Group items tagged

as a 2007 Department of Defense report puts it, the Pentagon is attempting to expand its worldwide communications network, known as the Global Information Grid, to handle yottabytes (1024 bytes) of data. (A yottabyte is a septillion bytes—so large that no one has yet coined a term for the next higher magnitude.) It needs that capacity because, according to a recent report by Cisco, global Internet traffic will quadruple from 2010 to 2015, reaching 966 exabytes per year. (A million exabytes equal a yottabyte.

The data stored in Bluffdale will naturally go far beyond the world’s billions of public web pages. The NSA is more interested in the so-called invisible web, also known as the deep web or deepnet—data beyond the reach of the public. This includes password-protected data, US and foreign government communications, and noncommercial file-sharing between trusted peers.

The broad outlines of the so-called warrantless-wiretapping program have long been exposed—how the NSA secretly and illegally bypassed the Foreign Intelligence Surveillance Court, which was supposed to oversee and authorize highly targeted domestic eavesdropping; how the program allowed wholesale monitoring of millions of American phone calls and email. In the wake of the program’s exposure, Congress passed the FISA Amendments Act of 2008, which largely made the practices legal. Telecoms that had agreed to participate in the illegal activity were granted immunity from prosecution and lawsuits. What wasn’t revealed until now, however, was the enormity of this ongoing domestic spying program. For the first time, a former NSA official has gone on the record to describe the program, codenamed Stellar Wind, in detail.

one of the deepest secrets of the Stellar Wind program—again, never confirmed until now—was that the NSA gained warrantless access to AT&T’s vast trove of domestic and international billing records, detailed information about who called whom in the US and around the world. As of 2007, AT&T had more than 2.8 trillion records housed in a database at its Florham Park, New Jersey, complex. Verizon was also part of the program

the NSA succeeded in building an even faster supercomputer. “They made a big breakthrough,” says another former senior intelligence official, who helped oversee the program. The NSA’s machine was likely similar to the unclassified Jaguar, but it was much faster out of the gate, modified specifically for cryptanalysis and targeted against one or more specific algorithms, like the AES.

The breakthrough was enormous, says the former official, and soon afterward the agency pulled the shade down tight on the project, even within the intelligence community and Congress. “Only the chairman and vice chairman and the two staff directors of each intelligence committee were told about it,” he says. The reason? “They were thinking that this computing breakthrough was going to give them the ability to crack current public encryption.”

But the real competition will take place in the classified realm. To secretly develop the new exaflop (or higher) machine by 2018, the NSA has proposed constructing two connecting buildings, totaling 260,000 square feet, near its current facility on the East Campus of Oak Ridge. Called the Multiprogram Computational Data Center,

n the meantime Cray is working on the next step for the NSA, funded in part by a $250 million contract with the Defense Advanced Research Projects Agency. It’s a massively parallel supercomputer called Cascade, a prototype of which is due at the end of 2012. Its development will run largely in parallel with the unclassified effort for the DOE and other partner agencies. That project, due in 2013, will upgrade the Jaguar XT5 into an XK6, codenamed Titan, upping its speed to 10 to 20 petaflops.

Triplett-Kolerich concluded her email by boasting that the surveillance tactics used by Bank of America to monitor activists online was superior to that of the WSP. “I will most likely find it first as social media trolling is not what WSP does best. Bank of America has a team of 20 people and that’s all they do all day and then pass it to us around the country!!!” On October 24, an email was sent by a sergeant at the WSP’s Special Operations Division to an executive aide at the Thurston County Sheriff’s Office. The sergeant notified the office that a large number of arrests may take place during the Million Mask March, which could impact the jail. Attached to the letter was a message written by an Anonymous activist, and a link to its Facebook event page where the names of those planning to attend the march could be seen.

Unbeknownst to the crowd, the supervisor of a local transit company had dropped off an Olympia city bus nearby at the request of the WSP. According to recently published emails, it was parked on the west side of an administration building close to the demonstration, just in case they needed to move in and haul a large group of disorderly protesters off to jail—but they didn’t. The Daily Dot reached out to Triplett-Kolerich and three Bank of America media relations contacts requesting a comment for this article, but received no response. 

