The Cable

Graham Tells Obama to Send Terror Suspect to Gitmo

The Obama administration's expected decision to try suspected al Qaeda operative Nazih Abdul-Hamed al-Ruqai in federal court in New York City as opposed to a military tribunal has relaunched a heated debate over the prosecution of suspected terrorists.

Ruqai, known by his alias as Abu Anas al-Libi, is currently being interrogated on a Navy ship in the Mediterranean. Though administration officials say no decision has been made on the type of court they will provide Libi, anonymous officials have told several media outlets that he will be sent to New York for criminal prosecution. Responding to those articles, a string of hawkish Republicans have come out against the idea of treating Libi as anything but an enemy combatant -- with some calling for his immediate detention in Guantanamo Bay, Cuba.

"I believe the most responsible course of action would be to hold him as an enemy combatant at Guantanamo Bay for intelligence gathering purposes," said Republican Senator Lindsey Graham in a statement. "U.S. Navy ships were never intended to be confinement and interrogation facilities in the War on the Terror. The use of ships, instead of Guantanamo Bay, will greatly compromise our ability to gather intelligence from captured terrorists."

In a separate statement, New Hampshire Sen. Kelly Ayotte echoed her opposition to treating Libi as a criminal.  "As an al Qaeda leader who is suspected of involvement in deadly terrorist attacks against American embassies in Africa, al-Libi should be treated as an enemy combatant, detained in military custody, and interrogated to gather information that will prevent future attacks and help locate other al Qaeda terrorists," she told The Cable in a statement.

Republican Mike Rogers, chairman of the House Intelligence Committee, said he was "profoundly concerned" that prosecuting al-Libi in a civilian court would prevent authorities from obtaining "the intelligence we need from him to help prevent future attacks and to break up terrorist networks."  He added: "Enemy combatants should be tried in a military commission."

Other members of Congress urged the administration to disregard GOP calls for a military tribunal. "I support a civilian prosecution and hope that the Administration will resist any call to bring al-Libi before a military commission," said Democratic Congressman. Adam Schiff, in a statement. "The Justice Department has demonstrated a far greater ability to successfully prosecute terrorists in federal courts than the military commissions have thus far been able to show."

Congressional efforts to derail civilian trials for terror suspects have had some success in the past, particularly in the case of 9/11 mastermind Khalid Sheikh Mohammad. In 2009, after Attorney General Eric Holder announced that Mohammad would be tried in New York, a wave of Congressional scrutiny and public consternation led him to reverse course and opt for a military commission.

On Monday, White House spokesperson Caitlin Hayden ruled out Guantanamo as an option of Libi. "The Administration is seeking to close Guantanamo, not add to its population," she said. She added that the ultimate decision on how to try Libi is with the Justice Department and the Pentagon.

In response to complaints by the Libyan government that the seizure of Libi on the streets of Tripoli amounted to a kidnapping, Secretary of State John Kerry noted Libi's indictment by a U.S. court. "An indictment is an accusation," Kerry said Monday. "In our legal system the defendant is presumed innocent until proven guilty, but he will now have an opportunity to defend himself and to be appropriately brought to justice in a court of law."

Libi, in particular, is believed to have a windfall of intelligence for officials due to his expansive knowledge of al Qaeda from the early days with Osama bin Laden in Sudan to its current state of decentralized affiliates. A suspect in the deadly bombings of U.S. embassies in Kenya and Tanzania, Libi has been on the FBI's Most Wanted List for almost two decades. "Al-Libi is likely to be a treasure trove of valuable intelligence information," said Graham.

Interestingly, GOP hawks are not as unified as they were back in 2009 in offering a legal solution for the administration.

Graham, for instance, is open to a civilian trial after Libi is interrogated in Gitmo. "We can hold Libi as an enemy combatant, interrogate, gather intelligence, and then turn him over for trial in federal district court," he said.

Rogers, meanwhile, is not advocating that Libi be detained in Guantanamo like he did with Osama bin Laden's son-in-law with Sulaiman Abu Ghaith last year.

Publicly, the White House is leaving the door open to prosecuting Libi in a military commission while defending the administration's success-rate of prosecuting terrorists in federal courts.

"Article III courts have a long track record of success, proving that federal prosecutions can often be the most effective mechanism for gathering useful intelligence, neutralizing a threat, and keeping a dangerous individual behind bars," Hayden said. "We also fully support the use of the military commissions system in appropriate cases."

