves there is another important section sunsetting in 2017 or so (perhaps we can get that section to just die at that point).

I think this is a marathon to fix all this and probably one measured in 5 year increments… If Hayden thinks this is over with after two years…(to use his own words) Cool! Things change slowly in politics, but they're changing on this, we can all see it (that Supreme Court ruling on the privacy of smartphones was a perfect example) - and a huge number of the citizenry (across party lines) dislike the idea of their government spying on them - its why the Clipper chip went down in flames and its why this will all get rolled back as time goes on. We just have to keep pushing and we'll get there. JMHO...

65535June 23, 2015 9:57 PM

@ rgaff

“except that we had just taken 50 steps forward the day before by letting the whole damn thing expire, and so from that vantage point that law actually didn't take 1 step forward, but 49 back!!!”

I agree.

If the 215 expired and no other legislation was put in its place we would be in a much better position [which I think was the original intent of the 215 expiration]. Note that it took a couple of votes to get the "USA Freedom Act passed."

The so call “USA Freedom Act” has a number loop holes which by-pass the court order system in “emergency” conditions. Plus, it gives the telecom companies immunity. It may be more extensive than the original 215 act and end-runs the Second Circuit's opinion that the 215 was totally illegal.

Further, the EFF withdrew it endorsement for the so called “USA Freedom Act” because it was gutted by the intelligence community and its lackeys.

“[The] EFF is withdrawing our support of the bill. We’re urging Congress to roll the draft back to the stronger and meaningful reforms included in the 2013 version of USA Freedom and affirmatively embrace the Second Circuit’s opinion on the limits of Section 215.”

https://www.eff.org/deeplinks/2015/05/aclu-v-clapper-and-congress-how-second-circuits-decision-affects-legislative

Yes, we much more work we have to do.

CadidiotsJune 23, 2015 11:04 PM

Hayden can gloat because he's trapped in the beltway bubble. That limits him to navel-gazing at government red tape: 'Ossified stasis, Oh boy!' Like all beltway drones, all he sees outside the border is targets. Anything that bears on US international standing is refracted through layers of dogma and indoctrination. So he couldn't care less about the drip-drip-drip of international outrage and disgrace, most recently,

https://wikileaks.org/nsa-france/intercepts/#intercept3

http://www.theguardian.com/world/2015/jun/23/francois-hollande-emergency-meeting-wikileaks-us-spied-three-presidents-france

People forget how France tore the USA a new one in the runup to Iraq. They led the condemnation of US threats to peace that put the Rome Statute in force. The gears have been grinding ever since and now the crime of aggression is defined in law and the US is officially implicated in crimes against humanity. Russia picked up the baton in re Syria, speaking softly and carrying a big Iskander. Then for the first time China marched on Красная площадь. If France piles on, censure of ICCPR-illegal surveillance could turn into censure of illegal US warfare: espionage and sabotage, activités préjudiciable à la sécurité de l'Etat. ROTC All-Star Hayden will never know what hit him.

milkshakenJune 24, 2015 12:15 AM

Hayden is smug - and not too brilliant. He enjoys the spotlight and given half a chance he says in cleartext the things which do not help to advance the national security agenda (funding, authorities, political cover).

NotYouAgainJune 24, 2015 3:39 AM

@ rgaff

Thanks for clarifying, I agree. Especially with this part:

The danger is going "alright, we won, we're done" and leaving it at that, which I'm sure almost all congress people who voted it in are trying to do....

CallMeLateForSupperJune 24, 2015 8:36 AM

Hayden also *missed* an opportunity to crow and mock: NSA is authorized to keep on slurping phone metadata - modus unchanged - through the end of this year, supposedly because NSA and telcos need six months to work out how the the former will tender requests for data to the latter, and how the latter will tender requested data to the former.

But shouldn't the required mechanisms already be in place? I mean, prior to 1 June, telcos maintained their business records and NSA requested those records. The new procedure will entail telcos maintaining their business records and NSA requesting those records. Justification for the six-month extension of business as usual excapes me.

