LAS VEGAS (Black Hat) — Speaking to a packed house this morning, General Keith Alexander faced a skeptical, and hostile crowd during his keynote address. A first for the conference, the NSA director faced a State of the Union-like disruption, when someone in the darkened room shouted "bulls..t!" after the General commented that the U.S. Government, "stands for freedom."
The heckling happened several times, ending towards the end of the keynote when the General was holding a Q&A with Black Hat General Manager, Trey Ford.
After commenting that his reason for attending Black Hat was to ask the community represented by the attendees help the government (i.e. the NSA) "make it better" when it comes to data collection and the legal intercept programs, the unknown heckler responded to the General with a shout of, "read the Constitution!" to which Alexander responded, "I have, you should too."
For those sitting near CSO that were willing to talk, the heckling marked a low point in Black Hat's history, but it serves to show just how passionate InfoSec people are at times, and how much of a pressure point the NSA's actions have become.
The keynote left many attendees that CSO spoke with feeling as if they wasted their time. It wasn't that they didn't appreciate the General taking the time to speak, but the keynote was more of a presentation than a meaningful discussion, and when the questions came they were focused more on business than anything else.
General Alexander made no apologies for the news cycle this summer, one that has placed his agency directly in the crosshairs of the public, the media, and politicians on both sides of the isle. The intercept programs, he explained (reiterating previous remarks on the record) are managed with strict oversight. They acquire only the data that is needed for counter-terrorism programs, and it's collected in a way that is the least intrusive when it comes to privacy. This is the point that many disagreed with, and left many of them feeling let down.
However, the General did show how the controversial Sections 215 and 702 (known as PRISM) of the Patriot Act, were used to stop attacks. In fact, he said that 54 terror plots were stopped by the programs, and of the 13 plots halted in the U.S., 12 of them were directly linked to the intercept programs.
General Alexander's keynote at Black Hat also happens to fall on the same day that intelligence officials are slated to begin testifying on Capitol Hill in a Senate hearing on government surveillance. Shortly after the General began speaking, the Office of the Director of National Intelligence (ODNI), released three documents that were previously classified, including a records collection order under Section 215.
The three documents outline some of the basics of the intercept programs, and once again stress that only basic information is collected, and that most of the data "is never viewed." One of the ODNI's documents says that only those with proper training and authorization are allowed to access the collected data.
Yet, in what looks to be a contradiction (including going against what the General mentioned during his keynote), a footnote in the 215 order says that the FISA court understands that "technical personnel responsible for the NSA's underlying corporate infrastructure and the transmission of the [collected data] from the specified persons to [the] NSA will not receive special training regarding the authority granted herein."
According to General Alexander, only 22 people have access to the collected data in order to authorize a trace on a given piece of collected data, and only 35 people are allowed to query the database that houses all the collected data. So the footnote in the document released by the ODNI begs the question of who else in that infrastructure chain has access to the collected data (directly or otherwise) and where did Edward Snowden fit in?
CSO was unable to find anyone to address this apparent discrepancy on the record, and the topic of Eric Snowden was off limits with those attending Black Hat who represented a contractor or three-letter agency.
Also on Wednesday, adding another layer to the ODNI questions, a report from The Guardian, exposes the existence of XKeyscore, the "widest reaching" system the NSA has for developing intelligence from the Internet.
According to the report, this program "allows analysts to search with no prior authorization through vast databases containing emails, online chats and the browsing histories of millions of individuals, according to documents provided by whistleblower Edward Snowden."
General Alexander knew he was walking into a hot room, but he did it anyway. The problem most had with his address is that the questions asked of him focused on businesses, and not the customers they represent. While it was an embarrassing moment for the conference, the heckler's comments aptly summed up the mood of those sitting near CSO during the keynote:
"What I'm saying is that we don't trust you. How do we know you're not lying to us right now?"