NSA Director Tries Playing Nice With Black Hat Hackers

U.S. Army General Keith Alexander, director of the National Security Agency, pled for a bit of understanding from attendees at this year’s Black Hat security conference in Las Vegas.

“You’re the greatest gathering of technical talent anywhere in the world,” he told the audience, according to Bloomberg. “The whole reason I came here was to ask you to help us make [the NSA] better. If you disagree with what we’re doing, then you should help twice as much.”

Alexander, who was heckled by some in the crowd, also unveiled some key facts about the agency’s data-harvesting practices (tip of the hat to TechCrunch): some 22 NSA employees apparently have the authority to approve queries on phone-number metadata, while 35 analysts are authorized to actually run those queries. Last year, some 300 phone numbers were approved for queries, which resulted in 12 reports to the FBI.

Alexander also repeatedly emphasized the measures in place to keep the NSA from exceeding its authority with regard to surveillance, including Congressional and judicial oversight.

Recent revelations about the extent of the NSA’s surveillance programs led Def Con/Black Hat founder Jeff Moss, also known as Dark Tangent, to discourage the feds from attending this year’s Black Hat.” I think it would be best for everyone involved if the feds call a ‘time-out’ and not attend Def Con this year,” he wrote in a blog posting. “This will give everybody time to think about how we got here, and what comes next.” But that was merely a request, not an outright ban.

Most Black Hat attendees are security professionals, although some are also full-time hackers. Workers from federal agencies show up, sometimes incognito, to pick some of the best brains in the business about the latest in security.

Earlier this summer, The Guardian and The Washington Post published articles that described two massive NSA projects for monitoring Americans. Both newspapers drew their information from top-secret documents provided by Edward Snowden, a former CIA employee who worked as a contractor for NSA.

One of the NSA projects described in the articles, PRISM, allegedly siphons information from the databases of nine major technology companies: Microsoft, Google, Yahoo, Facebook, PalTalk, YouTube, Skype, AOL, and Apple. (In emails to Slashdot and other media outlets, as well as postings on their respective corporate blogs, many of these companies have denied involvement with PRISM.)

Although the U.S. government fully intends to charge Snowden for releasing the documents—provided they can actually get him back inside U.S. borders—it has also begun to release more information about the NSA’s programs.

 

Image: Maksim Kabakou/Shutterstock.com