("...what you're going to be required to do is that little 215 program about American telephony metadata..." As though he was not aware that he was already doing "that little 215 program". C'mon, Mikey; you can communicate better than that.)

Compartment 2June 24, 2015 9:14 AM

@milkshaken, Hayden shares Gerald Ford's critical success factor: football-related brain damage. He's the perfect dummy to prop up in front while you're shredding the rules at NSA and covering up CIA torture. You can pose him in action poses like a GI Joe doll. His 42¢ linear-tape voicebox can emit various preprogrammed action phrases like "Storm the Hill, Men!" "Our surveillance complies with FISA!" "The committees were fully briefed!" "Interrogators are carefully chosen and screened!" "We never starve them into talking!"

JackJune 24, 2015 2:31 PM

There's a new report that has been released by Canterbury University about the security of WhatsApp on Android, iOS and Windows Phone 8.1

On both Android and iOS the encrypted data was "extracted with ease" whereas on Windows Phone 8.1 very little was revealed (and no message data).

University of Canterbury WhatsApp report

Nick PJune 24, 2015 5:54 PM

Seems that few commenters get the situation with Hayden. He's actually a smart guy and solid manager that turned an incompetent defense-related organization a full 180. That's hard to do in any organization, esp government or military. Their SIGINT capabilities grew quite a lot. His successor is possibly smarter given his engineering background and the results in the Snowden leaks. The two of them have heavy conflicts of interest on the pro-DOD side. So, they intentionally mislead or even act dumb about both the legal and technological risks. Hayden is both more active at this and easier to spot. Yet, even I rarely mock them given that they handed almost the whole Internet and security community's asses to them.

Note: Rogers, on the other hand... mock at will.

Brings me to the other issue. That comment he made was on purpose. It's a habit that many of the elites along the lines of Rockefeller developed. They know they're dominating the battle so well and against such submissive/clueless people that they straight up insult those people by talking more directly. They do it because they can: all the abuses didn't lead to shit in legal response despite massive publicity. So, Hayden straight up tells the Wall Street Jr how little the response matters. And so we saw Americans rush Congress to force concessions on all the other programs, right?

Nope. Hardly a blip on their radar. Just as one expects in a thoroughly subverted and apathetic democracy. He's just rubbing our sides nose in it knowing he'll get hateful comments on the Internet while his side continues winning in practice, including getting those comments before the web sites themselves. ;)

Special OlympiansJune 24, 2015 9:58 PM

@Nick P., the whimsical assertion that Hayden is smart does not fly without substantiation. Do you mean to adduce personal experience? Hearsay? Comprehensive study of OER documentation? As you know, in the military's servile kiss-up culture, rank can make any waterhead seem capable, while you're in the room. And failing your way to success is after all the pentagon's core competence.

If by turning an incompetent defense-related organization a "full 180" you mean shitcanning the law, then we can all agree. Every dumbshit felon is sure he can get away with it. At home in his failing pariah state where rule of law is shot, Hayden probably can do. In the outside world it may be easy to do it but it's not so easy to get away with it. In the civilized world there are world-standard laws, and if those are escaped, for the nonce, well then there are always countermeasures. Slow but fine etc., etc., etc. Not even always that slow - nice adverse-information database ya got there, be a shame if somebody honeytrapped all your pentagon pedos or something. Of course it's not Hayden that will pay, it's the USG. That's fine too. They're all assholes who richly deserve collective punishment.

Nick PJune 24, 2015 10:42 PM

@ Special Olympians

By 180, I mean the NSA was totally failing as an organization. He noted all its problems and then did enough about them that they're... not quite failing (see Snowden). There has to be hundreds to thousands of ticket-punchers that get nothing done for every one Hayden or Alexander. I know enough of these organizations to give them due credit on that. You can only beat an enemy once you're fully aware of what they're capable of. That so many laugh at the winning side is just stupid to me. It's not a laughing matter: their schemes are working. People wanting to beat them need to assess their strengths in every area, assess weakness, come up with a plan, and then double down acting on it.