Bernanke delivered the money to the creditors because that was all the Federal Reserve Act allowed. If the Fed is to fulfill its mandate, it clearly needs more tools; and that means amending the Act.  Harvard professor Ken Rogoff, who spoke at the November 2013 IMF conference before Larry Summers, suggested several possibilities; and one was to broaden access to the central bank, allowing anyone to have an ATM at the Fed. Rajiv Sethi, Barnard/Columbia Professor of Economics, expanded on this idea in a blog titled “The Payments System and Monetary Transmission.” He suggested making the Federal Reserve the repository for all deposit banking. This would make deposit insurance unnecessary; it would eliminate the need to impose higher capital requirements; and it would allow the Fed to implement monetary policy by targeting debtor rather than creditor balance sheets. Instead of returning its profits to the Treasury, the Fed could do a helicopter drop directly into consumer bank accounts, stimulating demand in the consumer economy. John Lounsbury expanded further on these ideas. He wrote in Econintersect that they would open a pathway for investment banking and depository banking to be separated from each other, analogous to that under Glass-Steagall. Banks would no longer be too big to fail, since they could fail without destroying the general payment system of the economy. Lounsbury said the central bank could operate as a true public bank and repository for all federal banking transactions, and it could operate in the mode of a postal savings system for the general populace.

The Federal Reserve Act was drafted by bankers to create a banker’s bank that would serve their interests. It is their own private club, and its legal structure keeps all non-members out.  A century after the Fed’s creation, a sober look at its history leads to the conclusion that it is a privately controlled institution whose corporate owners use it to direct our entire economy for their own ends, without democratic influence or accountability.  Substantial changes are needed to transform the Fed, and these will only come with massive public pressure. Congress has the power to amend the Fed – just as it did in 1934, 1958 and 2010. For the central bank to satisfy its mandate to promote full employment and to become an institution that serves all the people, not just the 1%, the Fed needs fundamental reform.

A huge volume of the Internet data GCHQ collects flows directly into a massive repository named Black Hole, which is at the core of the agency’s online spying operations, storing raw logs of intercepted material before it has been subject to analysis. Black Hole contains data collected by GCHQ as part of bulk “unselected” surveillance, meaning it is not focused on particular “selected” targets and instead includes troves of data indiscriminately swept up about ordinary people’s online activities. Between August 2007 and March 2009, GCHQ documents say that Black Hole was used to store more than 1.1 trillion “events” — a term the agency uses to refer to metadata records — with about 10 billion new entries added every day. As of March 2009, the largest slice of data Black Hole held — 41 percent — was about people’s Internet browsing histories. The rest included a combination of email and instant messenger records, details about search engine queries, information about social media activity, logs related to hacking operations, and data on people’s use of tools to browse the Internet anonymously.

Throughout this period, as smartphone sales started to boom, the frequency of people’s Internet use was steadily increasing. In tandem, British spies were working frantically to bolster their spying capabilities, with plans afoot to expand the size of Black Hole and other repositories to handle an avalanche of new data. By 2010, according to the documents, GCHQ was logging 30 billion metadata records per day. By 2012, collection had increased to 50 billion per day, and work was underway to double capacity to 100 billion. The agency was developing “unprecedented” techniques to perform what it called “population-scale” data mining, monitoring all communications across entire countries in an effort to detect patterns or behaviors deemed suspicious. It was creating what it said would be, by 2013, “the world’s biggest” surveillance engine “to run cyber operations and to access better, more valued data for customers to make a real world difference.”

A document from the GCHQ target analysis center (GTAC) shows the Black Hole repository’s structure.

The data is searched by GCHQ analysts in a hunt for behavior online that could be connected to terrorism or other criminal activity. But it has also served a broader and more controversial purpose — helping the agency hack into European companies’ computer networks. In the lead up to its secret mission targeting Netherlands-based Gemalto, the largest SIM card manufacturer in the world, GCHQ used MUTANT BROTH in an effort to identify the company’s employees so it could hack into their computers. The system helped the agency analyze intercepted Facebook cookies it believed were associated with Gemalto staff located at offices in France and Poland. GCHQ later successfully infiltrated Gemalto’s internal networks, stealing encryption keys produced by the company that protect the privacy of cell phone communications.

