Epic botch of the PRISM story.

PRISM logo

[Update 2013-06-13: See Rick Perlstein's piece about this on The Nation's blog. Glenn Greenwald later responded here.]

Mark Jaquith’s post The PRISM Details Matter is spot-on. Glenn Greenwald has misunderstood a key technical fact, one that removes the most explosive charge in the whole scoop. And for some reason, Greenwald refuses to correct it.

The crucial question is:

Are online service companies giving the government fully automated access to their data, without any opportunity for review or intervention by company lawyers?

Greenwald essentially says yes, they are. Yet nothing leaked so far indicates that this is the case, and the companies all vehemently deny it. They say they have humans in the chain. The information leaked so far supports this claim or is at least consistent with it.

It looks like Greenwald & co simply misunderstood an NSA slide, most likely because they don’t have the technical background to know that “servers” is a generic word and doesn’t necessarily mean the same thing as “the main servers on which a company’s customer-facing services run”. The “servers” mentioned in the slide are just lockboxes used for secure data transfer. They have nothing to do with the process of deciding which requests to comply with — they’re just a means of securely & efficiently delivering information once a company has decided to do so.

As Jaquith emphasizes, this is not merely a pedantic point. This is central to the story, and as far as I can tell, Greenwald continues to misunderstand and thus misrepresent it. It’s an epic botch in an important story :-(.

An email I sent to some friends yesterday, about this exact same point:

  From: Karl Fogel
  To: <undisclosed recipients>
  Subject: Re: Cowards | Uncrunched
  Date: Mon, 10 Jun 2013 14:18:57 -0500
  One of the above wrote:
  >Since the topic has taken over part of my morning, thought I'd share: 
  I read this post when it came out, yeah.  I think it's mostly wrong.
  What is described here is just a delivery mechanism.  *If* you're a
  company that's complying with government requests for data (and not all
  requests are abusive or unreasonable) a lockbox is a perfectly sensible
  way to do it.
  Sure, the lockbox may run on a server that belongs to the company, but
  this is not the same as -- indeed, is *totally unrelated to* -- giving
  the government direct access to your servers, the servers that are
  related to the actual service you provide as part of your business,
  which is how far too many bloggers are portraying it.
  Uncrunched quotes Claire Cain Miller approvingly:
    "While handing over data in response to a legitimate FISA request is a
    legal requirement, making it easier for the government to get the
    information is not."
  What?  This makes no sense.  The lockbox may or may not make it easier
  for the government, but it sure makes it easier for the *company* to
  securely hand over data while lowering the risk of some unauthorized
  third party gaining access.  If you're going to comply, might as well do
  it responsibly and without increasing the compliance burden on yourself.
  What the hell are the companies supposed to do?  Put the data on a
  CD-ROM and mail it to Fort Meade?
  It's not like there aren't legitimate things to complain about here.  I
  don't understand why Uncrunched is wasting time with non-problems.

28 Responses to “Epic botch of the PRISM story.”

  1. Letmein Says:

    Connected to this is Greenwald, et al not knowing that the Prism application by SAIC has been the high level information request management software of choice by high level intel agencies for years now, for all kinds of intelligence-related documents. The internet company initiative may have a code name, but PRISM wasn’t it. To those in the know, from the first article it’s been like reading the NSA has a secret program called “The Microsoft Project” or “Codename: INFOPATH.”

    Isn’t it increasingly clear by now that the leaker, Snowden, had no direct knowledge of what he was talking about? He found a PowerPoint in someone else’s files on the server he ran and lifted it, so he couldn’t explain it to the writer, and the writers never checked with any recent or current pros off the record before publishing. When you think about it, we have no way of knowing if that slide is a first draft, who reviewed it, who it was given to, whether they agreed it was accurate, nothing. Has anyone worked in an office so little that they think every PowerPoint slide *on the corporate server* should be taken as gospel truth?

    They claim the rest of the PowerPoint is a security problem. Fine: how about releasing that “Prism guide for Skype collection” they claim they have? That’s a technical manual. And that’ll probably have screenshots etc., which would clear this part up pretty quickly for anyone who’s ever seen a webform. If they’re not doing it now, they must have assumed on review it will completely discredit them. They’re just hoping to Dan Rather it out now.

