Hackers to NSA chief: Read the Constitution

http://news.cnet.com/8301-1009_3-575...-constitution/

The head of the NSA faces a tough audience as he appeals to hackers and security professionals at Black Hat 2013 to help the U.S. government build better spying tools.
by Seth Rosenblatt
July 31, 2013 1:55 PM PDT



General Keith Alexander of the National Security Agency asks security professionals and hackers to help with government surveillance at Black Hat 2013.
(Credit: Seth Rosenblatt/CNET)
LAS VEGAS -- Tensions were high as the National Security Agency's Gen. Keith Alexander took the stage here in front of a packed room of security industry professionals and hackers of all stripes.
The general at the forefront of the surveillance scandal currently enveloping the NSA walked up to the podium in the conference center at Caesar's Palace amid audience murmurings that he was going to avoid the issue.
Instead, it was the focus of his keynote speech.
"How do we protect our civil liberties and privacy?" he asked the 3,200 people filling the room and the 1,500 people in an overflow space. "This is one of the biggest issues we face today."
Related stories:




He also promised the attendees that he would take their questions, a longtime tradition at Black Hat and its sister conference, DefCon. "I will answer every question to the fullest extent possible. We don't want to jeopardize our defense," he said.
It was a far cry from when Alexander kicked off DefCon 20 with a keynote speech last year. There's a lot of crossover between Black Hat and DefCon attendees, but the general, who last year was dressed in jeans and a tucked-in T-shirt, spoke on Wednesday in his official uniform. This would be a more serious presentation.
Over the ensuing 45 minutes or so, Alexander described in broad terms how Section 702 of the FISA Amendment Act and Section 215 of the Patriot Act affect governmental intelligence gathering in the U.S.
His described the pre-9/11 world as a place where the intelligence community was at times unable to "connect the dots" in order to stop terrorist attacks. Post-9/11, he said, problems continued, but the situation improved. He cited phone surveillance that led to the arrest of Najibullah Zazi, who was involved in the plot to bomb the New York subway in 2010, as one example of successful surveillance.
About a half-hour into Alexander's presentation, some in the audience had enough.
"Freedom!" shouted a man who Forbes identified as 30-year-old security consultant Jon McCoy.
"Exactly," Alexander said. "We stand for freedom."
"Bullshit!" retorted McCoy.
Alexander kept his cool and replied, "Not bad," to mild applause from the crowd. People didn't necessarily buy everything that Alexander was selling, but they weren't entirely comfortable with the heckling either.
"But I think what you're saying is that in these cases, what's the distinction, where's the discussion, and what tools do we have to stop this?" Alexander said.
McCoy yelled back, "No, I'm saying I don't trust you!"
Moments later, another audience member chimed in. "You lied to Congress. Why would people believe you're not lying to us right now?"
Alexander hesitated for a brief moment. "I haven't lied to Congress," he said. He pleaded with the audience to take stock of what he termed "the facts."
"Read the congressional testimony. Look at what we're talking about here," he said.
"What we see coming at our country is more of the same," Alexander continued, implying that America will face more terrorism at home. "In my opinion, this is not bull. We ought to put the facts on the table."
He emphasized that the controversial surveillance programs have been regularly audited and scrutinized. Federal judges, members of Congress, and the president's administration all have to sign off on the spying.
General Keith Alexander takes prepared audience questions from Black Hat general manager Trey Ford at Black Hat 2013.
(Credit: Seth Rosenblatt/CNET)
Alexander's speech had two goals. He said at the beginning that he wanted to open the conversation with the security community, but throughout the speech he also worked to polish the tarnished reputation of the NSA's cryptographers, 20 of whom had been killed over the past decade in Iraq and Afghanistan. Their primary concern, he said, was "to protect the country and protect civil liberties and privacy."
He pointed out that of all of the NSA's analysts, only 35 are authorized to run queries on the database that contains metadata vacuumed up by Section 215. "They have to go through three separate training regimen, and pass tests, to do queries into that database," he said, highlighting that not all NSA employees can access the data it has collected.
Alexander returned repeatedly to the question of how to balance security vs. civil liberties and privacy. But when it came time for the question-and-answer session, he faced more heckling and skepticism.
The questions had been prepared in advance via a questionnaire organized by Black Hat's new general manager, Trey Ford, who read the questions from the stage. But first, an audience member shouted out a question to the general.
"Why do so many countries want to attack us?" the person asked.
The general replied that America stands in the way of them reaching their objective, which is to force everybody to comply with sharia law.
"They want to attack us because we're bombing them!" shouted another person, to much chuckling from the audience.
One of Ford's prepared questions asked whether the NSA had been affected by the media leaks.
"It has," he replied. "I think you can tell from the sporadic comments here," he said, acknowledging the audience heckling. Then he called the NSA cryptographers "the most noble people we have" in the United States.
"They are willing to put their lives on the line for their fellow soldiers and fellow Americans. These same people who take that same oath to uphold the Constitution are the same ones who run these programs," he said, and added that when those programs have been audited, there were no instances of abuse discovered.
"And that's no bullshit," Alexander said to widespread applause from the audience. Then he asked the media in the front rows not to quote the swear word for the sake of his grandchildren.

He ended by restating his plea to the hackers and security professionals to help the NSA build better surveillance tools. "You're the greatest gathering of technical talent anywhere in the world," he said. "The whole reason I came here was to help make us better."
An audience member, who sounded like McCoy, shouted, "Read the Constitution!"
"I have," Alexander said. "You should too!"
Whatever else, the impact of the NSA spying scandal has widened the heretofore slowly closing chasm between the "spooks" and the security community, and it's not likely to reverse course anytime soon.