Similarly, MUTANT BROTH proved integral to GCHQ’s hack of Belgian telecommunications provider Belgacom. The agency entered IP addresses associated with Belgacom into MUTANT BROTH to uncover information about the company’s employees. Cookies associated with the IPs revealed the Google, Yahoo, and LinkedIn accounts of three Belgacom engineers, whose computers were then targeted by the agency and infected with malware. The hacking operation resulted in GCHQ gaining deep access into the most sensitive parts of Belgacom’s internal systems, granting British spies the ability to intercept communications passing through the company’s networks.

In March, a U.K. parliamentary committee published the findings of an 18-month review of GCHQ’s operations and called for an overhaul of the laws that regulate the spying. The committee raised concerns about the agency gathering what it described as “bulk personal datasets” being held about “a wide range of people.” However, it censored the section of the report describing what these “datasets” contained, despite acknowledging that they “may be highly intrusive.” The Snowden documents shine light on some of the core GCHQ bulk data-gathering programs that the committee was likely referring to — pulling back the veil of secrecy that has shielded some of the agency’s most controversial surveillance operations from public scrutiny. KARMA POLICE and MUTANT BROTH are among the key bulk collection systems. But they do not operate in isolation — and the scope of GCHQ’s spying extends far beyond them.

The agency operates a bewildering array of other eavesdropping systems, each serving its own specific purpose and designated a unique code name, such as: SOCIAL ANTHROPOID, which is used to analyze metadata on emails, instant messenger chats, social media connections and conversations, plus “telephony” metadata about phone calls, cell phone locations, text and multimedia messages; MEMORY HOLE, which logs queries entered into search engines and associates each search with an IP address; MARBLED GECKO, which sifts through details about searches people have entered into Google Maps and Google Earth; and INFINITE MONKEYS, which analyzes data about the usage of online bulletin boards and forums. GCHQ has other programs that it uses to analyze the content of intercepted communications, such as the full written body of emails and the audio of phone calls. One of the most important content collection capabilities is TEMPORA, which mines vast amounts of emails, instant messages, voice calls and other communications and makes them accessible through a Google-style search tool named XKEYSCORE.

As of September 2012, TEMPORA was collecting “more than 40 billion pieces of content a day” and it was being used to spy on people across Europe, the Middle East, and North Africa, according to a top-secret memo outlining the scope of the program. The existence of TEMPORA was first revealed by The Guardian in June 2013. To analyze all of the communications it intercepts and to build a profile of the individuals it is monitoring, GCHQ uses a variety of different tools that can pull together all of the relevant information and make it accessible through a single interface. SAMUEL PEPYS is one such tool, built by the British spies to analyze both the content and metadata of emails, browsing sessions, and instant messages as they are being intercepted in real time. One screenshot of SAMUEL PEPYS in action shows the agency using it to monitor an individual in Sweden who visited a page about GCHQ on the U.S.-based anti-secrecy website Cryptome.

Partly due to the U.K.’s geographic location — situated between the United States and the western edge of continental Europe — a large amount of the world’s Internet traffic passes through its territory across international data cables. In 2010, GCHQ noted that what amounted to “25 percent of all Internet traffic” was transiting the U.K. through some 1,600 different cables. The agency said that it could “survey the majority of the 1,600” and “select the most valuable to switch into our processing systems.”

According to Joss Wright, a research fellow at the University of Oxford’s Internet Institute, tapping into the cables allows GCHQ to monitor a large portion of foreign communications. But the cables also transport masses of wholly domestic British emails and online chats, because when anyone in the U.K. sends an email or visits a website, their computer will routinely send and receive data from servers that are located overseas. “I could send a message from my computer here [in England] to my wife’s computer in the next room and on its way it could go through the U.S., France, and other countries,” Wright says. “That’s just the way the Internet is designed.” In other words, Wright adds, that means “a lot” of British data and communications transit across international cables daily, and are liable to be swept into GCHQ’s databases.

