Week of October 25th, 2013

A Weekly Report of U.S. Think Tank Community Activities


The budget crisis is over and Washington and its think tanks are able to look at other issues outside the Washington Beltway. One such issue is the continuing hemorrhage of secrets concerning the breath of the NSA spying program. It appears that it has especially targeted several American allies – a fact that has seriously damaged relations with some of America’s oldest allies like France.

The Monitor Analysis looks at the NSA’s spying program and how it has grown with the growth of computer technology, which allows it to store more data and analyze it. We also show how mathematical algorithms are the heart of the NSA’s spying technology. We also look at ways to protect ones privacy by avoiding the attention of the NSA computers.


Executive Summary

The budget crisis is over and Washington and its think tanks are able to look at other issues outside the Washington Beltway. One such issue is the continuing hemorrhage of secrets concerning the breath of the NSA spying program. It appears that it has especially targeted several American allies – a fact that has seriously damaged relations with some of America’s oldest allies like France.

The Monitor Analysis looks at the NSA’s spying program and how it has grown with the growth of computer technology, which allows it to store more data and analyze it. We also show how mathematical algorithms are the heart of the NSA’s spying technology. We also look at ways to protect ones privacy by avoiding the attention of the NSA computers.

Think Tanks Activity Summary

The Saudi rejection of a seat on the Security Council elicited analysis from several Washington Think Tanks. The Washington Institute recommends some damage control. They recommend, “the United States finds itself without an ambassador in Riyadh at this potentially crucial juncture. Ambassador James Smith, a political appointee, has just returned home after his four-year term, and a new envoy is yet to be named. Although previous bilateral dissonance has been repaired relatively easily, the latest incidents are unusually petulant and public, so Washington should dispatch a team of high-level officials to the kingdom for a full discussion. Indeed, given the range of issues that a Saudi policy shift could affect, it is important that Washington act promptly to ameliorate or dispel some of Riyadh’s recent threats. One place to start is the UN, where protocol was thrown into confusion by the Security Council seat rejection. The two-year term for that seat does not start until January 1, so there is time for the Saudis to reconsider.”.

The growing rift with American Gulf allies like Saudi Arabia is highlighted in this CSIS piece that reminds US negotiators that other countries have concerns about Iran’s capabilities and intentions. They conclude by saying, “we need to treat our security partners in the Gulf and the rest of the Middle East as real partners. To fully explain our negotiations with Iran, to make it clear there will be no deal at their expense, and that we will not focus on the nuclear issue alone. In practice, we also need to make it clear that U.S. forces and security guarantees will continue regardless of any new U.S. agreement with Iran, and that we fully recognize their fears and concerns. We need to show them we have some viable strategy for dealing with Syria, with Iraq, and Iran’s efforts to influence Shi’ites in the Gulf and Lebanon. We need to show them that we will aid Jordan and that we will seek to move Egypt towards stability and not simply punish it. More than that, we need to listen, to get their advice as well as inform them, and more towards solutions that can actual work on a regional level.

The Carnegie Endowment also looks at the Saudi foreign policy situation. They conclude, “If there is a real chasm opening between Saudi Arabia and the United States in light of regional developments, it may not be on the foreign policy front at all, but rather in disagreements over how the Gulf states are conducting their internal affairs in response to regional tumult. What is often overlooked is that Gulf rulers tend to conflate external ideological threats with internal political dissent. Put differently, Gulf reformists and dissidents are frequently seen to be the agents (or potential agents) of outside powers who are bent on destabilizing Gulf monarchies.”

The Carnegie Endowment looks at the Syrian conflict as seen from Moscow, Tehran, and Washington. They note, “Russia, along with the United States and Iran, has a crucial interest in making the chemical weapons deal work swiftly and neatly. If it does not, these actors will face a terrible accusation: that they used the movement on chemical weapons as a way to gloss over the continuation of the conventional war. Beyond chemical weapons, ending the Syrian nightmare clearly requires a few indispensable ingredients: maintaining strong Russian pressure on Assad; including Iran in the discussions about Syria’s future, under certain conditions; safeguarding the Syrian state, though without Assad in the final stage; marginalizing jihadist forces; and holding the Geneva II conference with all concerned stakeholders.”