  2. Karl Fogel Says:

    My impression is that Snowden understood most of what he saw, and that some information was lost in transferring that knowledge to Greenwald, who (obviously) is much less technical than Snowden.

    But yes, I do also wonder “Why hasn’t this story been a story for a long time before now?” The real story is the broad surveillance, the NSLs, the gag orders preventing companies from disclosing even non-identifying information about NSLs, the rubber-stamp nature of the FISA court… and all this has been known for a long time. I think many journalists were looking for a catalyst, and this was it, so they jumped on it even though it wasn’t really “news” in the usual sense.

  3. David Says:

    Or, if you take the NSA slides at face value, you see that a direct connection -or- a fiberoptic tap will accomplish the same thing. Ten years ago a paper from Oyster Optics confirmed that it was quite easy to do, and in fact was easier than tapping a copper cable. By 2006 the “Carnivore” program was using precisely this technique to spy on AT&T customers. So it’s unimportant what the feds call the program.

    Now, certainly we know that Greenwald had trouble with even using PGP, so he is not a techie. However, if the feds have forced FB & Google, et al, to disclose the details of their networks, then it is a simple matter to install taps between the routers and the service providers. The companies can claim they are not helping the feds. The feds can claim the companies are not helping them. Everybody lies and everybody wins.

    In this scenario Greenwald is NOT wrong.

  4. David Says:

    I forgot these links:




  5. Mark Says:

    If NSA meant “lockbox” is would have used the precise term “lockbox” not the imprecise term “servers.”

    This NSA slide contrasts two types of data collection: the first, “as data flows past”; the second “directly from the servers.” If by “servers” they actually meant “lockbox” the whole slide would not make sense.

  6. Ravan Asteris Says:

    My rant on the subject is at http://ravanoid.blogspot.com/2013/06/nsa-web-companies-and-ny-times.html

    Greenwald, etc, don’t understand that direct access is unlikely for technical and economic reasons.

    The thing that chafes technical people’s butts in any of those companies is having to process FISA orders at all, and then not being able to talk about why the time and effort had to be spent. I would bet that’s why Google is suing to be allowed to tell what FISA orders it’s processed.

    Web companies are caught between a rock and a hard place in this: They are legally forbidden, with criminal sanctions and all, to talk about what or even how many FISA requests they process; but they also try to protect their user’s privacy and need the trust of the public to do business.

  7. Mark Says:

    Let me clarify with comments I posted on The Nation:

    If the NSA intended to mean “lockbox” it would have used the precise term “lockbox” not the imprecise term “servers.” Slides like these are put together to precisely document protocol.

    This NSA slide contrasts two types of data collection: first, “as data flows past”; second “directly from the servers.” If by “servers” they actually meant “lockbox” the whole slide would not make sense. In that case, what did the NSA mean exactly by the contrasting phrase “as data flows past”?

    Indeed, if this slide spoke to the instruction of the run-of-the-mill collection of data from lockboxes “once a company has decided to” comply with a court-ordered request from the NSA, the slide would hardly need to be labeled “TOP SECRET.”

    In the real world people who make policy usually do not make power point slides.

    They give their admins typed or hand written notes; the admins create the slides; the supervisors review them and present them to their direct reports, and so on. This slide must have been reviewed dozens of times before being finalized.

    People who have very excellent grasps on how complex computer systems work would surely have approved this slide. Otherwise, the NSA is so deeply dysfunctional that we don’t have to worry about massive surveillance because they’ll be looking in their drop boxes instead of their lock boxes.

    It is telling, incidentally, that everyone is focused more on the aesthetics of the slide than on its content.

    It’s unlikely that the NSA meant “lockbox” (a dedicated drive or disk space used in the FTP transfer of electronic files from one consenting party to another) when they actually said “server.” If they meant lockbox, they wouldn’t have preceded it with “directly from” because that’s redundant. It’s only not redundant when “servers” mean refer to “the main servers on which a company’s customer-facing services run.” Therefore, it’s highly likely that they did mean “directly from the servers” for PRISM program which contrasts more appropriately with “as data flows past” of the Upstream program.

    There are only a few people at the NSA who really know about this slide (and the other slides) and the rest of us are speculating.

    This slide is admittedly unpolished — the exact kind of ‘unfinish’ internal documents usually have. This slide is obliviously not suited for presentation to the outside. It was mean solely to instruct staff on procedures.

