FLE

NSA Builds Security Access Into Windows A careless mistake by Microsoft programmers has shown that special access codes for use by the U.S. National Security Agency (NSA) have been secretly built into all versions of the Windows operating system. Computer-security specialists have been aware for two years that unusual features are contained inside a standard Windows driver used for security and encryption functions. The driver, called ADVAPI.DLL, enables and controls a range of security functions including the Microsoft Cryptographic API (MS-CAPI). In particular, it authenticates modules signed by Microsoft, letting them run without user intervention. At last year's Crypto 98 conference, British cryptography specialist Nicko van Someren said he had disassembled the driver and found it contained two different keys. One was used by Microsoft to control the cryptographic functions enabled in Windows, in compliance with U.S. export regulations. But the reason for building in a second key, or who owned it, remained a mystery. Now, a North Carolina security company has come up with conclusive evidence the second key belongs to the NSA. Like van Someren, Andrew Fernandes, chief scientist with Cryptonym of Morrisville, North Carolina, had been probing the presence and significance of the two keys. Then he checked the latest Service Pack release for Windows NT4, Service Pack 5. He found Microsoft's developers had failed to remove or "strip" the debugging symbols used to test this software before they released it. Inside the code were the labels for the two keys. One was called "KEY." The other was called "NSAKEY." Fernandes reported his re-discovery of the two CAPI keys, and their secret meaning, to the "Advances in Cryptology, Crypto'99" conference held in Santa Barbara. According to those present at the conference, Windows developers attending the conference did not deny the "NSA" key was built into their software. But they refused to talk about what the key did, or why it had been put there without users' knowledge. According to Fernandes of Cryptonym, the result of having the secret key inside your Windows operating system "is that it is tremendously easier for the NSA to load unauthorized security services on all copies of Microsoft Windows, and once these security services are loaded, they can effectively compromise your entire operating system". The NSA key is contained inside all versions of Windows from Windows 95 OSR2 onward....This article is from 1999, but of interest due to recent headlines....
Gagged librarians break silence on Patriot Act The Librarians, members of Library Connection, a not-for profit cooperative organization for resource sharing across 26 Connecticut library branches sharing a centralized computer, were served with a National Security Letter (NSL) in August of last year as part of the FBI's attempt to attain access to patron's records. The NSL is a little known statute in the Patriot Act that permits law enforcement to obtain records of people not suspected of any wrongdoing and without a court order. As part of the NSL, those served with the document are gagged and prohibited from disclosing that they have even been served. The foursome of Barbara Bailey, Peter Chase, George Christian, and Jan Nocek were automatically gagged from disclosing that they had received the letter, the contents of the letter, and even from discussions surrounding the Patriot Act. The librarians, via the national and Connecticut branches of the ACLU, filed suit challenging the Patriot Act on first amendment grounds. On September 9 of last year, a federal judge lifted the gag order and rejected the government's argument that identifying the plaintiff would pose a threat to national security. Yet the government continued to appeal the case throughout the reauthorization debate, passionately arguing that not a single incident of civil liberties violations by the Patriot Act had occurred. By continuing the appeal, the government effectively silenced any evidence to counter their claims. "This all happened during the reauthorization debate and the government was saying no one's rights were being violated," said George Christian, staff liaison for Library Connection and one of the plaintiffs in the case. As the debate over the reauthorization of the Patriot Act heated up, the librarians and others gagged by the NSL had to watch in silence, intimately aware of dangers they believed were not being exposed. "We could not speak to Congress until after the renewal of the Patriot Act," Said Barbara Bailey, President of Library Connection and one of four plaintiffs in the case....
