Saturday, July 1, 2006

How to Spy on the NSA

Wanna know which of your favorite websites are monitored by the National Security Agency? Ryan Singel and Kevin Poulsen at Wired explain how:

If you're a Windows user, fire up an MS-DOS command prompt. Now type tracert followed by the domain name of the website, e-mail host, VoIP switch, or whatever destination you're interested in. Watch as the program spits out your route, line by line

C:\> tracert

1 2 ms 2 ms 2 ms
7 11 ms 14 ms 10 ms []
8 13 12 19 ms []
9 18 ms 16 ms 16 ms
10 88 ms 92 ms 91 ms []
11 88 ms 90 ms 88 ms []
12 89 ms 97 ms 89 ms []
13 89 ms 88 ms 88 ms []
14 102 ms 93 ms 112 ms
15 94 ms 94 ms 93 ms
16 * * *
17 * * *
18 * *

In the above example, my traffic is jumping from Level 3 Communications to AT&T's network in San Francisco, presumably over the OC-48 circuit that AT&T tapped on February 20th, 2003, according to the Klein docs.

The magic string you're looking for is If it's present immediately above or below a entry, then -- by Klein's allegations -- your packets are being copied into room 641A, and from there, illegally, to the NSA.

Of course, if Marcus is correct and AT&T has installed these secret rooms all around the country, then any entry in your route is a bad sign.

If you don't know how to fire up the MS-Dos command prompt, here's how: go to Start, select All Programs, select Accessories, and then select Command Prompt. You are now ready to turn the telescope back around on the NSA and their paid cohorts at AT&T. I checked out a few websites myself.
, a 9/11 truth seeking organization, was routed through AT&T via Washington, D.C., New York, Illinois, and Indiana. How do I know which states it was routed through? Check out the last two letters of the bold script in each of the following four lines. That’s the state. The preceding letters represent a city name., the host for the In Plane Site documentary, was routed through AT&T as well. This documentary is highly controversial even among 9/11 truth seekers because, among other criticisms, it purports that the planes were switched with military look-alikes armed with missiles. Yeah. Far out, man. If these In Plane Site guys are just plain old crazy, then why should the NSA spy on them? It's a valid question, and one that must be answered.
, a site that has nothing to do with the attacks but is actually a professional website aimed at EMTs, 911 phone operators, ambulance drivers, et cetera, somehow got targeted by AT&T’s keyword filters.
, of course, is also spied upon by the NSA.

It is worth noting AT&T updated their privacy policy on June 16th, 2006, by removing portions that might get them in further legal trouble fo spying on Internet users. The Washington Post reports on that here.

In my route tracing experiment, I also ran across another interesting revelation.
and were routed through a Content Delivery Network called Akamai Technologies. According to the Akamai Technologies entry at
Akamai's customers include Yahoo!, AOL Radio, Symantec,, Google, Microsoft, FedEx, BBC News website, Xerox, iVillage, Apple Computer, Music Television (MTV), the United States Geological Survey, the White House, Reuters,, and XM Radio.

Arabic news network Al-Jazeera was a customer until April 2003, when Akamai abruptly cancelled the relationship shortly after the start of Operation Iraqi Freedom. There is speculation that the move may have been influenced by the network's controversial coverage of the Iraq war and Akamai's own history, as co-founder Daniel Lewin was killed aboard American Airlines Flight 11 during the September 11th, 2001 terrorist attacks.