recommended reading

How to Get NSA's Attention (It's Art)

Many people, upon learning of the government's expansive programs to monitor electronic communications, probably thought to themselves, "Huh, I wonder if there is any steps I can take to make sure my emails do not end up in the pile that the NSA 'touches.'"

But not Ben Grosser. Grosser, an artist whose work explores the effects of software in society, had a different idea: How can I put my emails—the ones about my new cat, the invitations to meet up for coffee—under surveillance?

The result of this counterintuitive line of thinking is ScareMail, a new extension for Gmail that tacks text onto the bottoms of emails, algorithmically generated to capture the attention of the NSA's filtering mechanisms.


A bit of extra text tacked onto an email, full of NSA-alluring keywords. (Ben Grosser)

Grosser explains:

One of the strategies used by the US National Security Agency’s (NSA) email surveillance programs is the detection of predetermined keywords. These “selectors,” as they refer to them internally, are used to identify communications by presumed terrorists. Large collections of words have thus become codified as something to fear, as an indicator of intent. The result is a governmental surveillance machine run amok, algorithmically collecting and searching our digital communications in a futile effort to predict behaviors based on words in emails.

ScareMail proposes to disrupt the NSA’s surveillance efforts by making NSA search results useless. Searching is about finding the needles in haystacks. By filling all email with “scary” words, ScareMail thwarts NSA search algorithms by overwhelming them with too many results. If every email contains the word “plot,” or “facility,” for example, then searching for those words becomes a fruitless exercise. A search that returns everything is a search that returns nothing of use.

And he demonstrates in a quick video:

ScareMail from benjamin grosser on Vimeo.

As you can see from the examples, the results aren't exactly intelligible, and that's intended, says Grosser. Part of what he hopes to demonstrate with his project is that the mere inclusion of certain terms does not itself imply "intent"—that keywords will always generate some content that is innocuous.

Will ScareMail work as intended? The picture of how the NSA filters and handles email contents is still incredibly vague, and you'd have to know how that system works in order to game it, as ScareMail seeks to do. A recent report in The Wall Street Journal explained that of the 75 percent of all U.S. Internet traffic the system could conceivably reach, an unknown amount actually winds up stored within NSA databases, though "some" of what does is said to be communication between Americans (as opposed to between Americans and foreigners, or exclusively between foreigners). 

Just what terms and other clues go into filtering that firehose—a collaborative process on the part of several telecoms and the government—remain mysterious. Grosser says that "the 'scary' nouns and verbs" his program generates "are a best guess at probable NSA search keywords." He relies on a "Department of Homeland Security list of keywords used by their National Operations Center (NOC) for searching social media sites." As expected, Grosser says, that list contains terms such as "Al Qaeda," but, he adds, "it also contains a large number of multipurpose words, such as 'plot,' 'facility,' 'wave,' 'dock,' etc."

On their face, those words aren't scary in the least—which is precisely what's scary about their inclusion on that list.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • It’s Time for the Federal Government to Embrace Wireless and Mobility

    The United States has turned a corner on the adoption of mobile phones, tablets and other smart devices, outpacing traditional desktop and laptop sales by a wide margin. This issue brief discusses the state of wireless and mobility in federal government and outlines why now is the time to embrace these technologies in government.

    Download
  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

    Download
  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

    Download
  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

    Download
  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.

    Download

When you download a report, your information may be shared with the underwriters of that document.