Far as the law, it's the military intelligence complex so those parts of your posts are just funny. He'll get what's coming to him? Like Obama? Like Bush Jr? Like Bush Sr? Like Johnson? Like anyone else? No, they didn't. Pretty much none of them. Anonymous people hoping for justice never achieved anything. They're all mocking you equally I guarantee that. There's smart people fighting them legally. They recently achieved whats in the video Bruce linked to. Hayden's definitely laughing at them, you and everyone else.

Fortunately, certain public, private, and international groups have been trying other routes than legal battle with quite a bit of success. Each little gain can be combined into strategies that might achieve something against them. For now, though, they are mostly laughing with very few causing them headaches.

Clive RobinsonJune 25, 2015 3:13 AM

@ Nick P,

Far as the law, it's the military intelligence complex so those parts of your posts are just funny. He'll get what's coming to him? Like Obama? Like Bush Jr? Like Bush Sr? Like Johnson? Like anyone else? No, they didn't. Pretty much none of them. Anonymous people hoping for justice never achieved anything. They're all mocking you equally I guarantee that.

It's pointless trying to attack people with a system they own and control, all you will ever get that way are the "sick and feeble", who nine times out of ten "have been thrown to the wolves" in order to protect those who are seen by the herd as stronger.

Which brings us to your point of,

Fortunately, certain public, private, and international groups have been trying other routes than legal battle with quite a bit of success.

There are various ways but they "must not be illegal", which means they "don't have to be legal" just not legislated against. Contrary to what many believe there is a big grey area in which to play, and in this area what matters is controling public opinion. If you have sufficient public backing then minor rule bending is acceptable it acts as a counter point to a stupid rule and thus reflects that stupidity onto the rule makers. Rosa Parks inadvertantly made that clear one weary day, likewise Ghandi made it clear that using violence or other criminal activity was "playing into the oppressors hands and alienating the otherwise would be supporters". Further any organisation needs to be open to all this is why CND and GreenPeace made slow but steady progress.

And as I've said before the greatest threat to any oppressor is loss of credibility, their entire power is based on a con that what they say must be respected and feared, it's why tyranny is violent, it's why slavery requires slave masters be whip in hand. If people laugh at a leader, those that enforce their writ likewise loose credability, and with the laughter at them comes the shame that they are impotent by association, thus they will desert the leader, who then becomes powerless.

One of the reasons the FBI went overboard on Anonymous was that they were mocking authority and gaining popularity, and making the "G-men look like aging over weight pink tutu wearing fairies, incapable of prancing let alone dancing". It could not be alowed to continue as appropriations were on the line the empire would crumble etc etc.

Thus the fast approach against oppressors brings fast suppression, thus the build up has to be slow and steady, such that they don't realise the nose is around their neck untill they start to feel a little breathless, by which ime their options are very limited.

The other major failing of humans and tyranny is that they throw of one yoke of oppression to almost immediately crave it's comforts of "certainty". Revolutionary zeal will cause heads to roll, but what happens the day after? More head rolling or peace? To prevent head rolling, there has to be a viable alternative in place, if done properly even the tyrant will walk away to a modest retirment provided they have the option, otherwise they will stay and fight and heads will roll, grievances will form and vengence will back and forth long after the original grievance is forgotten.

History has taught us these things, and as has been noted many times "Those who fail to learn from history are condemed to re-live it".

Special OlympiansJune 25, 2015 9:43 AM

Hayden's ridicule is adaptive propaganda. He dimly perceives that the old breathless Zero-dark thirty nonsense don't work so good with NGOs and sovereign states making fools of you on a weekly basis. So he clumsily affects a smartass approach. Once saw a kid with a 90 IQ mocking a kid with an 85 IQ. The 90 IQ kid went Neh Neh Neh. The nonverbal 85 IQ kid went Huh Huh Huh. I'd call it for the latter because he clearly felt fully vindicated. So what?