Invoking Secrets Privilege Becomes a More Popular Legal Tactic by U.S. Facing a wave of litigation challenging its eavesdropping at home and its handling of terror suspects abroad, the Bush administration is increasingly turning to a legal tactic that swiftly torpedoes most lawsuits: the state secrets privilege. In recent weeks alone, officials have used the privilege to win the dismissal of a lawsuit filed by a German man who was abducted and held in Afghanistan for five months and to ask the courts to throw out three legal challenges to the National Security Agency's domestic surveillance program. But civil liberties groups and some scholars say the privilege claim, in which the government says any discussion of a lawsuit's accusations would endanger national security, has short-circuited judicial scrutiny and public debate of some central controversies of the post-9/11 era. The privilege has been asserted by the Justice Department more frequently under President Bush than under any of his predecessors — in 19 cases, the same number as during the entire eight-year presidency of Ronald Reagan, the previous record holder, according to a count by William G. Weaver, a political scientist at the University of Texas at El Paso. While the privilege, defined by a 1953 Supreme Court ruling, was once used to shield sensitive documents or witnesses from disclosure, it is now often used to try to snuff out lawsuits at their inception, Mr. Weaver and other legal specialists say. "This is a very powerful weapon for the executive branch," said Mr. Weaver, who has a law degree and is a co-author of one of the few scholarly articles examining the privilege. "Once it's asserted, in almost every instance it stops the case cold." Robert M. Chesney, a law professor at Wake Forest University who is studying the recent use of the privilege, said the administration's legal strategy "raises profound legal and policy questions that will be the subject of intense debate for the foreseeable future."....
Big Brother Bush Is Watching, Listening and Buying Info About You So the government spies on innocent Americans, claims it is legal (I guess we're just supposed to take their word for it and trust Uncle George, privacy laws and the Constitution notwithstanding), threatens the press not to report just what it is doing, and blocks any external investigation of its activities. Does this sound like the work of a government in a free society? From a purely practical standpoint, all this collection of personal data (almost all of which is collected on innocent citizens) would not appear to be an effective means of preserving "national security." One of the strongest indictments of the government's intelligence efforts during the run up to the 9/11 attacks was that it was unable to process information that might have tipped off agents to an imminent attack or even led to the capture of some of the would-be hijackers. If the government could not effectively process the information it collected then, how in the world is it supposed to process an immensely greater pool of data? The answer is that collecting information on citizens is not so much a matter of preventing future terrorist attacks as it is about power and control. Just as "power tends to corrupt; absolute power corrupts absolutely," such an expansive database is inherently prone to abuse and, as we have just witnessed with the theft of 26.5 million veterans' personal data, negligence. The truly sad thing is that Americans do not really seem to care that their privacy and liberties are being rapidly eroded. Nearly two-thirds of those polled did not have a problem with the NSA's domestic surveillance program. Perhaps they should ask themselves: Would it be okay for government agents to follow you around all day, taking notes on who you talk to, who you do business with, what you buy, who you socialize with, what you do for fun, what you read? Would it be alright if the government mandated that every American have a microchip with a GPS device implanted under his or her skin so citizens' movements may be tracked at all times? After all, the difference between these scenarios and present government surveillance of citizens is just a matter of degree. Once upon a time, it seemed virtually all encroachments of our wealth and our liberties were done in the name of "the children." Now the state's transgressions are done in the name of "the terrorists." Perhaps 9/11 did change everything after all! Of course, nothing has really changed, only the rhetoric....
U.S. to keep getting data on Europeans U.S. authorities will be able to keep trawling through personal data on passengers flying from Europe, even though the European Union's highest court found problems Tuesday with the accord that made airlines share the information. The court ruling requires EU and U.S. officials to change the legal foundation of the deal before the end of September, but it has no immediate effect on a program that lets U.S. officials see dozens of pieces of information about each passenger - including name, address and credit card details. The judges' ruling did not address whether the 2004 data agreement violated privacy laws, a complaint that spurred strong opposition from many European lawmakers and citizens' rights groups. EU, U.S. and airline officials said they were all but certain the deal could be reworked by the court-imposed Sept. 30 deadline. "I am confident that we will find a solution that will keep the data flowing and the planes flying," said Stewart Baker, an assistant secretary of state at the U.S. Department of Homeland Security. The agreement gives U.S. authorities the right to 34 pieces of information about each passenger, data sent 15 minutes before departure for the United States. In its ruling on a complaint filed by the European Parliament, the European Court of Justice considered only the legal basis of the pact, and concluded the agreement was illegally adopted....