The Heritage Foundation looks at the negotiations with Iran on their nuclear program. Although there has been a change in the tone from Iran, the Heritage Foundation warns, “Although Tehran has softened the tone of its nuclear diplomacy; it continues to reject a halt in its enrichment and reprocessing activities, which were called for by six U.N. Security Council resolutions. It seeks to gain relief from biting international sanctions by making tactical concessions that involve limited restrictions on enrichment that would allow it to retain the strategic option of later building a nuclear weapon. When the Geneva talks resume on November 7, the United States should insist that Iran take concrete and irreversible steps to comply with its nonproliferation obligations and minimize the risks of a nuclear breakout. The goal should be to reach a credible and verifiable agreement that would maintain the long-term barriers to Iranian nuclear proliferation, not merely to defuse the crisis temporarily by reducing the size of Iran’s stockpiles of enriched uranium.”

The Carnegie Endowment looks at the visit of Pakistan’s Prime Minister to Washington and the future of US/Pakistani relations. They conclude, “Both the U.S. and Pakistani sides clearly face strategic and political constraints on how much they can expect from Sharif’s visit. The two countries will need each other in the months to come—and the very fact that there will be a visit proves that both sides know that. But if there is a mismatch between what the interlocutors ask for and how much they believe the other side can give, the talks could well increase mutual resentment. The result may be a new cycle of tensions that could imperil not only Washington’s short-term goals in Afghanistan but also its broader strategic interests in South Asia.”

The Wilson Center also looks at the Pakistan PM visit. In order to help nourish democratic principles, they recommend, “The United States government can help reduce the dominance of the Pakistani military by strengthening key civilian institutions, particularly Parliament and the police. The American government should renew its main civilian assistance program to Pakistan, which is financed only through 2014.

Every year, before it can release security assistance, the United States government is required by law to certify that the Pakistani armed forces meet certain counterterrorism criteria. Last year, however, the Obama administration quietly issued a waiver — citing national security needs — that allowed the certification process to be bypassed. Such free passes are a bad idea.”

The Carnegie Endowment questions the advisability of the upcoming Afghan elections. They warn, “The result is likely to be another fraught exercise, the outcome of which will raise profound questions of legitimacy. Apart from the disengagement of international officials, the problem is that Afghanistan’s government “has no centre of gravity,” as one insightful analyst put it. “Authorities are ill-defined. There is no clear mechanism for arbitration,” no power that convincingly has the final say.”


How Far Does NSA’s Reach go?
What can be done to limit its reach?

“Gentlemen don’t read other gentlemen’s mail.” Henry L. Stimson, President Herbert Hoover’s Secretary of State who in 1929 shut down the U.S. State Department’s office responsible for breaking diplomatic codes.

Clearly things have changed in the last 85 years. Not only is the United States’s National Security Agency (NSA) reading diplomatic messages, they are reading everyone else’s mail too. The result has been a worldwide concern about individual privacy and an international incident about America’s widespread spying on friends and enemy alike.

This week, the French government castigated the United States on Monday for carrying out extensive electronic eavesdropping within France. The NSA gathered more than 70 million French phone records over a month period. Some conversations reportedly were recorded. The caused the French government to summon the U.S. ambassador for an explanation, even as Kerry was visiting Paris.

France wasn’t the only injured American ally. Germany and Mexico have also voiced serious concern about U.S. surveillance. A new report in the German magazine Der Spiegel said a division of the NSA once gained access to former Mexican President Felipe Calderon’s email account. Brazilian President Dilma Rousseff even cancelled a state visit to Washington following reports that the U.S. was tapping into Brazilian communications and networks.