    Because the slide is instructive, it’s highly unlikely that it wouldn’t have been vetted many times at all levels, with operations and management. Therefore, I’m disinclined to believe that the NSA could have made the mistake of using the phrase “directly from the servers” when they actually meant “directly from the lockbox,” because they mean drastically different things.

  8. Quevedin Says:

    from Google’s chief legal counsel David Drummond:

    “We cannot say this more clearly — the government does not have access to Google servers–not directly, or via a back door, or a so-called drop box. Nor have we received blanket orders of the kind being discussed in the media. It is quite wrong to insinuate otherwise. We provide user data to governments only in accordance with the law. Our legal team reviews each and every request, and frequently pushes back when requests are overly broad or don’t follow the correct process. And we have taken the lead in being as transparent as possible about government requests for use information.”

    Source http://www.theatlanticwire.com/technology/2013/06/how-google-and-facebook-cooperated-nsa-and-prism/66030/

    Even if you were correct, and Greenwald and the WaPo guys have misunderstood it all (it is not a “root access” ;) but a Wuala-like one ) that completely contradicts the declarations of “not access to any server” by Drummond.

  9. Karl Fogel Says:

    @David: Tapping into the wires that connect (say) Google’s data centers to the outside world is not nearly as useful (for the purposes of searching and for programmatic data analysis) as having programs running directly on Google’s servers would be. They’re two different universes. In one, you can see real-time data as it flows by, and even then much of it is SSL-encrypted. In the other, you can see everything, including a historical archive into the past for every user. That’s just not the same thing — not the same level of intrusion, not the same level of surveillance. Again, just to be clear: I’m not saying there’s no issue here. But, to apply an approximate metaphor, we’re talking about the difference between tapping someone’s phone line and going through all their files and all their possessions, in their house, page by page and item by item. One is worse than the other.

    @Mark: No, that’s not true at all. It’s perfectly natural for them to use the word “servers” in that context. I only used the word “lockbox” in order to make the distinction clearer for the purposes of this explanation. Under other circumstances, for an internal audience, I too might have just said “their servers” as a colloquial way of saying “the server where they put the stuff for us”. The distinction with “as data flows past” is clear: one is a wiretap, the other is a data drop. They have different characteristics, different dynamics. The slide makes perfect sense if “servers” means “lockboxes” — not sure why you think it wouldn’t. I’m not saying a lockbox has to be a dumb file server. It could present a user interface on both sides, perhaps even an API, that makes data requests easier for the NSA and delivery easier for the company in question. Fine — efficiency is not the issue here; the presence of humans (and specifically lawyers) in the chain is the issue, and the claim I’m refuting is that the humans were taken out of the chain because the NSA supposedly had direct access to the live servers. They didn’t, or at least, we have seen no evidence so far that they did. The humans remained in the chain. (How diligent or rigorous they were is another question, but that problem is much older than computer networks and digital data.)

    @Quevedin: There is no contradiction, unless you assume that every use of the word “server” (or for that matter “dropbox”) means the same thing. These are not precise terms; once they are understood with their most likely meanings in context, the contradiction goes away and Google’s claims look true.

    @Ravan: Amen. And nice post, by the way.

  10. bill Says:

    Karl – The slide is ambiguous and does not clearly state, as Greenwald has suggested, that direct and unfettered access to the core servers is available to the government. Neither does it clearly state that these servers are “lockboxes” as you suggest. Greenwald is not technical though you and I both are. If he has made an epic botch based on the available evidence to reach his conclusion then you have done the same. You state “The ‘servers’ mentioned in the slide are just lockboxes used for secure data transfer. They have nothing to do with the process of deciding which requests to comply with — they’re just a means of securely & efficiently delivering information once a company has decided to do so.” Yet nothing on the slide supports this contention.

  11. Karl Fogel Says:


    Thanks for your comment. Your point is true as far as it goes, but I’m basing my conclusion on all the evidence seen so far, not just on that one slide. The slide is consistent with the interpretation I give it, and this is also the most likely way for the system to work given the various actors and their interests here, and this interpretation matches up with the denials from the companies, which have been unusually strongly worded, consistent, unambiguous, and clear on this point. They don’t typically speak that way when they are trying to divert attention from the truth, as we have seen in so many other statements from involved parties on this topic.

