Gen. Keith Alexander addressed some of the allegations against the NSA at a cybersecurity conference today. Here’s the money quote. Ok, it’s really the only quote, but you get the idea:
“NSA does collect information on terrorists and our national intelligence priorities but we are not authorized to go into a U.S. company’s servers and take data.”
That seems like a blanket denial, doesn’t it? I mean, how could it possibly mean anything else?
I’m glad you asked!
Let’s start by saying that he doesn’t deny that Google and Yahoo were compromised. That seems like a pretty big deal.
He says they’re not authorized to go into a U.S. company’s server, not that they didn’t do it.
He specifies “a U.S. company.” Google is headquartered in California….and Ireland (their money lives in Bermuda). There’s no such thing as a strictly “U.S. company” on this scale.
He says that the NSA is not authorized to “take” data. That says nothing about data or access freely (or less-than-freely) given.
He says that the NSA is not authorized to do this, but he does not say that the NSA couldn’t build the tools to compromise the servers and then outsource that actual effort.
I’m not saying that any of these scenarios are necessarily likely; I’m just pointing out that his denial is far more narrow than he and the headline-writer would like for you to believe. The leaks regarding the NSA have proven to be quite accurate thus far, so anyone speaking for the NSA has an uphill task in establishing credibility.
Of course, the biggest hole in my scenarios is this: If the NSA really is just stealing this shit wholesale, why don’t they just lie about it rather than use a narrow, misleading truth? I mean, in for a penny, in for a pound, right?
I’m so far beyond cynical right now it just isn’t funny.