Nor, were these communications caught in the massive NSA collection net. In many cases they are specific targets. Speigel reported that Mexico’s president was a special target of US intelligence. The National Security Agency (NSA) has a division for particularly difficult missions called “Tailored Access Operations.” This department devises special methods for special targets. In May 2010, the division reported in a top secret document that, “TAO successfully exploited a key mail server in the Mexican Presidencia domain within the Mexican Presidential network to gain first-ever access to President Felipe Calderon’s public email account.” Brazilian television network TV Globo revealed in September that the NSA monitored then-presidential candidate Enrique Peña Nieto and others around him in the summer of 2012.

Spiegel reports, “The tone of the document that lists the NSA’s “tremendous success” in monitoring Mexican targets shows how aggressively the US intelligence agency monitors its southern neighbor. ” These TAO accesses into several Mexican government agencies are just the beginning — we intend to go much further against this important target,” the document reads. It goes on to state that the divisions responsible for this surveillance are “poised for future successes.”

Brazil is reported to be planning to develop its own email and communications system to make NSA spying harder. According to one internal NSA presentation, the agency investigated, “the communication methods and associated selectors of Brazilian President Dilma Rouseff and her key advisers.” It also said it found potential “high-value targets” among her inner circle. Brazil’s nuclear program also had a high priority. Brazil now plans to introduce a law that will force companies such as Google and Facebook to store their data inside Brazil’s borders, rather than on servers in the US, making these international companies subject to Brazilian data privacy laws. The Brazilian government is also developing a new encryption system to protect its own data against hacking.

Germany has also complained to the US. German Chancellor Angela Merkel complained to President Barack Obama on Wednesday after learning that U.S. intelligence may have targeted her mobile phone, and said that would be “a serious breach of trust” if confirmed, her government announced. The German government said it responded after receiving “information that the chancellor’s cellphone may be monitored” by U.S. intelligence. Merkel spokesman Steffen Seibert said in a statement the chancellor made clear to Obama that “she views such practices, if the indications are confirmed … as completely unacceptable.”

So, how is it that NSA’s reach has grown so much and is tapping everyone’s message traffic? The answer is the computer. Computer technology, which the US leads the world in, is better and cheaper than ever before. While the NSA relies on traditional eavesdropping platforms like listening posts and satellites to scoop up electronic data, the ability to store, process, and identify potential valuable data has grown by leaps and bounds.

The NSA has also been helped by the fact that the world communications industry is dominated by American firms, who either cooperate with the NSA voluntarily or are forced to release information via secret court orders.

It’s not that NSA satellites and listening stations can do more. They still rely upon transmissions that go out over the airwaves. They also still tap communications lines and break into “secure” facilities and computers.

The big evolution is that NSA computers can store more of the data collected – data that was once not stored, processed, or analyzed. The NSA satellite collection system ECHELON was created to monitor the military and diplomatic communications of the Soviet Union and its Warsaw Pact allies during the Cold War in the early 1960s. That was all the computers of the day could do. However, thanks to the power of 21st Century computers, the system has evolved beyond its military/diplomatic origins, to also become a global system for the interception of private and commercial communications.

That is why the NSA storage facility in Utah is a concern. It allows the storage of about 3 – 12 billion gigabytes in the short term – material that was ignored in the past because there wasn’t the computer capacity. The data center is alleged to be able to process all forms of communication, including the complete contents of private emails, cell phone calls, and internet searches, as well as all types of personal data trails – credit card receipts, bank transactions, travel itineraries, bookstore purchases,” and other digital data.

The only thing standing in the way of its operation is a series of technical problems. The Wall Street Journal has reported that the site has had ten shutdowns caused by lightening arcs and circuit meltdowns. There was another reported incident last Thursday, which caused a closedown over the weekend. Contractors have even been electrocuted and sent to the hospital.
Snooping with Algorithms

Although the NSA can still target a specific person or group like al Qaeda, the massive amount of data that NSA has stored allows it to develop algorithms to find suspicious behavior amongst the rest of the data. Obviously targeting close contacts of suspected terrorists is one way, but the amount of data allows more in-depth spying of people unrelated to such individuals or their organizations.