    (I admit I am also basing the conclusion partly on personal knowledge of some of the people involved in issuing those denials, but I didn’t really want to make that a cornerstone of the argument, since it smells like “argument from authority” and of course is very hard for anyone else to check. But for what it’s worth, I’m factoring that in.)

    I think those lockboxes are probably bidirectional (i.e., the system holds the incoming requests securely, and holds the outgoing data securely), and probably have a spiffy UI and APIs too. But being efficient is not the issue here. Greenwald’s claim is specifically that the NSA slide says they’re directly collecting user data from the places where that user data normally resides, by [very strong] implication with no mediation on the part of the companies. That’s a pretty shocking allegation, and would be the biggest news here if it were true. But there’s been no evidence for it, and the evidence available so far seems to point against it.

  12. bill Says:

    @karl – fair enough – I have no additional information and I am willing to accept that you do. You must agree that Greenwald has claimed to have much more to support his views than he has released as well, right? In another blog – which pointed me to yours though annoyingly enough seems to be getting much more discussion – a user pointed me to Greenwald’s response to your criticism. He claims that he has only cited what is on the slide, i.e. that prism gives direct access to servers at the various companies. There is no doubt that the slides do say at least that. He claimed to have stopped at what the slide says – not arguing what is on those specific servers nor where they reside on the network. And he does make the point that the presentation argues this is a new, useful, important and top secret capability. Given previously existing and obvious alternatives to a simple lockbox at the service provider (e.g. providers pushing data to an NSA hosted server, cutting a tape or disk and delivering that, printouts, etc…) I find it easy to see a prism lockbox (as you suggest) being more convenient but hard to believe it introduced new and important capabilities. Don’t you find that claim difficult to swallow as well, given your understanding of the systems capabilities?

  13. Karl Fogel Says:


    Thanks (again) for the thoughtful comment.

    Greenwald’s specific claim — he reiterates this point in his recent piece — is that the slide contradicts what the companies are saying, and that he is just reporting on that contradiction. (Though you can see in his reporting the clear implication that we shouldn’t believe what the companies are saying, and that’s part of why I felt this was important to set straight. There are people in those companies who have been pushing back over this for some time, to the extent they can; it’s not the level of risk Edward Snowden took, obviously, but it’s not trivial either, and it’s disheartening to see their efforts ill-served by reflexively suspicious journalism.)

    So I’m just refuting that part of what Greenwald says. The slide does not contradict what the companies are saying. Given what it shows, what we know already, and what the companies say, there is no contradiction. And if that interpretation is correct, a big part of the story is less scary than it was, although of course there is still an important story here.

  14. bill Says:

    @karl – if your (and others) interpretation is correct then I agree that the concern over that aspect of the programs is *greatly* diminished. While I’m an engineer I work with corporate lawyers all the time and personally have little doubt distrusting them. I think these people in the various companies are generally well compensated to take exactly such risks in carefully avoiding uncomfortable questions. That may very well not be the case here – but I don’t doubt for a second that if the most nefarious interpretation of the slides is correct they would say what they are saying.

    I do find it disturbing – but not at all surprising – that some people are taking the issue you discuss and running with it as a tool to discredit all of the recent news – though clearly many of the elements are technically unrelated and only linked via the source. Politics and technology rarely results in the most honest and deep analysis.

    I also read Mark’s original piece – thanks much for the link – and was troubled by the fact that he (in some cases) was mixing comments from Greenwald and the Post (who seemed to be much less careful in their wording) in a manner that suggested a complete whole. There are issues to pick over from both – by mixing them I think he hurt his arguments.

    Best regards – bill

  15. Evidence Says:

    The fact that a logical possibility exists that the “servers” in question are DMZ-based drop boxes that are open to NSA access doesn’t mean that logical possibility is in fact the correct version of reality–yet that’s exactly how you’re acting. You’re pushing this point with zero evidence.

    I’ll never understand how some people can find government/corporate denials convincing.

  16. Karl Fogel Says:


    I agree with much of what you say above, of course, and don’t doubt that, in certain circumstances, highly-placed and well-compensated people at such companies have told lies before and will do so again. But for what it’s worth, my experience has been that these companies are not all alike, in terms of corporate culture and in terms of personal willingness to lie on the part of individual executives.

