LAS VEGAS — National Security Agency Director Gen. Keith Alexander opened the Black Hat 2013 security conference here this morning with a defense of the NSA's recently leaked programs that was alternately rueful, defiant and witty.
"I promise to tell you the truth," Alexander said at the beginning of his keynote address, even as audience members passed around a carton of eggs that, thankfully, was not used.
The NSA surveillance programs exposed by leaker Edward Snowden exist because "terrorists live among us," Alexander explained.
As Alexander spoke, several hecklers yelled out questions.
"Why'd you lie to Congress?" asked privacy advocate and cryptography expert Moxie Marlinspike from the audience.
"I haven't lied to Congress," Alexander responded.
"We stand for freedom," Alexander said at one point.
"Bulls---," yelled another audience member, prompting Alexander to smile and say, "Not bad."
Foiling a plot
Alexander explained that there are two pieces of legislation that enable the NSA: Section 702 of the Foreign Intelligence Surveillance Act of 1978, and Section 215 of the USA-PATRIOT Act of 2001.
The former enables collection and reading of the content of communications generated by non-U.S. persons, as with the XKeyScore program revealed by Britain's Guardian newspaper today; the second enables the collection of metadata, but not content, of U.S. persons.
Alexander showed how 702 and 215 — one of which collected Internet content generated by foreigners and included the PRISM program, the other of which analyzed metadata of communications of persons inside the United States — helped foil a planned al-Qaida attack on the New York subway system.
The tip-off was an email from a suspected al-Qaida member to a recipient near Denver. (London's Daily Telegraph said Scotland Yard intercepted the email during an investigation of a suspected British domestic terrorist cell.)
The FBI was alerted, and the NSA used the PRISM program, authorized under 702, to identify the recipient as Najibullah Zazi, an Afghan who had once manned a coffee cart in New York's financial district but who had moved to Aurora, Colo. It then used 215 to mine the metadata of Zazi's domestic phone calls to establish records of who he communicated with.
The metadata revealed several previously unsuspected co-conspirators, who were arrested with Zazi after the plot was foiled. (Zazi drove bomb-making materials from Denver to New York, but threw them away after his car was searched.)