My husband is on the government's terrorist watch list My husband is not a terrorist. He's not an ex-convict, a felon or on the lam, and if you don't count the occasional Post-it notes or paper clips that come home with him from the office, he's not even a petty thief. But so far, he's had trouble convincing the government of this. Every time he flies, regardless of the airline, he gets flagged when he checks in because he's on our government's terrorist watch list. As it was explained to us the first time it happened, something about his name, Michael Patrick O'Brien, creates the need for an airline manager to clear him. This involves the manager taking a look at my husband and his driver's license and disappearing into the bowels of the airport. We assume this is where the manager accesses a secret computer that somehow confirms my husband is actually just a boringly normal person harboring no nefarious plans. He's tried in vain to fix the problem. As instructed by a voice at the other end of an 800 number provided to him by an airline agent, he downloaded and filled out a government-issued form and attached three notarized forms of identification: his passport, license and voter registration card. Although he was irritated that he had to prove his non-terrorist status instead of the government being required to fix its mistake, he faithfully mailed his application for innocence and waited for notice of freedom to arrive. Surprisingly, a response came within a couple of weeks. The Transportation Security Administration sent him a letter that could only have been written by a government lawyer. A sentence reads, "Where it has been determined that a correction to records is warranted, these records have been modified to address any delay or denial of boarding that you may have experienced as a result of the watch list screening process." My husband read the sentence eight times and arrived at the following conclusion: Thanks to the "is warranted" part of that sentence, the problem wasn't necessarily fixed. He was right....
Gonzales Said He Would Quit in Raid Dispute Attorney General Alberto R. Gonzales, the F.B.I. director, Robert S. Mueller III, and senior officials and career prosecutors at the Justice Department told associates this week that they were prepared to quit if the White House directed them to relinquish evidence seized in a bitterly disputed search of a House member's office, government officials said Friday. Mr. Gonzales was joined in raising the possibility of resignation by the deputy attorney general, Paul J. McNulty, the officials said. Mr. Gonzales and Mr. McNulty told associates that they had an obligation to protect evidence in a criminal case and would be unwilling to carry out any White House order to return the material to Congress. The evidence was seized by Federal Bureau of Investigation agents last Saturday night in a search of the office of Representative William J. Jefferson, Democrat of Louisiana. The search set off an uproar of protest by House leaders in both parties, who said the intrusion by an executive branch agency into a Congressional office violated the Constitution's separation of powers doctrine. They demanded that the Justice Department return the evidence....
Hastert slammed for raid reaction Conservatives yesterday expressed confusion and outrage over House Speaker J. Dennis Hastert's defense of a Democratic congressman whose Capitol Hill office was raided last weekend by the FBI. "Only thing I can figure is that Denny got up one morning and said, 'Our approval with the public is at 27 percent -- how can I drive that down further?' " said former Rep. Bob Barr, Georgia Republican. House Republicans, meanwhile, refused to criticize their leader, who joined Minority Leader Nancy Pelosi in accusing the Justice Department of violating "protocols and procedures" because of the FBI's Saturday night seizure of records from the offices Rep. William J. Jefferson, Louisiana Democrat. Radio host Rush Limbaugh yesterday told his millions of listeners that the Hastert-Pelosi alliance shows the GOP has become "politically tone-deaf," while a Louisiana senator was the only elected Republican in Washington to criticize the defense of congressional privilege by Mr. Hastert, Illinois Republican. "For congressional leaders to react by trying to ban or limit searches of congressional offices will only destroy what little faith and confidence in the institution is left," said Sen. David Vitter, Louisiana Republican. "Make no mistake, the American people will come to one conclusion, that congressional leaders are trying to protect their own from valid investigation." Veteran conservative activist Richard Viguerie said Mr. Hastert "is clueless -- he just doesn't get it, doesn't understand he has to make changes, the same in the Senate."....