    Stepping back, the bigger picture for me is that of understanding the true dynamics of the world we live in, so we can decide how to act and what is most important to focus on. The picture Greenwald paints is, more or less, one of government-dominated oligopoly in which basically all the big players sat down at the same table and agreed to play by the NSA’s rules. I don’t think that’s an accurate picture. What I see is multiple power bases, with some degree of internal dissent within each organization (including even the NSA and the FISA courts, but much more so within the companies), and on important issues even open dissent between actors. Yes, there’s a lot of coercion and compromise, and there is no doubt that some companies hand over more than they should without asking enough questions — but they don’t all do that. Nor do I like it that the average person’s most immediate choice is which big protector(s) to grant conditional trust to. But as I said in response to someone else in a blog comment, it’s not like Russia and North Korea are the same thing (and the U.S. is neither). There are meaningful differences among surveillance states, and understanding the kind you live in is important if you’re trying to figure out which risks to take for what goals.

    This is a more complex picture than the one Greenwald paints, but if it is a truer one, then the paths available for resisting a surveillance state are quite different than they would be under a more monolithic situation. Do you take to the streets, or do you file lawsuits? If the latter, then against whom, a company or the government? (I don’t mean to suggest these are the only options; they’re just examples.)

    Hence the importance of people understanding that the government does not do unmediated “direct collection” from the servers of all major private-sector online service companies. Really, how realistic was that idea ever? What U.S. company, that originated as a mass-market services company and not as a government contractor, would agree to give government IT staff unfettered access to its live-data servers? The business risk would be incredible, the risk of public embarrassment incredible… the proposition just doesn’t make sense to me. It doesn’t pass the smell test. People following this story are trying to figure out what kind of country they live in, because after all, there are countries where the companies wouldn’t have a choice about granting that kind of access. If Glenn Greenwald succeeds in persuading U.S. readers that they live in one of those countries, and he is wrong, then he will have destroyed a feeling of collective empowerment and of individual rights that is crucial for resisting further encroachment.

    That’s why I care.

  17. Karl Fogel Says:


    “Zero evidence”? I’ve been pretty specific in citing the evidence I’m using. I grant that it’s not 100% certainty. But it seems like a much more likely case than what Greenwald is claiming (unless you take Greenwald’s claim to be merely that there is a contradiction between the NSA slide and the companies’ denials, in which case you already agree with me, because we both agree the slide doesn’t really say what Greenwald interpreted it as saying).

  18. Evidence Says:

    You went from the arguably-valid statement that ‘”servers”…doesn’t necessarily mean the same thing as “the main servers on which a company’s customer-facing services run”’ to the absolute, unqualified, unproven assertion that ‘The “servers” mentioned in the slide are just lockboxes used for secure data transfer.’ Neither you, Jaquith nor anyone else knows that, yet you assert it as though it’s a fact–apparently based on nothing more than PR-vetted denials from the corporations in question.

    Greenwald may not have the necessary technical background, but I’ve been managing servers for 30 years, and I’d say without question that “collection directly from the servers of these U.S. Service Providers” strongly implies *collection directly from the servers of these U.S. Service Providers*. Had it meant what you’re so sure it means, it should have read “collection from dropbox servers at these U.S. service providers” or something along those lines. You’re assuming that the people who produced the PowerPoint presentation were too clueless to realize how misleading this would be. You’re also acting as though Greenwald, Gellman et al were reading and (mis)interpreting this one slide on their own, sans technical qualifications, when they have direct, extensive access to the DIRECT SOURCE of this information (and he’s a sysadmin, ferchrissake)–not to mention the additional information he’s given them that they haven’t published.

    As far as “What the hell are the companies supposed to do? Put the data on a CD-ROM and mail it to Fort Meade?”: man scp, Mark. The blend of rank sarcasm and ignorance in that remark shows that you’re either a) technically uninformed yourself or b) so biased toward the corporate/government case that you’re willing to sling shallow snark even if it makes you look bad to anyone who knows what they’re talking about (while impressing the easily-gulled Rick Perlsteins of the world). I’m guessing it’s b.

