In Lewis Carroll’s “Through the Looking Glass” Humpty Dumpty tells Alice [the one of Alice in Wonderland], “When I use a word, it means just what I choose it to mean — neither more nor less.”

Alice replies, “The question is, whether you can make words mean so many different things” to which Humpty replies, “The question is, which is to be master — that’s all.”

A recent dispute between Facebook and the NSA over privacy has heightened the importance of the meaning of words.  Glenn Greenwald, based on documents provided by Edward Snowden,  revealed that the NSA was, in the words of Greenwald, using a program: codenamed QUANTUMHAND, the agency disguises itself as a fake Facebook server.

When a target attempts to log in to the social media site, the NSA transmits malicious data packets that trick the target’s computer into thinking they are being sent from the real Facebook. By concealing its malware within what looks like an ordinary Facebook page, the NSA is able to hack into the targeted computer and covertly siphon out data from its hard drive.

The malware then would permit the NSA to obtain data or access to data, or infect the target computer, or – well, do anything that malware can do.

Facebook, for their part is shocked, shocked to see that IP address spoofing is going on here.  So shocked that Mark Zuckerberg personally called President Obama to complain.  Unreported was how the Facebook guru got the President’s phone number.  Perhaps he posted it on Facebook.

The idea of exploiting a trusted relationship for one’s own purposes is hardly surprising.  It is as old as – well, Adam and Eve.  The problem for Facebook is, if people believe that Facebook is being deliberately used as a mechanism for injecting malware into user’s computers, people will stop using Facebook.  And that is bad for Facebook.  So they are understandably upset.

The NSA attempted to allay people’s fears with a sternly worded denial that will satisfy exactly nobody.

Now in a way, I feel bad for the NSA.  Because of national security and other concerns, they can’t exactly speak openly about potential ongoing intelligence operations.  They can’t confirm or deny their existence.  Thus, they speak in “weasel words.”  So here is what the NSA said on their website – and remember, read V E R Y carefully:

NSA PAO Statement – 13 Mar 2014

Statement in Response to Press Allegations

“Recent media reports that allege NSA has infected millions of computers around the world with malware, and that NSA is impersonating U.S. social media or other websites, are inaccurate. NSA uses its technical capabilities only to support lawful and appropriate foreign intelligence operations, all of which must be carried out in strict accordance with its authorities. Technical capability must be understood within the legal, policy, and operational context within which the capability must be employed.  NSA’s authorities require that its foreign intelligence operations support valid national security requirements, protect the legitimate privacy interests of all persons, and be as tailored as feasible. NSA does not use its technical capabilities to impersonate U.S. company websites. Nor does NSA target any user of global Internet services without appropriate legal authority. Reports of indiscriminate computer exploitation operations are simply false.”

OK.  Remember, this is the same agency that redefined the words “collection” “relevant” and “document.”  They aren’t “collecting” information on millions of Americans – they are simply taking custody of them from the phone company.

Their legal authority that is limited to compelling the production of “relevant” “documents” includes the production of documents that may become “relevant” at any time in the future (e.g., everything.)  And their authority to obtain “documents” and tangible objects includes the authority to obtain entire databases that contain any document that might be relevant in the future.  Humpty would be proud.

So what does the NSA “denial” actually say?  And what does it omit?

The NSA says that the media reports that the NSA has infected millions of computers are “inaccurate.”

Many weasels can crawl into that denial.  Could be that the NSA has infected billions of computers, making the allegation of millions “inaccurate.”  Could be that the NSA didn’t infect millions of computers – they infected thousands, which in turn infected millions.  Or that the NSA used contractors, hackers or other agents to infect millions of computers, but that they themselves didn’t do it.  Or it could mean that the NSA defines the term “infect” differently – and computers are only “infected” when malware not only accesses computers, but also when the results of that access is then obtained by the NSA.

Who knows?

All we know is that the NSA has called the media reports “inaccurate.”  And that’s the problem when you are dealing with a secret program and a tendency to deny the truth through reinterpretation of words.  It’s not that words mean what you want them to.  It’s that the words mean nothing.

The same is true with the NSA’s denial that they are “impersonating U.S. social media or other websites.”  If you read carefully, you note that the Greenwald article never actually asserted that the NSA was impersonating U.S. social media or other websites.  It asserts that the NSA was piggybacking on an attempt by someone to access Facebook’s website.

By redirecting an attempted Facebook user to an NSA malware infiltration site, and then back to Facebook (just one of many possible ways to accomplish this task) the NSA would not be “impersonating” Facebook.  It would be launching a “man-in-the-middle” attack on the user attempting to access the social networking site.  If I take traffic intended for IP address and direct it to, from a trademark infringement standpoint, I can’t be sure that I have “impersonated” the website.  Nobody could argue that the two sets of numbers are “confusingly similar.”  Especially if, after injecting malware, the user was directed back!  No impersonation at all.

The Greenwald article also asserted that the “NSA transmits malicious data packets that trick the target’s computer into thinking they are being sent from the real Facebook.” “Tricking” and impersonating are different things.  And the NSA denial only denied that the NSA impersonated “websites” – not IP addresses, signatures, or other authenticating information.

So the NSA denial – narrowly read – does not contradict the Snowden/Greenwald allegations.  And that’s the point.  Whether the Snowden/Greenwald allegations are spot on accurate or made up from whole cloth is anyone’s guess.  And keeping people guessing is just fine with the NSA – not so much for Mr. Zuckerberg.

The same is true for the NSA’s other denials from its Public Affairs Office.  They assert that everything was legal and approved (or more accurately, legal because it was approved), and that the NSA doesn’t do things like this “indiscriminately.”  Even accepting Greenwald’s allegation of millions of hijacked sessions or malware injections, the NSA could legitimately claim the targeting of millions of sessions among tens of billions is not “indiscriminate” as long as it is “as tailored as feasible.”

Perhaps the NSA should be mindful of another quote from Lewis Carroll, “If everybody minded their own business, the world would go around a great deal faster than it does.”

Leave a Reply