The National Security Agency has denied recent allegations that it used man-in-the-middle attacks to infect millions of computers with malware, but it hasn’t denied that any of the capabilities or programs discussed in Glenn Greenwald’s latest article are real.
“Recent media reports that allege NSA has infected millions of computers around the world with malware, and that NSA is impersonating U.S. social media or other websites, are inaccurate,” the NSA wrote in its press release. “Technical capability must be understood within the legal, policy, and operational context within which the capability must be employed.”
NSA denial leaves plenty of wiggle room
Now that we know about so many NSA half-truths and deceptions, many people will find it difficult to take the NSA at its word, but the language of the denial is also suspicious. Greenwald’s article quoted confidential sources saying that project TURBINE would “increase the current capability to deploy and manage hundreds of Computer Network Exploitation (CNE) and Computer Network Attack (CNA) implants to potentially millions of implants.”
The NSA hasn’t denied developing the capability, or using it to infect perhaps hundreds of thousands of computers, only that it hasn’t infected millions. If the NSA didn’t impersonate social media sites that rules out a man-in-the-middle attack, but not a man-on-the-side attack which doesn’t actually put itself in between the targeted computer and the website.
Of course, many people won’t bother to parse NSA statements so carefully, simply choosing not to trust the organization. Facebook Inc (NASDAQ:FB) CEO Mark Zuckerberg reportedly called President Obama to tell him that he was concerned about government invasion of privacy. It is a little rich for Facebook Inc (NASDAQ:FB) to complain about eroding privacy rights, but the reality is that people choose to give up privacy when they engage in social media (even if the choice isn’t always well thought out).
Lack of oversight, not a specific capability, is still the key issue
When talking about the classified information that Edward Snowden leaked last year, and which Greenwald continues to slow roll, it sometimes seems like people forget that the purpose of the NSA is to spy on people, and that it would be remiss if it didn’t develop the capability to get information even on hard-to-reach targets. But mass surveillance and a lack of oversight have many people concerned about the current direction of the NSA, and the collapse of public trust in the last year will take more than a carefully worded, half-page denial to repair.