    (Yes, of course there might be reasons why the NSA wouldn’t open up scp or other access even to servers in a DMZ, even though that’s the standard way for “customers” to push data to a “vendor” in situations like this. But that’s not the argument you made; you just took a cheap and misleading shot at Greenwald, Snowden et al. And that says a lot about where you’re coming from.)

  19. Evidence Says:

    Sorry: man scp, Karl. Unfortunately in this case it’s hard to tell you two apart.

  20. Evidence Says:

    I’d also point out that even if these *are* dropbox/lockbox servers, that doesn’t speak to how data is put on them. Edward Snowden said “I, sitting at my desk, certainly had the authorities to wiretap anyone, from you or your accountant, to a federal judge or even the President, if I had a personal e-mail”–the implication being that NSA has a way to submit a list of selectors (e.g. email addresses, though I’d expect there are others as well) to the companies in question and then retrieve the private information associated with those selectors.

    If NSA has the ability to gather private user data simply by submitting a selector to some vendor-provided data mining tool, whether or not the collection of the resulting private information happens in real time or via store-and-forward on a dropbox server is a moot point–it’s still effectively “direct access”.

  21. Mark Says:


    Thanks for all your responses to everyone’s comments.

    This one slide is labeled “TOP SECRET.” It is not labeled “Secret” or “Confidential” or anything else.

    If the 2 programs listed on the slide were in fact routine methods of gathering data with tech companies’ permission, and properly done within the law, it would be undeserving of the designation TOP SECRET.

    If the slide was outlining two programs undertaken *without* permission of or involvement by tech companies, TOP SECRET would make sense.

    Both programs are either with permission/involvement or without.

    Google’s legal council, Dave Drummond, said the government did not have access “not directly, or via a back door, or a so-called drop box.”

    That quote seems to destroy the theory that “servers” means “lockbox” — unless you think “lockbox” and “dropbox” are entirely different things.

    So it seems, re-reading the slide, that the NSA is talking about two programs that circumvent tech company involvement.

  22. bill Says:

    Mark – it should be pointed out that over the last 50 years there is a well documented trend to overly classify documents within the federal government. I agree with your contention that top secret would seem inappropriate under such a situation but I do not doubt that it would be routinely used when it seems inappropriate to ordinary (though well informed) citizens.

  23. Rancid Honeytrap Says:

    I’m sure Karl doesn’t mind my reminder here that he is a fellow of the New America Foundation, which receives millions from the Gates and The Schmidts.

  24. Evidence Says:

    From the NY Times: “The government had sought help in spying on certain foreign users, without a warrant, and Yahoo had refused, saying the broad requests were unconstitutional. The judges disagreed. That left Yahoo two choices: Hand over the data or break the law.”

    Compare that to Mark Jaquith’s description: “The kind of access described in these accounts is both indirect and moderated in that the government only has access to a subset of data about FISA warrant-specified targets, and this data is not gathered unilaterally, but only after company lawyers have reviewed and approved the request.”

    My emphasis in both cases. So no, this is not about access with a warrant — it’s about broad-based, warrantless access. That’s why Yahoo went to court to fight it rather than just complying as they had with FISA requests in the past.

  25. Remaining Questions About PRISM | The Rancid Honeytrap Says:

    […] tendency is to lean toward Greenwald’s assessment, especially after perusing this interesting comment thread on a site maintained by Karl Fogel, a blogger who repackaged Jaquith’s concerns with a lot […]

  26. Martin Says:

    How does one parse “I, sitting at my desk, certainly had the authority to wiretap anyone, from you or your accountant, to a federal judge or even the President, if I had a personal e-mail”? The literal meaning meaning can’t possibly be true. Are we to believe he could, himself, tap the phone anyone if he had their email address? If it’s not literally true, the range of figurative meanings are quite considerable. It bespeaks a carelessness of thought and expression that makes me quite uncomfortable with Snowden and Greenwald and the way this issue is being handled. Although not here, thank goodness.

  27. PWN #98: Summer Solstice, Snowden & More | Pagan-Musings Podcast Channel Says:

    […] Rants.org calls the NSA FISA/PRSIM leaks a botch job. […]

  28. Karl Fogel Says:

    FWIW, http://www.rants.org/2013/06/21/why_direct_unilateral_would_matter/ is partly a response to some of the comments here.


Leave a Reply