• NSA Spying Costs U.S. Companies Up To $180 Billion in Lost Overseas Business

    August 1, 2014 // 6 Comments »




    The German government will end its contract with Verizon. Brazil dumped Boeing for Swedish company Saab to replace its fighter jets. Sources told Bloomberg News “The NSA problem ruined it” for the U.S. defense contractor.

    Unfettered NSA spying has cost U.S. companies up to $180 billion in lost overseas business. The number is expected to grow.

    Cisco saw a ten percent drop in overseas business. Dropbox and Amazon Cloud Services reported immediate drops in their sales abroad. Qualcomm, IBM, Microsoft, and HP all reported declines in sales in China due to NSA spying. The total costs to U.S. businesses could reach as high as $180 billion.

    ServInt Corporation, a Virginia-based company providing website hosting services, has seen a 30 percent decline in foreign customers since the NSA leaks began in June 2013, said Christian Dawson, its chief operating officer.

    Big Losses for U.S. Tech Firms

    According to a new report by the nonprofit New America Foundation, in total NSA spying could slow the growth of the U.S. tech industry by as much as four percent in the short run, though the massive hit to American credibility could have long-range repercussions that are hard to estimate at present. The NSA spying is leading many nations to develop their own, indigenous capabilities that suggest fewer opportunities for American tech firms into the future. For example, Brazil and India are planning domestic IT companies that will keep their data centers within national boundaries and thus hopefully out of NSA’s reach. Greece, Brunei, and Vietnam have announced similar plans.

    The point really stings: cloud storage services are already a $150 billion industry, a number expected only to grow. The question now is how much of that growth for American companies will be siphoned off by foreign competition because of the NSA’s wholesale spying. One-third of Canadian businesses said in a survey they were moving their data outside the U.S. as a result of NSA spying. Artmotion, a Swiss web hosting provider reported that within a month after the first revelations of NSA spying, business jumped 45 percent.

    You’re an American Company? No, Thanks

    “We’re not an American company” may prove to be a decisive sales point, and the NSA activities a persuasive marketing tool. The point is not theoretical. “Ties revealed between foreign intelligence agencies and firms in the wake of the U.S. National Security Agency affair show that the German government needs a very high level of security for its critical networks,” Germany’s Interior Ministry said in a statement about the canceled Verizon contract.

    While the NSA likely is even now working on ways to break into foreign data centers, the immediate concern for many governments abroad is the “sharing” agreements NSA enjoys with American firms. As revealed by Edward Snowden, most American tech companies are required by the U.S. government to make themselves open to the NSA, either by directly sharing data (for example, Verizon) prepackaged to NSA needs, or by allowing the NSA to dictate what technological back doors will be built into the actual hardware (Cisco.) Either way, in the minds of many foreign governments, purchasing goods or services from an American company is the equivalent of exposing by default all data that passes through those goods or services to the American government.

    “I can’t imagine foreign buyers trusting American products,” said security expert Bruce Schneier. “We have to assume companies have been co-opted, wittingly or unwittingly. If you were a company in Sweden, are you really going to want to buy American products?”

    Corrupting the Entire Internet

    The New America report also explains that the NSA has fundamentally attacked the basic security of the Internet by undermining essential encryption tools and standards, inserting backdoors into widely-used computer hardware and software products, stockpiling vulnerabilities (“zero day defects”) in commercial software rather than making sure those security flaws get fixed, dropping spyware into routers around the world, impersonating popular sites like Facebook and LinkedIn to gather data, and hacking into Google and Yahoo’s backbone data links to harvest emails, address books and more.

    This all in spite of one of the core missions of the NSA being to protect America’s cybersecurity.

    A Wake Up Call?

    The cynical might say that with the loss of business revenues abroad, the American government finally has a reason to reign in the NSA, at least overseas. Tech companies, after all, are traditionally big political donors, especially to the Democrats and thus hold some clout. Domestically, there is little financial incentive for less spying; remember, the only person on earth Obama has personally and specifically assured is not being monitored via her cell phone is a foreigner, German Chancellor Angela Merkel. No, sorry, Americans are still fair game.