The NSA is capable of looking at internet searches and correlate suspicious activity. Instead of merely tracking visits to al Qaeda websites, the NSA can take visitors to those sites and cross check their visits to websites that show how to build bombs or sell chemicals or devices that could be used for terrorist activities. They can follow your reading list by seeing what books you look at Amazon or other book websites. They can also use their interceptions of bank and credit card data to see if suspicious purchases were made. From all of this data, they can develop a profile of a potential terrorist.

The NSA database isn’t isolated. They also have access to other government databases to look at a person’s travel, passport information, tax records, and employment history.
Other algorithms also look at other behavior. People who make a lot of calls or make many calls overseas to countries of special interest will get different attention. If a person gets an email or phone call from a suspect and then proceeds to make several other calls in a short time, the NSA will assume that the person receiving the call was an intermediately who was passing on the message to functionaries.

Here’s an example of how this data can be used. Yves-Alexandre de Montjoye of the Massachusetts Institute of Technology and colleagues analyzed 1.5 million anonymous call records from a Western cell carrier. They showed that it takes few as four calls or text messages, each made at a different time and place, to distinguish one person’s movements from everyone else’s.

An experiment by German politician Malte Spitz shows what happens when you fuse such data with online activity. Spitz sued German telecoms giant Deutsche Telekom to get it to hand over six months of his own phone data. Then, working with German newspaper Die Zeit, Spitz melded that data with social network and other web information about him to create a map that tracked his movements and activities. It showed where Spitz was at any given time, what he was doing, how many calls he made and how long he was connected to the internet.

Needless to say, The NSA’s supercomputers and government databases would make an even more detailed portrait of anyone it was interested in.

Avoiding the NSA Web

Can someone avoid the NSA’s web in order to keep some semblance of privacy? Yes, but it isn’t easy. If you rely on cell phones computers, emails, the internet, and credit cards, it will be harder. You have to assume that anything that has an electronic aspect to it is recorded and is likely to be targeted by the NSA.

Needless to say, the NSA is busy trying to expand its reach to those sectors that have avoided surveillance. Tor, an anonymous internet that uses encrypted data is a current target of the US government, which has tried to infect computers with viruses that allow them to decode and track behavior on this formerly secret part of the web.

Smart phone Apps like Silent Circle and RedPhone can already encrypt your calls and send them over a data connection or Wi-Fi instead of through your carrier’s voice network. They also stop carriers from logging end phone numbers. Downloads have exploded since The Guardian’s revelations on NSA spying – but such apps do not give you full anonymity because they cannot prevent your movements between phone masts being tracked. In other words, what your said was secret, but where you were and how you traveled are still open to NSA.

Your computer is obviously a vector for spying and intrusion on your privacy. And, if it is connected to the internet via hard wire or even wireless, it is liable to be spied upon – especially if it becomes infected with a virus that downloads information without your approval. And, obviously, backup systems that automatically protect your computer by having it automatically send files to a central place via the internet are available to the NSA.

Many think that keeping a computer off the internet protects them. Wrong. Everybody wants to send and receive files and even a computer off the net can be infected – as we saw with the Stuxnet malware that invaded the Iranian nuclear software. A memory stick can easily copy files unbeknownst to the user.

Here are some suggestions to lessen you exposure to NSA spying on your computer:

When you set up your computer, connect it to the internet as little as possible. It’s impossible to completely avoid connecting the computer to the internet, but try to configure it all at once and as anonymously as possible. Buy from a big store so a “special” computer isn’t sold to you.

Install the minimum software set you need to do your job, and disable all operating system services that you won’t need. The less software you install, the less an attacker has available to exploit.
Once you have your computer configured, never directly connect it to the internet again. Consider physically disabling the wireless capability, so it doesn’t get turned on by accident.
Turn off all auto-run functions. This was used to infect US military computers.

Only use trusted media to move files on and off air-gapped computers. A USB stick you purchase from a store is safer than one given to you by someone you don’t know — or one you find somewhere.

