The liberal media and pundits are so technically illiterate it is sometimes scary. And this complete illiteracy leads them to wild-eyed fake accusations based on the ‘testimony’ of ‘experts’ who are not experts and cannot hold a candle to some of us professionals in the telecommunications business. While I would not even consider myself a security guru (though I deal with it on a daily basis) I can tell you without hesitation the latest ‘expert’ to arise in the NSA-FISA wars is clearly not.

Paul Kiel over at the aptly named TPMMuckRaker provides us the latest example of the rabid left using amateur ‘experts’ to make a case about US eavesdropping on Americans.

That consultant is a man named Babak Pasdar, who outlined the accusation in an an affidavit (pdf) for the Government Accountability Project. Pasdar does not name the wireless carrier, but Wired reports that “his claims are nearly identical to unsourced allegations made in a federal lawsuit filed in 2006,” which names Verizon Wireless.

In the affidavit, Pasdar says that he was hired by the carrier in 2003 to do a major security overhaul, a taxing job that was going relatively smoothly, having covered more than 300 sites, until he asked why the overhaul seemed to be skipping one location, which the carrier consultants called the “Quantico Circuit.” Quantico, Virginia is home to the FBI Academy and the bureau’s electronic surveillance operations.

When Pasdar asked the company’s security consultants about the location, he only got smiles. And when he insisted that the location be covered by the same security procedures as the others, one of the consultants replied “I don’t think that is what they want.” When he asked “Who?” the consultants didn’t respond. Then the company’s security director appeared to demand that Pasdar “move on” and “forget about the circuit” or he’d be fired.

I will deal with Mr. Pasdar and his affidavit in detail in a moment. Rest assured he is not as experienced or as technically deep as TPM tries to make him out to be. One thing is correct though, this case is very similar to the previous claims by the left the last time they thought they found a suspicious telecom room – a matter which I posted on at the time.

This previous media screw-up was based on a technician’s (not an engineer’s) recollection of seeing communications circuits in a separate room from the public circuits. My assessment then was this technician simply discovered the private federal communications backbones, which every major federal agency or department have to link its geographically distributed facilities and commercial workforces together. They do use cell phones, blackberries and email in the US government folks.

For example, NASA uses AT&T (the same carrier this technician worked for) to provide its communications backbone – which is physically closed off from AT&T’s public backbone or any other federal agencies backbone they support. And it is closed off for damn good reasons. No one wants a hacker getting into NASA’s systems during a launch and screwing things up.

These federal circuit rooms are separate and have special monitors on them for auditing, checking for security breaches and attacks, and checking for misuse (e.g., porn). All this previous guy did was probably trip over a room used to house one or more of these private federal circuits. NASA has them, DoD has many of them, DoJ and the FBI have theirs – they are all over the place. And yes, we use commercial providers to give is the com pipelines to move classified and secure traffic. It is either that or put the Federal government into the com business.

Let me pass on some highlights of my career to establish my bona fides. I specialize in architecting, designing and developing distributed computer systems, especially those that deal with command and control functions as well as simple data transport. I worked on the developing the DoD’s Global Command and Control System (GCCS), worked briefly on the FBI’s Integrated Automated Fingerprinting System and now work on NASA’s plans to explore the universe, which has me working with NASA’s communications engineers. These are just a few of the programs I have worked and provided lead Systems Engineering support to. Not only do I know various communications architectures, I know the how the federal government designs, operates and outsources their internal implementations.

So, with that said let’s get to Mr. Pasdar’s lame affidavit – shall we?

First off, Pasdar is a bit of a blow hard. In his background he mentions he is a “Certified Ethical Hacker”, yet he demonstrates a ludicrous lack of understanding in Federal security policies, as we shall see. To summarize his experience he installs firewalls/routers, which is like saying he plugs in computers and configures them. Not a trivial skill, but not that of a security systems engineer, computer systems engineer, etc. His job in the referenced incident, which took him many uselessly long sentences stuffed with techno babble to convey, was to replace old firewalls/routers with newer versions.

