LAS VEGAS — Tensions were high as the National Security Agency’s Gen.
Keith Alexander took the stage here in front of a packed room of
security industry professionals and hackers of all stripes.
The general at the forefront of the surveillance scandal currently
enveloping the NSA walked up to the podium in the conference center at
Caesar’s Palace amid audience murmurings that he was going to avoid the
Instead, it was the focus of his keynote speech.
“How do we protect our civil liberties and privacy?” he asked the 3,200
people filling the room and the 1,500 people in an overflow space. “This
is one of the biggest issues we face today.”
He also promised the attendees that he would take their questions, a
longtime tradition at Black Hat and its sister conference, DefCon. “I
will answer every question to the fullest extent possible. We don’t want
to jeopardize our defense,” he said.
It was a far cry from when Alexander kicked off DefCon 20 with a keynote speech
last year. There’s a lot of crossover between Black Hat and DefCon
attendees, but the general, who last year was dressed in jeans and a
tucked-in T-shirt, spoke on Wednesday in his official uniform. This
would be a more serious presentation.
Over the ensuing 45 minutes or so, Alexander described in broad terms
how the FISA Amendment Act Section 702 and the Patriot Act Section 215
affect governmental intelligence gathering in the U.S.
His described the pre-9/11 world as a place where the intelligence
community was at times unable to “connect the dots” in order to stop
terrorist attacks. Post-9/11, he said, problems continued, but the
situation improved. He cited phone surveillance that led to the arrest
of Najibullah Zazi, who was involved in the plot to bomb the New York
subway in 2010, as one example of successful surveillance.
About a half-hour into Alexander’s presentation, some in the audience had enough.
“Freedom!” shouted a man who Forbes identified as 30-year-old security consultant Jon McCoy.
“Exactly,” Alexander said. “We stand for freedom.”
“Bullshit!” retorted McCoy.
Alexander kept his cool and replied, “Not bad,” to mild applause from
the crowd. People didn’t necessarily buy everything that Alexander was
selling, but they weren’t entirely comfortable with the heckling either.
“But I think what you’re saying is that in these cases, what’s the
distinction, where’s the discussion, and what tools do we have to stop
this?” Alexander said.
McCoy yelled back, “No, I’m saying I don’t trust you!”
Moments later, another audience member chimed in. “You lied to Congress.
Why would people believe you’re not lying to us right now?”
Alexander hesitated for a brief moment. “I haven’t lied to Congress,” he
said. He pleaded with the audience to take stock of what he termed “the
“Read the congressional testimony. Look at what we’re talking about here,” he said.
“What we see coming at our country is more of the same,” Alexander
continued, implying that America will face more terrorism at home. “In
my opinion, this is not bull. We ought to put the facts on the table.”
He emphasized that the controversial surveillance programs have been
regularly audited and scrutinized. Federal judges, members of Congress,
and the president’s administration all have to sign off on the spying.
General Keith Alexander takes prepared audience questions from Black Hat general manager Trey Ford at Black Hat 2013.
Alexander’s speech had two goals. He said at the beginning that he
wanted to open the conversation with the security community, but
throughout the speech he also worked to polish the tarnished reputation
of the NSA’s cryptographers, 20 of whom had been killed over the past
decade in Iraq and Afghanistan. Their primary concern, he said, was “to
protect the country and protect civil liberties and privacy.”
He pointed out that of all of the NSA’s analysts, only 35 are authorized
to run queries on the database that contains metadata vacuumed up by
Section 215. “They have to go through three separate training regimen,
and pass tests, to do queries into that database,” he said, highlighting
that not all NSA employees can access the data it has collected.
Alexander returned repeatedly to the question of how to balance security
vs. civil liberties and privacy. But when it came time for the
question-and-answer session, he faced more heckling and skepticism.
The questions had been prepared in advance via a questionnaire organized
by Black Hat’s new general manager, Trey Ford, who read the questions
from the stage. But first, an audience member shouted out a question to
“Why do so many countries want to attack us?” the person asked.
The general replied that America stands in the way of them reaching their objective, which is to force everybody to comply with sharia law.
“They want to attack us because we’re bombing them!” shouted another person, to much chuckling from the audience.
One of Ford’s prepared questions asked whether the NSA had been affected by the media leaks.
“It has,” he replied. “I think you can tell from the sporadic comments
here,” he said, acknowledging the audience heckling. Then he called the
NSA cryptographers “the most noble people we have” in the United States.
“They are willing to put their lives on the line for their fellow
soldiers and fellow Americans. These same people who take that same oath
to uphold the Constitution are the same ones who run these programs,”
he said, and added that when those programs have been audited, there
were no instances of abuse discovered.
“And that’s no bullshit,” Alexander said to widespread applause from the
audience. Then he asked the media in the front rows not to quote the
swear word for the sake of his grandchildren.
He ended by restating his plea to the hackers and security professionals
to help the NSA build better surveillance tools. “You’re the greatest
gathering of technical talent anywhere in the world,” he said. “The
whole reason I came here was to help make us better.”
An audience member, who sounded like McCoy, shouted, “Read the Constitution!”
“I have,” Alexander said. “You should too!”
Whatever else, the impact of the NSA spying scandal has widened the
heretofore slowly closing chasm between the “spooks” and the security
community, and it’s not likely to reverse course anytime soon.