    Perhaps the worst news for American tech is hardest to quantify. “It’s not possible to put an exact dollar figure on the cost of lost business for U.S. companies as a result of the NSA revelations,” said Chris Hopfensperger, policy director for BSA/The Software Alliance, a Washington-based trade association. “If a customer goes directly to a non-U.S provider for something, you never know that you didn’t get the call.”

    Funny, because while the American company may indeed never know they didn’t get the call, the NSA might. Who could have thought the wake up call to U.S. firms would be so ironic?



    Related Articles:




    Copyright © 2020. All rights reserved. The views expressed here are solely those of the author(s) in their private capacity.

    Posted in Post-Constitution America

    NSA and Corporate Cooperation Revealed

    January 3, 2014 // 16 Comments »

    The latest NSA revelations reveal deeper and more insidious intrusions into our lives, and show deeper collusion between the government and private enterprise. If you really, really think this is OK because you have “nothing to hide,” you better be damn sure that’s the case.

    Back Doors

    It is now apparent that the NSA co-opted nearly every piece of electronics present in our lives. Der Spiegel reports that the NSA has found ways to slither through most firewalls and work around most security systems. This dirty work is done primarily via malware, computer code created by the NSA that is implanted in the targeted device to do the NSA’s bidding. This malware most commonly creates a “back door,” a new, hidden pathway into some computer system.

    NSA Lies about BIOS Attacks

    We also learn that the NSA, which only recently used the American TV news magazine “60 Minutes” to warn about a new form of Chinese cyberattack, actually employs the very same technique. NSA Information Assurance Director Debora Plunkett spoke in near-apocalyptic terms:

    [She] revealed the discovery by one of her 3,000 analysts of a secret computer weapon that could destroy any computer it infected. She would not name its origin, but 60 Minutes has learned it was engineered in China. The NSA allowed Plunkett to talk about it for the first time in detail. She says it was called the Bios Plot, for the foundational component, the Bios, that all computers have that performs basic functions like turning on the operating system and activating the hardware. The attack on the Bios would have been disguised as a request for a software update. If the user clicked on it, the virus would turn their computer into “a brick,” says Plunkett.

    “One of our analysts actually saw that the nation-state had the intention to develop and deliver, to actually use this capability to destroy computers,” Plunkett says. If successful, says Plunket, “Think about the impact of that across the entire globe. It could literally take down the U.S. economy.” The NSA quietly worked with computer manufacturers to eliminate this vulnerability.


    However, quite apart from “quietly working with computer manufacturers to eliminate” a BIOS attack, the NSA quietly worked to exploit BIOS attacks of its own making. Der Spiegel tells us:

    [NSA] developers have a clear preference for planting their malicious code in so-called BIOS, software located on a computer’s motherboard that is the first thing to load when a computer is turned on. This has a number of valuable advantages: an infected PC or server appears to be functioning normally, so the infection remains invisible to virus protection and other security programs. And even if the hard drive of an infected computer has been completely erased and a new operating system is installed, the malware can continue to function and ensures that new spyware can once again be loaded onto what is presumed to be a clean computer. The developers call this “Persistence” and believe this approach has provided them with the possibility of permanent access.


    A Look How Deep the Rabbit Hole Goes

    In a way, however, the most insidious technique the NSA employs is in a way one of the simplest. Der Spiegel reveals that the NSA intercepts computers and other eletronic hardware being shipped to a “target,” alters them, and then sends them on to be received and used by the target, albeit with the NSA software and/or hardware installed.

    Let’s break this down.

    Once the NSA identifies a “target” (whom we’ll refer here to as “You”), the NSA needs to know when You order a new laptop they want to intercept. That means the NSA has to spy on Your credit card, Your online activities and/or probe into the ordering systems of places like Amazon, Dell and the like. Perhaps there is a sort of “no fly” list distributed to manufacturers that requires notification to the NSA when someone like You on it buys something. Or all of the above.

    The NSA then must know when and how Your laptop will be sent to you. That means they need to have been accessing the computer systems of Amazon, Dell and the like, and/or UPS, Fedex and other shippers. Or all of the above.

    The NSA then has to have physical access to the warehouse of the shipping company. Or, the shipping company has to agree to mark your package, and deliver it instead to an NSA location. That all means the shipping companies are in on the NSA plot, or the NSA has to be hacking into the shipping companies’ data systems and substituting their address for Yours.