To Ease Standoff, Bush Seals Seized Files President Bush intervened directly Thursday in an increasingly tense constitutional fight between Congress and the Justice Department by ordering that records seized from a Congressional office over the weekend be sealed for 45 days. "Our government has not faced such a dilemma in more than two centuries," Mr. Bush said in his first statement on the swirl of events surrounding the Federal Bureau of Investigation's search of the office of Representative William J. Jefferson, Democrat of Louisiana, who has been accused of accepting bribes. "Yet after days of discussions, it is clear these differences will require more time to be worked out." The president said that the material in question would be turned over for 45 days to the solicitor general, the Justice Department official who represents the government before the Supreme Court. That step would allow the Justice Department to say that it had not given up material regarded by prosecutors as lawfully obtained evidence needed for a criminal case. The presidential intervention came as Speaker J. Dennis Hastert, normally the administration's champion on Capitol Hill, suggested that the Justice Department had tried to intimidate him through a news leak because of his challenge of the agency's authority to conduct the search. In one interview, the normally reticent speaker, an Illinois Republican, portrayed a report broadcast by ABC News on Wednesday evening as calculated retaliation and said that he had demanded a retraction. The Justice Department issued firm denials of the ABC report, which was attributed to anonymous federal sources and said Mr. Hastert was part of the inquiry into the activities of the convicted lobbyist Jack Abramoff....
House Plans to Call Gonzales to Justify Search of Office The House intends to summon Attorney General Alberto R. Gonzales and the director of the Federal Bureau of Investigation, Robert S. Mueller III, before the Judiciary Committee to justify its search of a Congressional office, the panel chairman said Tuesday. The chairman, Representative F. James Sensenbrenner Jr., Republican of Wisconsin, called the search "profoundly disturbing." Mr. Sensenbrenner also said he planned a legislative response to the search on May 20 of the office of Representative William J. Jefferson, Democrat of Louisiana. The bill would be patterned on a law limiting searches of news media offices. "I think this law will help the Justice Department get it right next time because they didn't get it right this time," Mr. Sensenbrenner said as his committee heard from legal experts and a former lawmaker. All four witnesses, appearing Tuesday at an unusual hearing held in a Congressional recess, described the search as a damaging breach of the constitutional separation of powers. They said it warranted an aggressive reaction from Congress, including subpoenaing material from Mr. Gonzales if necessary. "This latest use of a search warrant by the executive branch to rummage through the files of a member's office is simply an additional instrument of the Bush administration to cow Congress," Bruce Fein, a constitutional lawyer, said at the hearing. The comments by Mr. Sensenbrenner and other panel members indicate that leading House members are not pulling back from confronting the Justice Department. They came despite President Bush's decision to seal materials seized from Mr. Jefferson's office for 45 days so the two sides can work out their differences and despite criticism from some quarters that lawmakers are impeding a criminal case....
States Setting Up Homeland Security Panel Seeking a bigger say in homeland security decisions, the nation's governors are creating a new, 50-state panel to give the states a single voice on national plans to prepare for threats from terrorists and natural disasters. The Homeland Security Advisors Council will aim to resolve problems between the federal and state governments that predate the 2002 creation of the U.S. Department of Homeland Security, from intelligence to funding to sharing National Guard resources. "If we speak with one unified voice, it'll help," said Michael Campion, Minnesota's public safety commissioner and the top aide to Gov. Tim Pawlenty on homeland security. "Absent that, we're not going to do anything. We're a voice in the wilderness." The council will work through the National Governors Association, with each governor appointing a top security official, the governors' group expected to announce Thursday. The council plans to meet at least twice a year to share best practices and improve interstate communications. The formation of the council comes a month after a survey of state homeland security directors found widespread dissatisfaction with the way the federal government works with states....