A map from a classified GCHQ presentation about intercepting communications from undersea cables. GCHQ is authorized to conduct dragnet surveillance of the international data cables through so-called external warrants that are signed off by a government minister. The external warrants permit the agency to monitor communications in foreign countries as well as British citizens’ international calls and emails — for example, a call from Islamabad to London. They prohibit GCHQ from reading or listening to the content of “internal” U.K. to U.K. emails and phone calls, which are supposed to be filtered out from GCHQ’s systems if they are inadvertently intercepted unless additional authorization is granted to scrutinize them. However, the same rules do not apply to metadata. A little-known loophole in the law allows GCHQ to use external warrants to collect and analyze bulk metadata about the emails, phone calls, and Internet browsing activities of British people, citizens of closely allied countries, and others, regardless of whether the data is derived from domestic U.K. to U.K. communications and browsing sessions or otherwise. In March, the existence of this loophole was quietly acknowledged by the U.K. parliamentary committee’s surveillance review, which stated in a section of its report that “special protection and additional safeguards” did not apply to metadata swept up using external warrants and that domestic British metadata could therefore be lawfully “returned as a result of searches” conducted by GCHQ.

Perhaps unsurprisingly, GCHQ appears to have readily exploited this obscure legal technicality. Secret policy guidance papers issued to the agency’s analysts instruct them that they can sift through huge troves of indiscriminately collected metadata records to spy on anyone regardless of their nationality. The guidance makes clear that there is no exemption or extra privacy protection for British people or citizens from countries that are members of the Five Eyes, a surveillance alliance that the U.K. is part of alongside the U.S., Canada, Australia, and New Zealand. “If you are searching a purely Events only database such as MUTANT BROTH, the issue of location does not occur,” states one internal GCHQ policy document, which is marked with a “last modified” date of July 2012. The document adds that analysts are free to search the databases for British metadata “without further authorization” by inputing a U.K. “selector,” meaning a unique identifier such as a person’s email or IP address, username, or phone number. Authorization is “not needed for individuals in the U.K.,” another GCHQ document explains, because metadata has been judged “less intrusive than communications content.” All the spies are required to do to mine the metadata troves is write a short “justification” or “reason” for each search they conduct and then click a button on their computer screen.

Intelligence GCHQ collects on British persons of interest is shared with domestic security agency MI5, which usually takes the lead on spying operations within the U.K. MI5 conducts its own extensive domestic surveillance as part of a program called DIGINT (digital intelligence).

GCHQ’s documents suggest that it typically retains metadata for periods of between 30 days to six months. It stores the content of communications for a shorter period of time, varying between three to 30 days. The retention periods can be extended if deemed necessary for “cyber defense.” One secret policy paper dated from January 2010 lists the wide range of information the agency classes as metadata — including location data that could be used to track your movements, your email, instant messenger, and social networking “buddy lists,” logs showing who you have communicated with by phone or email, the passwords you use to access “communications services” (such as an email account), and information about websites you have viewed.

Records showing the full website addresses you have visited — for instance, www.gchq.gov.uk/what_we_do — are treated as content. But the first part of an address you have visited — for instance, www.gchq.gov.uk — is treated as metadata. In isolation, a single metadata record of a phone call, email, or website visit may not reveal much about a person’s private life, according to Ethan Zuckerman, director of Massachusetts Institute of Technology’s Center for Civic Media. But if accumulated and analyzed over a period of weeks or months, these details would be “extremely personal,” he told The Intercept, because they could reveal a person’s movements, habits, religious beliefs, political views, relationships, and even sexual preferences. For Zuckerman, who has studied the social and political ramifications of surveillance, the most concerning aspect of large-scale government data collection is that it can be “corrosive towards democracy” — leading to a chilling effect on freedom of expression and communication. “Once we know there’s a reasonable chance that we are being watched in one fashion or another it’s hard for that not to have a ‘panopticon effect,’” he said, “where we think and behave differently based on the assumption that people may be watching and paying attention to what we are doing.”

When compared to surveillance rules in place in the U.S., GCHQ notes in one document that the U.K. has “a light oversight regime.” The more lax British spying regulations are reflected in secret internal rules that highlight greater restrictions on how NSA databases can be accessed. The NSA’s troves can be searched for data on British citizens, one document states, but they cannot be mined for information about Americans or other citizens from countries in the Five Eyes alliance. No such constraints are placed on GCHQ’s own databases, which can be sifted for records on the phone calls, emails, and Internet usage of Brits, Americans, and citizens from any other country. The scope of GCHQ’s surveillance powers explain in part why Snowden told The Guardian in June 2013 that U.K. surveillance is “worse than the U.S.” In an interview with Der Spiegel in July 2013, Snowden added that British Internet cables were “radioactive” and joked: “Even the Queen’s selfies to the pool boy get logged.”