Same with sponge-brain Pitt mastermind Hayden. He pulled down his pants and took a dump on the field, humped the center in the snap, jizzed on the ball and threw it into the stands, ran in circles, barped all the cheerleaders' tits and here he does his pride dance in the showers as Jerry Sandusky hugs him in triumph. He's a perfect synecdoche of the US government.

AlanSJune 25, 2015 9:36 PM

@NickP

"Yet, even I rarely mock them given that they handed almost the whole Internet and security community's asses to them."

True they are no doubt smart and good at what they do but that's not the same as wise. So it's a team with excellent offense, that spent a lot of time violating the civil liberties of their own citizens and then thumbed their noses at everyone knowing the public were too apathetic to muster up a response, while spending zero effort on defense and allowing real adversaries to rob them blind. And they'll tell you they did all they did for freedom and democracy. Hayden and Alexander and their colleagues in the military industrial surveillance complex deserve to be mocked unremittingly.

Nick PJune 25, 2015 9:53 PM

@ AlanS

The one's deserving to be mocked are the people that tolerated that and still do even when they learn they're being robbed/deceived/sold-out. Hayden and his pals are actively mocking them. Those people getting defeated and robbed repeatedly need to do something in response more effective than mocking. Something that changes their situation. I'll be more amused if they do that while *also* mocking their newly desperate opponents.

Note: A tiny few are amusing. ;)

AlanSJune 26, 2015 7:52 AM

@NickP

Hayden is also interesting on the OPM hack: Michael Hayden: "Those Records are a Legitimate Foreign Intelligence Target"

"This is shame on us for not protecting that kind of information." The episode is "a tremendously big deal, and my deepest emotion is embarrassment."

Wittes, who usually bends over backwards to defend the security state, actually asks some interesting questions about the OPM hack in a more recent post on Lawfare: Whose Fault is the OPM Hack Really? A lot of TLAs asleep in the wheelhouse.

Offense with no defense. What did they think was going to happen? Ah, well, I'm sure the ever-competent USG will soon deliver more "cool reforms" to 'fix' the problem.

Nick PJune 26, 2015 3:28 PM

@ AlanS

Thanks for the link. That is the most honest and true thing he's ever said. Second would be his claim that whatever box they put his operation in he'll go right to the edges. Second because I'm sure he draws a slightly larger box around theirs and goes to *its* edges. ;)

Lawfare article had fair points. First, top nation-states can only *sometimes* be stopped with black program security with best personnel, physical, and information security. OPM... is on a bit lower level of the game and will get smashed in myriad ways. Second, those with the mandate or skill to do something didn't seem to even try. Third, OPM would have to run their own software on their own systems through a highly assured guard to even *begin* to have protection or user accountability. Even keeping legacy, that would require a huge investment with specialist security engineering that I doubt they were given. Fourth, which *might* apply to OPM, there's government policies on COTS acquisitions that might prevent their use of secure GOTS tech or push them in a preferred (insecure) contractor's direction.

So, OPM was set up to fail against a High Strength Attacker from the beginning. If we judge them, it should be on the baseline and effort made. Then figure out who to push for a better situation. So, I agree with Wittes here.

Also a nice quote there that describes the NSA's *actual* INFOSEC job I keep telling people about:

"NSA's Information Assurance Directorate (IAD) protects and defends National Security Information and Information Systems, in accordance with National Security Directive 42. National Security Systems are defined as systems that handle classified information or information otherwise critical to military or intelligence activities."

Even if they develop strong INFOSEC, they only have to deliver it to the organizations processing classified information or certain defense contractors. That's why we should look to reputable people in industry, academia, and other funding organizations (i.e. DARPA, NSF) for solutions.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.