Border Patrol Draws Scrutiny as Its Role Grows With a proposed major expansion, the Border Patrol may soon overtake the F.B.I. as the largest federal law enforcement agency. But the stepped-up mission comes as the Border Patrol wrestles with recruitment and training difficulties, and several agents face accusations of misconduct. In response to concerns, the inspector general's office of the Homeland Security Department, which oversees the Border Patrol, said it would audit the agency's recruitment, hiring and training practices to determine if it can handle the rapid expansion. A spokeswoman, Tamara Faulkner, said the review could begin this month. David V. Aguilar, the chief of the Border Patrol, told Congress last week that the extraordinary growth was vital to national security, particularly as the authorities seek to clamp down on illegal crossings along the Mexican border. The agency has swelled to more than 11,000 agents from 4,000 15 years ago, with 6,000 more proposed by President Bush by 2008 as a cornerstone of his immigration overhaul. "The nexus between our post-Sept. 11 mission and our traditional role is clear," Chief Aguilar said. "Terrorists and violent criminals may exploit smuggling routes used by migrants to enter the United States illegally and do us harm." But as the Border Patrol seeks more agents, its training academy in Artesia, N.M., needs expansion, and some watchdog groups question its ability to prepare so many new agents in so little time. As a temporary measure, thousands of National Guard troops will soon be dispatched here in Arizona and elsewhere along the 2,000-mile border to assist with logistics and support work....
U.S. Will Help New York City Pursue Cases Against Gun Dealers Casework supporting the city's federal lawsuit against 15 gun dealers in five states will be funneled to federal law enforcement agents around the country for possible criminal investigations and prosecutions, officials said yesterday. The New York office of the federal Bureau of Alcohol, Tobacco, Firearms and Explosives will collect and evaluate the evidence on illegal purchases of guns that has been gathered by the Bloomberg administration and send it to offices with jurisdiction over those dealers, officials said. In all, five federal judicial districts could wind up pursuing criminal cases, since the city conducted its two-month sting in Georgia, Ohio, Pennsylvania, South Carolina and Virginia. The city used federal trace data to pinpoint shops that sold guns used in city crimes and then videotaped undercover operatives making what are known as straw purchases, in which a person buys a gun meant for someone else. The city's stepping into an arena traditionally dominated by federal law enforcement sent ripples through criminal justice circles, but hewed closely to Mayor Michael R. Bloomberg's pledge to reduce gun trafficking and focus national attention on the issue. He has invited other mayors to Gracie Mansion and lobbied Congress against federal restrictions on trace data. The mayor has also directly criticized the A.T.F., saying that the agency has been "asleep at the switch" in policing gun sales. The new arrangement with the A.T.F. was struck after William G. McMahon, the special agent in charge of the agency's New York field division, met Tuesday with John Feinblatt, the city's criminal justice coordinator. "An agreement was reached where the city would work closely with A.T.F.," Mr. McMahon said, "and provide us with the information gathered."....
'Deadly force' defense gains support A campaign by gun rights advocates to make it easier to use deadly force in self-defense is rapidly winning support across the country, as state after state makes it legal for people who think their lives are in danger to shoot down an attacker, whether in a carjacking or on the street. The law has spurred debate about whether allowing deadly force protects against lawlessness or spurs more crime. Supporters say it is an unambiguous answer to random violence, while critics -- including police chiefs and prosecutors -- warn that criminals are more likely to benefit than innocent victims. Ten states this year have passed versions of the law. Florida last year became the first state to do so. Supporters have dubbed the measures "stand your ground" laws, while critics have offered nicknames such as "shoot first," "shoot the Avon lady" or "right to commit murder" laws. The laws broaden self-defense by removing the requirement in most states that a person who is attacked has a "duty to retreat" before turning to deadly force. Many of the laws specify that people can use deadly force if they think they are in danger in any place they have a legal right to be -- a parking lot, a street, a bar, a church. They also give immunity from criminal charges and civil liability. The campaign is simply about self-defense, said Oklahoma state Rep. Kevin Calvey, a Republican and author of the law in his state. "Law-abiding citizens aren't going to take it anymore," he said....