In recent years, the biggest barrier to GCHQ’s mass collection of data does not appear to have come in the form of legal or policy restrictions. Rather, it is the increased use of encryption technology that protects the privacy of communications that has posed the biggest potential hindrance to the agency’s activities. “The spread of encryption … threatens our ability to do effective target discovery/development,” says a top-secret report co-authored by an official from the British agency and an NSA employee in 2011. “Pertinent metadata events will be locked within the encrypted channels and difficult, if not impossible, to prise out,” the report says, adding that the agencies were working on a plan that would “(hopefully) allow our Internet Exploitation strategy to prevail.”

Private arbitration of disputes between States and businesses. Such a procedure is strictly contrary to the idea that I have of the      sovereignty of States. … Any questioning of the European system of appellations of origin. According to the US proposal, there would be a non-binding register, and only for wines and spirits. Such a reform would kill many European local products, whose value is based on their certified origin. Signing of an agreement with a power that legalizes widespread and systematic spying on my fellow European citizens and European businesses. As long as the agreement does not protect the personal data of European and US citizens, it cannot be signed. Allowing the United States proposal of a transatlantic common financial space, who adamantly refuse a common regulation of finance, and they refuse to abolish systematic discrimination by the US financial markets against European financial services. The questioning of European health protections. We do not want our animals treated with growth hormones nor products derived from GMOs, or chemical decontamination of meat, or of genetically modified seeds or non-therapeutic antibiotics in animal feed.

The signing of an agreement if it does not include the end of the US monetary dumping. Since the abolition of the gold convertibility of the dollar and the transition to the system of floating exchange rates, the dollar is both American national currency and the main unit for exchange reserves in the world. The Federal Reserve then continually practices monetary dumping, by influencing the amount of dollars available to facilitate exports from the United States. As things now stand, America’s monetary weapon has the same effect as customs duties against every other nation. [And he will not sign unless it’s removed.] Allow the emerging digital services in Europe to be swept up by US giants such as Google, Amazon or Netflix. They’re giant absolute masters in tax optimization, which make Europe a “digital colony.”

France is now considering “all options including an outright termination of negotiations” says France’s Trade Minister.

Thirdly, I am opposed to the signing of an agreement with a power that legalizes widespread and systematic spying on my fellow European citizens and European businesses. Edward Snowden’s revelations are instructive in this regard. As long as the agreement does not protect the personal data of European and US citizens, it cannot be signed. Fourth, the United States proposes a transatlantic common financial space, but they adamantly refuse a common regulation of finance, and they refuse to abolish systematic discrimination by the US financial markets against European financial services. They want to have their cake and eat it too: I object to the idea of a common area without common rules, and I reject commercial discrimination. Fifth, I object to the questioning of European health protections. Washington must understand once and for all that notwithstanding its insistence, we do not want our plates or animals treated with growth hormones nor products derived from GMOs, or chemical decontamination of meat, or of genetically modified seeds or non-therapeutic antibiotics in animal feed. Sixth, I object to the signing of an agreement if it does not include the end of the US monetary dumping. Since the abolition of the gold convertibility of the dollar and the transition to the system of floating exchange rates, the dollar is both American national currency and the main unit for exchange reserves in the world. The Federal Reserve then continually practices monetary dumping, by influencing the amount of dollars available to facilitate exports from the United States. China proposes to eliminate this unfair advantage by making “special drawing rights” of the IMF the new global reference currency. But as things now stand, America’s monetary weapon has the same effect as customs duties against every other nation. [And he will not sign unless it’s removed.]