National Security

Not Even the NSA Can Crack the State Dept's Favorite Anonymous Network

A far-flung group of geeks, supported by the U.S. State Department, has built a tool for anonymous communication that's so secure that even the world's most sophisticated electronic spies haven't figured out how to crack it.

That's the takeaway from the latest revelations from National Security Agency leaker Edward Snowden. The NSA has used aggressive computer attack techniques to monitor people using the Tor network, a service that's funded by the U.S. government and allows users to remain anonymous when they're connected to the Internet. But the agency has not been able to undermine the core of the Tor system, which was developed by the U.S. Naval Research Laboratory in 2002. It remains a viable means for people to connect to the Internet anonymously. Although Tor's complete reliability has been called into question in light of the NSA's efforts -- which may have begun as early as 2006, according to the Washington Post -- for now it's State Department 1, NSA 0, in the anonymity wars.

Which highlights another important point in the latest Snowden papers. In them, we see the NSA, an agency of the Defense Department, taking actions that are directly at odds with those of the State Department, which for the past few years has spent millions of dollars to develop Tor and other technologies and then distribute them overseas to political dissidents and democracy activists.

The NSA's anti-anonymization campaign, detailed in the Guardian, underscores a fundamental conflict at the heart of U.S. government policy toward the Internet. The NSA sees Tor as a tool for terrorists and spies. The State Department sees it as a platform for activists trying to evade the very kinds of surveillance systems that the NSA has built.

"There is a lack of coherence," said Tim Maurer, a policy analyst at the New America Foundation's Open Technology Institute, which has received funding from the State Department and supports the development of technologies that circumvent surveillance. "If the political goal is to secure fundamental freedoms, privacy, and free flow of information online as well as offline for people in the U.S. and abroad, all policies must flow from that, including those guiding the NSA."

The spy agency does not try to disable Tor, but rather infects or "tags" individual computers using the anonymous service as they come in and out of it. The agency has only managed to install a few "nodes," or individual machines, inside the Tor system in order to identify users.

In February 2012, as part of what appears to have been an experiment at defeating Tor's anonymity, the NSA's British counterpart, the Government Communications Headquarters, set up 11 relays in the Tor system, according to an analysis conducted for The Cable by Runa A. Sandvik, a Tor Project developer, and Collin Anderson, an independent researcher. A relay, also known as a router or a node, receives and then directs traffic in the Tor network. The relays were collectively dubbed Freedomnet, and the experiment went by the name REMATION II, according to the analysis. The experiment lasted from Feb. 22 to 28, 2012.

This gives some idea of the resilience of the Tor system in the face of the NSA's hacking attempts. The agency found it easier to go after weaknesses in Tor users' computers, specifically a version of the Internet browser Firefox, than to try to defeat the extensive procedures Tor uses to keep its users anonymous.

"The good news is that they went for a browser exploit, meaning there's no indication they can break the Tor protocol or do traffic analysis on the Tor network," Roger Dingledine, the president of the Tor Project, told the Guardian. "Infecting the laptop, phone, or desktop is still the easiest way to learn about the human behind the keyboard."

National security analysts agreed that in general, Tor seemed to have held up to the NSA's attempted intrusions. "What caught me here was how little success they [NSA] seemed to have. If I were in the State Department, I'd consider this news an overall win," Jason Healey, the director of the Cyber Statecraft Initiative at the Atlantic Council, told The Cable. Healey said the department should be more concerned about how its statements of principle and strategy for a free and open Internet "are being undone by far less coordinated intelligence and covert operations" by the NSA.

"It doesn't matter what cyber policies get agreed upon in the interagency [process]. Ft. Meade [NSA's headquarters] de facto makes U.S. cyber policy by changing the facts on the ground, in the network itself," Healey said.

For years, the U.S. government has offered tools and training to help foreign dissidents and journalists circumvent detection by repressive governments. In particular, the Broadcasting Board of Governors (BBG), though its Internet Anti-Censorship (IAC) Division, has provided "anti-censorship, pro-privacy software to users worldwide who are subject to foreign government-sponsored Internet censorship," according to the BBG's website.

In some cases, that has meant partnering with companies to improve the security of their software. The board also has worked with the Tor Solutions Group to develop "several enhancements" to its usability and performance for users subject to censorship. The BBG's budget for Internet anti-censorship issues runs a little over $10 million a year.