    Once in NSA hands, Your package has to be opened, and Your laptop must be altered in some undetectable way. They can’t steam open a box like a letter in the old movies; someone has to open it physically and then get it all buttoned up again without a trace. Does the NSA have a way to unstick packing tape and reseal internal bags, or do they have a ready supply from Dell and Apple of packing materials?

    Lastly, the NSA has to return the package into the shipping stream. That means the box, with say Amazon’s return address and Your home address, has to reenter say Fedex’s system from a third location without too many people knowing it happened. It would not do for the low-level UPS guy to pick up a ton of boxes everyday from a nondescript warehouse, all with third-party address labels. This strongly suggests cooperation by the shipping companies.

    You then open Your new laptop on Christmas morning. Yeah, be sure to select a secure password.

    Private Enterprise as Tools of the National Security State

    After a lot of denying and prevaricating, the telecommunications companies of the United States admitted they work hand-in-glove with the NSA under a secret portion of the Patriot Act to collect and transfer data about You. Verizon also hacked its own wireless modems to allow the FBI easier access to You. Microsoft collaborated to allow Your communications to be intercepted, including helping the NSA circumvent the company’s own encryption. Microsoft also worked with the NSA to grant easier access to its cloud storage service SkyDrive with Your documents. One technology expert speculates the NSA embeds back doors inside chips produced by U.S. corporations Intel and AMD. There are many more examples of corporate cooperation, as well as corporations appearing to “not know” about NSA intrusions deep into their systems and products.

    After I first published this piece on Firedoglake, I got an email from a “strategic communications” firm claiming to represent Microsoft. The email reminded me that “Microsoft offers an adamant and robust denial, writing that ‘There are significant inaccuracies in the interpretations of leaked government documents reported in the media last week,’ and referencing this Microsoft blog post. The communications person “Wondered if you’d consider adding Microsoft’s comments to your blog, rather than just giving one side of the story.” And so I just did.

    What we have here is an example of the depths into which You have fallen. The government has recruited private industry into its national security state, down to the level of the Fedex guy delivering packages to Your door in time for Christmas. For those of You who still foolishly insist that such spying is OK because they “have nothing to hide,” I sure as hell hope You are right, because whatever You do have now belongs to Them.


    BONUS: We would know none/none of this had it not been for Edward Snowden.



    Related Articles:




    Copyright © 2020. All rights reserved. The views expressed here are solely those of the author(s) in their private capacity.

    Posted in Post-Constitution America

    How to Respond to Your Friends Who Think the NSA Surveillance is No Big Deal

    June 10, 2013 // 35 Comments »




    This piece originally appeared on the Huffington Post.

    NSA surveillance is legal.

    True, as was slavery in the U.S., the Holocaust under Nazi Germany, Apartheid in South Africa and so forth. Laws mean very little when they are manipulated for evil.



    I’m not doing anything wrong, so why should I care? If you’re doing nothing wrong, then you’ve got nothing to hide!

    See above. The definition of “wrong” can change very quickly.


    I trust Obama on this.

    All of your personal data is in the hands of the same people that run the TSA, the IRS and likely the DMV. Do you trust all of them all the time to never make mistakes or act on personal grudges or political biases? Do you believe none of them would ever sell your data for personal profit ever? In fact, the NSA is already sharing your data with, at minimum, British intelligence. That’s a foreign government that your American government is informing on you to, FYI. Also, the alleged leaker, Edward Snowden, worked for a private contracting company and had access to your data.



    I really trust Obama on this.

    OK, let’s stipulate that Obama will never do anything bad with the data. But once collected, your personal data exists forever, and is available to whomever in the future can access it, using whatever technologies come to exist. Trusting anyone with such power is foolish.


    Well, there are checks and balances in the system to protect us.

    See above. Also, the king of all checks and balances in this case, the Fourth Amendment, has been treated by the government like a used Kleenex. As for the Foreign Intelligence and Surveillance Court (FISA), set up to review government requests for wiretapping, it approved all 1,789 requests submitted to it in 2012. The FBI made 15,229 National Security Letter requests in 2012 on Americans. None of those even require FISA rubber-stamping. And here’s DOJ trying to keep classified a court ruling that says it might have acted unconstitutionally.