On September 27th, France’s newspaper SouthWest featured an exclusive interview with Matthias Fekl, France’s Secretary of State for Foreign Trade, in which he said that “France is considering all options, including outright termination of negotiations” on the TTIP. He explained that, ever since the negotiations began in 2013, “These negotiations have been and are being conducted in a total lack of transparency,” and that France has, as of yet, received “no serious offer from the Americans.” The reasons for this stunning public rejection had probably already been accurately listed more than a year ago. After all, France has, throughout all of the negotiations, received “no serious offer from the Americans”; not now, and not back at the start of the negotiations in 2013. The U.S. has been steadfast. Jean Arthuis, a member of the European Parliament, and formerly France’s Minister of Economy and Finance, headlined in Le Figaro, on 10 April 2014, “7 good reasons to oppose the transatlantic treaty”. There is no indication that the situation has changed since then, as regards the basic demands that President Obama is making. Arthuis said at that time: First, I am opposed to private arbitration of disputes between States and businesses. [It would place corporate arbitrators above any nation’s laws and enable them to make unappealable decisions whenever a corporation sues a nation for alleged damages for alleged violations of its rights by that nation of the trade-treaty.] Such a procedure is strictly contrary to the idea that I have of the sovereignty of States. … Secondly, I am opposed to any questioning of the European system of appellations of origin. Tomorrow, according to the US proposal, there would be a non-binding register, and only for wines and spirits. Such a reform would kill many European local products, whose value is based on their certified origin.

Seventh, beyond the audiovisual sector alone, which is the current standard of government that serves as a loincloth to its cowardice on all other European interests in these negotiations, I want all the cultural exceptions prohibited. In particular, it is unacceptable to allow the emerging digital services in Europe to be swept up by US giants such as Google, Amazon or Netflix. They’re giant absolute masters in tax optimization, which make Europe a “digital colony.” President Obama’s negotiator is his close personal friend, Michael Froman, a man who is even trying to force Europe to reduce its fuel standards against global warming and whose back-room actions run exactly contrary to Obama’s public rhetoric. Froman and Obama have been buddies since they worked together as editors on Harvard Law Review. He knows what Obama’s real goals are. Also: “Froman introduced Mr. Obama to Robert E. Rubin, the former Treasury secretary,” who had brought into the Clinton Administration Timothy Geithner and Larry Summers, and had championed (along with them) the ending of the regulations on banks that the previous Democratic President, Franklin Delano Roosevelt, had put into place. (President Bill Clinton signed that legislation just as he left office, and this enabled the long process to occur with MBS securities and with financial derivatives, which culminated with the 2008 crash, and this same legislation also enabled the mega-banks to get bailed out by U.S. taxpayers for their crash — on exactly the basis that FDR had outlawed.)

Froman has always been a pro-mega-corporate, pro-mega-bank champion, who favors only regulations which benefit America’s super-rich, no regulations which benefit the public. Froman’s introducing the Wall Street king Robert Rubin to the then-Senator Obama was crucial to Obama’s becoming enabled to win the U.S. Presidency; Robert Rubin’s contacts among the super-rich were essential in order for that — Obama’s getting a real chance to win the Presidency — to happen. It enabled Obama to compete effectively against Hillary Clinton. Otherwise, he wouldn’t have been able to do that. His winning Robert Rubin’s support was crucial to his becoming President. The chances, that President Obama will now be able to get the support from any entity but the U.S. Congress for his proposed TTIP treaty with Europe, are reducing by the day. Europe seems to be less corrupt than is the United States, after all. The only independent economic analysis that has been done of the proposed TTIP finds that the only beneficiaries from it will be large international corporations, especially ones that are based in the United States. Workers, consumers, and everybody else, will lose from it, if it passes into law. Apparently, enough European officials care about that, so as to be able to block the deal. Or else: Obama will cede on all seven of the grounds for Europe’s saying no. At this late date, that seems extremely unlikely.

The NSA, like GCHQ, has studied Kaspersky Lab’s software for weaknesses. In 2008, an NSA research team discovered that Kaspersky software was transmitting sensitive user information back to the company’s servers, which could easily be intercepted and employed to track users, according to a draft of a top-secret report. The information was embedded in “User-Agent” strings included in the headers of Hypertext Transfer Protocol, or HTTP, requests. Such headers are typically sent at the beginning of a web request to identify the type of software and computer issuing the request.

According to the draft report, NSA researchers found that the strings could be used to uniquely identify the computing devices belonging to Kaspersky customers. They determined that “Kaspersky User-Agent strings contain encoded versions of the Kaspersky serial numbers and that part of the User-Agent string can be used as a machine identifier.” They also noted that the “User-Agent” strings may contain “information about services contracted for or configurations.” Such data could be used to passively track a computer to determine if a target is running Kaspersky software and thus potentially susceptible to a particular attack without risking detection.