However, contrary to the Guardian's report, the BBG stopped directly supporting Tor last October. At that time, the Tor portfolio was moved to Radio Free Asia, a private nonprofit that receives an annual grant from the BBG for its Internet anti-censorship work, including about $400,000 for a Tor project that monitors Internet surveillance by governments.

While he was careful not to criticize the NSA, Dan Meredith, director of Radio Free Asia's Open Technology Fund, said the spy agency's exploitation of services like Tor doesn't make his job any easier. "The United States government is incredibly large with lots of diverse programs from the Census Bureau to Medicare to Radio Free Asia's Internet Freedom program -- and the employees shouldn't all get lumped together as aligned with the NSA's view of the world," he told The Cable. "You'll try to explain that to activists in Sudan, but they don't always take it that way. Sometimes I'll spend 15 minutes with people trying to convince them that I'm not CIA."

The Obama administration is pouring money into new efforts to fund anti-surveillance technology. The U.S. Agency for International Development's fiscal 2014 budget requests include $7 million to support cutting-edge tools and requisite training that allow secure communications. The agency's Human Rights and Democracy fund, which has requested $64 million, has a mandate to "support independent media and Internet Freedom." There are other pools of millions of dollars throughout the foreign affairs budgets that go toward supporting tools like Tor.

That has piqued the ire of some intelligence officials. Anonymity is a persistent obstacle to NSA's surveillance and intelligence-gathering operations. And to the extent that the State Department is a big backer of anonymizing technologies like Tor, it's butting heads with the spies at the NSA.

"The Secretary of State is laundering money through NGOs to populate software throughout the Arab world to prevent the people in the Arab street from being tracked by their government," former NSA Director Michael Hayden said this year in remarks at The Atlantic Council. "So on the one hand we're fighting anonymity, on the other hand we're chucking products out there to protect anonymity on the net."

In a statement released Friday afternoon, Director of National Intelligence James Clapper said that the intelligence community's interest in "online anonymity services and other online communication and networking tools is based on the undeniable fact that these are the tools our adversaries use to communicate and coordinate attacks against the United States and our allies."

Clapper added, "In the modern telecommunications era, our adversaries have the ability to hide their messages and discussions among those of innocent people around the world. They use the very same social networking sites, encryption tools and other security features that protect our daily online activities."

The Washington Post reported that the NSA has successfully unmasked at least one al-Qaeda member in the Arabian Peninsula, described as a propagandist, who was using the Tor network and posting information on the terrorist group's Web site.

Tor has also become popular with drug dealers, criminal hackers, and peddlers of child pornography. The online drug market Silk Road, which was shut down by federal authorities this week, relied on Tor.

The NSA cannot know when attacking Tor users' computers if they belong to foreigners or U.S. citizens. Given the popularity of Tor in the United States, the spy agency is almost certainly infecting the computers of Americans. Tor estimates that nearly 400,000 users are connecting directly to the system in the United States.

The NSA is using the same methods to infect computers that U.S. officials say are deployed by China, Iran, and other regimes against the United States. Cyber spies in those countries have stolen secrets from U.S. corporations, disabled bank Web sites, and mapped out the computer systems that run the electrical power grid, U.S. officials say. Those countries also use some of the same techniques the NSA reportedly uses to infect Tor, in order to keep their own citizens from reading censored material on the Internet.

The documents provided by Snowden reveal that the NSA tricks computers into connecting to a server that tags the machine so the NSA can track it. The spy agency also sends so-called spear-phishing emails to its targets. These messages, which are designed to look as if they came from someone the recipient knows or has a reason to trust, may contain a link or an attachment that unleashes spyware inside the host computer. Spear-phishing is a common technique of Chinese spies trying to infiltrate the computers of U.S. government officials. One spear phishing campaign two years ago targeted senior State Department officials who were working on then-Secretary Hillary Clinton's Internet Freedom agenda, according to a current and a former department official.

If the upshot of NSA's anti-Tor campaign is that it cannot easily defeat anonymity there, it doesn't appear to be giving up on doing so elsewhere. The agency's Tailored Access Operations group, a den of super hackers that houses vulnerabilities in software programs, Web applications, and browsers is constantly developing techniques for penetrating computers and unmasking their users.

So rack up a win for Tor - and its Foggy Bottom sponsors -- in the anonymity war. But it's far from over.