Is the NSA Sniffing Your Email?

Is the NSA Sniffing Your Email?

Puzzle Palace coauthor Wayne Madsen, in an article written for the June 1995 issue of Computer Fraud & Security Bulletin (Elsevier Advanced Technology Publications), wrote that "according to well-placed sources within the Federal Government and the Internet service provider industry, the National Security Agency (NSA) is actively sniffing several key Internet router and gateway hosts."

Madsen says the NSA concentrates its surveillance on destination and origination hosts, as well as "sniffing" for specific key words and phrases. He claims his sources have confirmed that the NSA has contracted with an unnamed private company to develop the software needed to capture Internet data of interest to the agency.

According to Madsen, the NSA monitors traffic primarily at two Internet routers controlled by the National Aeronautics and Space Administration (NASA), one in College Park, MD (dubbed "Fix East") and another at NASA Ames Research Center in Sunnyvale, CA ("Fix West").

Other NSA Internet sniffers, he said, operate at busy routers knows as Mae East (an East Coast hub), Mae West (a West Coast hub), CIX (reportedly based in San Jose), and SWAB (a northern Virginia router operated by Bell Atlantic).

Madsen says the NSA may also be monitoring traffic at network access points, the large Internet gateways operated by regional and long-distance service providers. The NAPs allegedly under surveillance are in Pennsauken, NJ (operated by Sprint), Chicago (run by AmeriTech and Bell Communications Research), and San Francisco (Pacific Bell).

"Madsen claims the NSA has deals with Microsoft, Lotus, and Netscape to prevent anonymous email."

"One senior Federal Government source has reported that NSA has been particularly successful in convincing key members of the US software industry to cooperate with it in producing software that makes Internet messages easier for NSA to intercept, and if they are encrypted, to decode," Madsen wrote. "A knowledgeable government source claims that the NSA has concluded agreements with Microsoft, Lotus and Netscape to permit the introduction of the means to prevent the anonymity of Internet electronic mail, the use of cryptographic key-escrow, as well as software industry acceptance of the NSA-developed Digital Signature Standard (DSS)."

Is the NSA really snooping on the Net? And if they are, would that violate the agency's charter, which specifically prohibits it from spying within the US?

"Well, Net traffic is routed from God knows where to God knows where around the world," says George Washington University Professor Lance Hoffman, a professor of Communications and Telecommunications Systems Policy at George Washington University. "So if the NSA is doing this, they could say they are not violating their charter not to spy in the US. That's the thing. Intelligent routers send stuff any which way."

Web Review copyright c 1997 Songline Studios, Inc.