The more complex the software code, the more vulnerability. If you can, use only text files, not pdf or Microsoft files.

For file transfer, a writable optical disk (CD or DVD) is safer than a USB stick. Malware can silently write data to a USB stick, but it can’t spin the CD-R up to 1000 rpm without your noticing. This means that the malware can only write to the disk when you write to the disk. You can also verify how much data has been written to the CD by physically checking its properties. If you’ve only written one file, but it looks like three-quarters of the CD was burned, you have a problem. You can stop that problem by using the smallest storage media when transferring files to keep malware, viruses, and undetected files from being transferred.

Avoiding Notice by Avoiding Patterns

Keeping a computer off the internet is easy. Phones must be connected to be of use and there is still the problem of internet searches. This is where understanding that your visibility to the NSA is determined by your patterns rather than whether you are a terrorist or not.

If your phone calls or internet patterns don’t raise a red flag because they don’t fit the algorithms for a terrorist, your privacy is much greater. For instance, if you have a land line phone, a personal cell phone, and a business cell phone, your patterns (and visibility to the NSA algorithms) will be much different than if you have just one phone and make all of your calls on that.

Since most phones can track your movements, several phones can help you to avoid developing a travel pattern. The key is to take only one phone with you, change which one you take along with you on a random basis, and charge the phones in different locations.

The same is true with credit card purchases. If you buy books on radical Islam and then buy airplane tickets on the same card, you may get some unwelcome visibility, even if you are just studying Islam. Buying the tickets on a business related credit card would avoid that problem and make it easier to separate for tax purposes later.

Needless to say, cash transactions are harder to monitor and can’t be used to develop a pattern with NSA algorithms.

Patterns are also a problem for going on the internet. In that case, one can gain a bit more privacy by using an internet search site that doesn’t save search information and give its data to the NSA like Google. A couple such search sites are: ixquick.com and zeekly.com.

Needless to say, suspected terrorists are liable to attract extra surveillance and human attention. Simply avoiding patterns will not help them avoid attention from anti-terrorist agencies. However, avoiding patterns can help those average people who want to keep a little privacy from the NSA.

Countries will fight the NSA’s abilities by making it harder for American companies to win communication contracts within their territory. And, like Brazil, they will force the companies to keep sensitive personal data within the country and under the jurisdiction of their own laws.

Although computers have vast memory storage, the computing ability to break the secret codes of sovereign nations, and the ability to sort through mountains of data to target individuals, they have vulnerabilities. They can only look for what their designers tell them is important. They thrive on patterns and need vast amounts of data to work on.

Don’t give the NSA a pattern or data, and they come up empty.


U.S. Should Maximize Pressure on Iran at Nuclear Talks
By James Phillips
Heritage Foundation
October 18, 2013

The Geneva talks have once again raised hopes for a breakthrough in the long-stalled nuclear negotiations with Iran. Western diplomats have expressed “cautious optimism” about the prospects for success after two days of talks. But Iran has not budged from its defiance of key elements of multiple U.N. Security Council resolutions; it has merely adopted a softer and more diplomatic tone. Washington should reject a partial deal that allows Tehran to continue down its path toward a nuclear breakout capability. The United States should maintain sanctions as well as the credible threat of force until Iran has taken concrete actions to dismantle its uranium enrichment and reprocessing facilities, given up its stockpile of enriched uranium, and permitted more intrusive inspections of its nuclear sites.

Read more

The Gulf and Middle East Strategic Partnerships: The Other Side of the Iran Negotiations
By Anthony Cordesman
Center for Strategic and International Studies
October 22, 2013

No one can deny the importance of trying to end Iran’s search for nuclear weapons. Even the most effective U.S. preventive strikes will leave a heritage of tension and confrontation in the Gulf that is likely to mean a continuing arms race and constant risk of some clash that will affect the flow of Gulf oil and the global economy. If Iran persists and actually arms its missiles and aircraft, it will trigger a nuclear arms race with Israel, push Saudi Arabia towards seeking nuclear weapons, and confront the United States with making good on its offers of extended deterrence. But, it is important to realize that Iran’s nuclear programs are only part of the story and one that many of our allies and security partners in the region see as less important than the other Iranian threats they face.