    More importantly, if all the NSA’s activities are legal, why not allow them to be tested openly and unambiguously in public, in front of the Supreme Court. After all, if you’ve done nothing wrong there is nothing to hide. Unfortunately, when Amnesty International tried to bring such a case before the Court, the case was denied because Amnesty could not prove it was subject to monitoring– that was a secret!– and thus was denied standing to even bring the suit.

    Many people believe the surveillance violates both the Fourth Amendment protections against search, and the First Amendment protections on the right to peaceably assemble, online in this instance.



    There are 300 million Americans, producing a gazillion emails and Skype chats and Instagrams every day. Nobody cares about my boring stuff.

    Mining all that data is just a matter of how many computers are devoted to the task today, and using better technology in the future will make it even easier.

    But the TV says they collect only “Metadata” so I’m safe.

    Metadata is the index to all the content NSA is already sweeping up. NSA is able to record say 24 hours worth of Verizon phone calls easy enough. With the Metadata, they can then easily locate any particular call within that huge chunk of otherwise streaming data. Metadata can also provide geolocation information to track your physical movements, among other things. It is very important.



    Distasteful as this all is, it is necessary to keep us safe. It’s for our own good.

    The United States, upholding to our beautiful Bill of Rights, has survived (albeit on a sometimes bumpy road) two world wars, the Cold War and innumerable challenges without a massive, all-inclusive destruction of our civil rights. Keep in mind that the Founders created the Bill of Rights, point-by-point, specifically to address the abuses of power (look up the never-heard-from-again Third Amendment) they experienced under an oppressive British government. A bunch of angry jihadis, real and imagined, seems a poor reason to change that system. Prior to 9/11 we did not have a mass-scale terror act (by foreigners; American Citizen Timothy McVeigh pulled one off.) Since 9/11 we have not had a mass-scale terror attack. We can say 9/11 was a one-off, an aberration, and cannot be a justification for everything the government wishes to do. There is also the question of why, if the NSA is vacuuming up everything, and even sharing that collection abroad, this all needs to be kept secret from the American people. If it is for our own good, the government should be proud to tell us what they are doing for us, instead of being embarrassed when it leaks. If you’re not doing anything wrong then you’ve got nothing to hide, right?


    Terrorist are everywhere.

    Doubtful. No suicide bombers in shopping malls, no hijackings. How many Americans have died in the past twelve years due to terrorism in the U.S.? At the same time, despite all this intrusion into our lives and violations of the Fourth Amendment, the system completely missed the Boston bombers, two of the dumbest, least sophisticated bro’ terrorists in the world. Those two practiced no tradecraft at all. Maybe all this surveillance isn’t really about stopping terrorists and is more about generic spying on us all, using a fake argument of 100% security at the cost of 0% privacy? At the same time, we do have a problem with gun nuts committing mass shootings that have mowed down Americans in numbers far beyond terrorism since 9/11, but no one seems concerned about using tech to stop that. So much has been justified (torture, spying) by the so-called ticking time bomb scenario but there has never been shown an actual ticking time bomb scenario in real life.


    Protecting America comes first.

    But protecting what from what is the question. If instead of spending trillions and trillions of dollars on spying and domestic surveillance we spent that same money on repairing our infrastructure and improving our schools, wouldn’t that more directly create a stronger America?


    I just don’t care.

    Fine, enjoy your television. Just don’t be surprised when you’re woken from your deep sleep one night by a knock on the door.

    BONUS: If you’re Edward Snowden, the alleged leaker, and you have some interest in not spending the rest of your life in a U.S. supermax prison, why oh why are you in Hong Kong? Hong Kong has an active extradition agreement with the U.S. Why are you not in Ecuador, Beijing, or maybe Iceland?

    Snowden has the guts to do what the government does not have the guts to do: bring the NSA’s activities into daylight, for all to see. As a whistleblower myself, and meeting many others from Ellsberg to Drake, I know it takes enormous courage to do what Snowden did, and the willingness to give up everything– life, freedom, everything– for a good bigger than yourself. If that is not a definition of patriotism nothing else can be.

    BONUS BONUS: My interview with Agency France Press on Snowden and whistleblowing.




    Related Articles:




    Copyright © 2020. All rights reserved. The views expressed here are solely those of the author(s) in their private capacity.

    Posted in Post-Constitution America