And it was not even a big job – maybe four weeks max:

[Page 1] The carrier was under immense tome pressures to activate the new technologies I was brought on to implement, as it was already late September and they had a hard freeze date in Mid October.

The guy was brought in to copy the firewall setting from the old devices into the new ones – that’s it. Again it tales this guy a lot of words to say something simple:

[Page 2] We quickly pressed on to define our objectives and establish phases for the project. This included understanding the function for each of the client’s firewall policies. Then it required converting the policies to a common format we could manipulate. Finally, it involved translating them from raw format to a language the new firewalls would understand.

In simple language, they decided to copy the old settings into a neutral format so the could automate the translation and minimize human translation errors. Remember, they had four weeks to finish. He drones on about how they transitioned a few minor devices first and then went onto the full migration – at which point it becomes clear this guy has no clearances and no idea about the secure federal communications systems his customer supports:

[Page 3] At one point I overheard C1 [permanent Consultant 1 for the prime customer] and C2 [Consultant 2] talking about skipping a location. Not wanting to do a shoddy job I stopped and and said “we should migrate all sites”.

Basically this guy butts his nose in where it does not belong, and moves on to demonstrate his ignorance:

[Page 3] C1 told me this site is different.

I asked, “Who is it? Carrier owned or affiliate?”

C1 said, “This is the ‘Quantico Circuit.'”

With the US Marines and FBI and others located in Quantico tripping over US government com circuits is as surprising as finding politicians in DC. I also just want to note for the record how damn popular (and secure) Blackberries are within the US government – and how they use them to send and get email while on the road. A factor one would think that would cause someone to rethink this entire lame case mucked up by TPM.

The story continues (too much once you realize federal com circuits exist everywhere there is federal office):

[Page 3] What kind of circuit is it?”, I asked.

“A DS-3,” replied C1. (A DS-3 is a 45 mega bit per second circuit that supports data and voice communications)

Let me put that into some perspective for folks, and why this is not a large enough circuit to be doing mass surveillance. One NASA spacecraft staring at the Sun will be generating 150 mega bits per second continuously all day, every day. This DS-3 is not capable of handling a 3rd of that data. US weather satellites can produce 150 Mbps of data each pass, which means this circuit is incapable of relaying that data in real time. This circuit cannot handle the data from one satellite. it is very small in the telecom world.

[Page 4] C1 said this circuit should not have any access control. He actually said it should not be firewalled.

I suggested to migrate it and implement an “Any-Any” rule. … That meant we could log any activity making a record of the source, destination and type of communication. ….

C1 said, “I don’t think that is what they want.”

“Who?”, I asked, and again C1 and C2 did not respond.

C2 by this point had stepped back and his body language showed that he was very uncomfortable discussing this matter.

“Come on guys, let’s just do it and ask for forgiveness later. You know its the right thing.” I suggested.

No wonder C1 and C2 were looking uncomfortable. Clearly this guy did not have the clearances to be told any details, and he was proposing a major criminal violation. I don’t think I am violating any big secrets in pointing out that these secure federal circuits are connected using federally owned devices and managed using federal employees or contractors with very serious background checks and security clearances.

What this ‘expert’ did not know was he was proposing to commit a serious federal crime by going in and messing with government property without authorization. Which is why it is very clear he is not an expert at all – just some naive rube who was hired to translate settings from one product into another.

And what are knowledgeable people supposed to think based on the affidavit of this neophyte with the big ego and who was so absolutely clueless that he was proposing to commit a federal crime? Are we to be impressed with TPM MuckRaker and their ‘expert’? I am impressed – at how dumb and naive they are. Next time TPM or the left want to plant a fake BDS driven conspiracy story try getting the views of real experts in the field. You won’t come away looking so damn foolish and uninformed.

And definitely don’t use someone who just admitted he was pushing people to commit a federal crime by accessing federal property without permission. Geez.