Read more

Discussing the Future of U.S.-Pakistan Relations
By Frederic Grare and Reece Trevor
Carnegie Endowment
October 22, 2013

Pakistani Prime Minister Nawaz Sharif is scheduled to meet with U.S. President Barack Obama on October 23 during a four-day visit to Washington. The trip will mark the first official visit of a Pakistani leader to the United States since Pakistan’s new government took office after the country’s May 2013 legislative elections. Sharif’s visit will play out against the backdrop of Washington’s desire to achieve a safe, dignified exit from Afghanistan and to secure its strategic interests in the region after its forces are gone.

Read more

Afghanistan Isn’t Ready to Vote
By Sarah Chayes
Carnegie Endowment
October 20, 2013

“It’s started! They’re stuffing the boxes!” My friend’s voice on the line was a breathless jumble. He was calling from the Afghan border town of Spin Boldak the night before Afghanistan’s last presidential election, in the summer of 2009. I was in nearby Kandahar, where I had lived for seven years. By then, I was serving as an adviser to the commander of the international troops.

Read more

The Syrian War in Three Capitals
By Marc Pierini
Carnegie Endowment
October 17, 2013

More than ever before, the Syrian war is being played out in Moscow, Tehran, and Washington. After a series of actions taken by Russia and the United States, the current situation is somewhat hopeful. The positions of the three major players have begun to evolve: Russia may have started looking at Syrian President Bashar al-Assad as an unpalatable ally. U.S. President Barack Obama, although criticized for inaction, is strongly influencing developments. And the return of Iran, which has long been a supporter of the Assad regime, to the regional stage might come along with mutual concessions on Syria.

Read more

What to Make of Saudi Hand-Wringing
By Frederic Wehrey
Carnegie Endowment
October 15, 2013

These are troubling and uncertain times for Saudi diplomacy. A string of regional upsets and friction with the United States has cast the kingdom into rocky, uncharted waters. Washington’s support of the Islamist government in Egypt and its response to the use of chemical weapons in Syria elicited outrage and accusations of U.S. unreliability and even betrayal from Riyadh. Then came the slight warming in U.S.-Iranian relations—highlighted by the unprecedented phone call between U.S. President Barack Obama and Iranian President Hassan Rouhani. That mild rapprochement brought to the fore an old specter: an U.S.-Iranian breakthrough that marginalizes the Gulf states and erodes their long-standing position as beneficiaries of U.S.-Iranian hostility.

Read more

An Incomplete Democracy
By Michael Kugelman
Wilson Center
Oct 22, 2013

Pakistan’s military continues to cast a long and often dominant shadow over the state. So when President Obama meets with Pakistan’s new prime minister, Nawaz Sharif, on Wednesday, he should use the occasion to bolster the civilian government’s role relative to the military. Pakistan, ruled by the military for half of its 66-year life, has taken steps toward democracy, but the process is far from complete. In March, for the first time, a democratically elected government completed a full term. It transferred power to the current administration, led by Mr. Sharif, whose Pakistan Muslim League-Nawaz (PML-N) party won elections in May.

Read more

Spat or Split? Saudi Arabia’s Diplomatic Anger with Washington
By Simon Henderson
Washington Institute
October 23, 2013

Saudi Arabia’s abrupt October 17 decision to refuse a seat on the UN Security Council — an unprecedented occurrence — has generated international bewilderment and concern about the mechanics of the kingdom’s foreign policy. The sense of crisis was increased by reports on October 22 that Saudi intelligence chief Prince Bandar bin Sultan had warned European diplomats of a potential “major shift” in relations with the United States, due primarily to Washington’s perceived inaction on Syria and overtures to Iran. Yet the seriousness of such threats is uncertain, and timely U.S. diplomatic outreach may help defuse the situation.

Read more