Another way the NSA targets foreign anti-virus companies appears to be to monitor their email traffic for reports of new vulnerabilities and malware. A 2010 presentation on “Project CAMBERDADA” shows the content of an email flagging a malware file, which was sent to various anti-virus companies by François Picard of the Montréal-based consulting and web hosting company NewRoma. The presentation of the email suggests that the NSA is reading such messages to discover new flaws in anti-virus software. Picard, contacted by The Intercept, was unaware his email had fallen into the hands of the NSA. He said that he regularly sends out notification of new viruses and malware to anti-virus companies, and that he likely sent the email in question to at least two dozen such outfits. He also said he never sends such notifications to government agencies. “It is strange the NSA would show an email like mine in a presentation,” he added.

The NSA presentation goes on to state that its signals intelligence yields about 10 new “potentially malicious files per day for malware triage.” This is a tiny fraction of the hostile software that is processed. Kaspersky says it detects 325,000 new malicious files every day, and an internal GCHQ document indicates that its own system “collect[s] around 100,000,000 malware events per day.” After obtaining the files, the NSA analysts “[c]heck Kaspersky AV to see if they continue to let any of these virus files through their Anti-Virus product.” The NSA’s Tailored Access Operations unit “can repurpose the malware,” presumably before the anti-virus software has been updated to defend against the threat.

The Project CAMBERDADA presentation lists 23 additional AV companies from all over the world under “More Targets!” Those companies include Check Point software, a pioneering maker of corporate firewalls based Israel, whose government is a U.S. ally. Notably omitted are the American anti-virus brands McAfee and Symantec and the British company Sophos.

As government spies have sought to evade anti-virus software, the anti-virus firms themselves have exposed malware created by government spies. Among them, Kaspersky appears to be the sharpest thorn in the side of government hackers. In the past few years, the company has proven to be a prolific hunter of state-sponsored malware, playing a role in the discovery and/or analysis of various pieces of malware reportedly linked to government hackers, including the superviruses Flame, which Kaspersky flagged in 2012; Gauss, also detected in 2012; Stuxnet, discovered by another company in 2010; and Regin, revealed by Symantec. In February, the Russian firm announced its biggest find yet: the “Equation Group,” an organization that has deployed espionage tools widely believed to have been created by the NSA and hidden on hard drives from leading brands, according to Kaspersky. In a report, the company called it “the most advanced threat actor we have seen” and “probably one of the most sophisticated cyber attack groups in the world.”

Hacks deployed by the Equation Group operated undetected for as long as 14 to 19 years, burrowing into the hard drive firmware of sensitive computer systems around the world, according to Kaspersky. Governments, militaries, technology companies, nuclear research centers, media outlets and financial institutions in 30 countries were among those reportedly infected. Kaspersky estimates that the Equation Group could have implants in tens of thousands of computers, but documents published last year by The Intercept suggest the NSA was scaling up their implant capabilities to potentially infect millions of computers with malware. Kaspersky’s adversarial relationship with Western intelligence services is sometimes framed in more sinister terms; the firm has been accused of working too closely with the Russian intelligence service FSB. That accusation is partly due to the company’s apparent success in uncovering NSA malware, and partly due to the fact that its founder, Eugene Kaspersky, was educated by a KGB-backed school in the 1980s before working for the Russian military.

Kaspersky has repeatedly denied the insinuations and accusations. In a recent blog post, responding to a Bloomberg article, he complained that his company was being subjected to “sensationalist … conspiracy theories,” sarcastically noting that “for some reason they forgot our reports” on an array of malware that trace back to Russian developers. He continued, “It’s very hard for a company with Russian roots to become successful in the U.S., European and other markets. Nobody trusts us — by default.”

Documents published with this article: Kaspersky User-Agent Strings — NSA Project CAMBERDADA — NSA NDIST — GCHQ’s Developing Cyber Defence Mission GCHQ Application for Renewal of Warrant GPW/1160 Software Reverse Engineering — GCHQ Reverse Engineering — GCHQ Wiki Malware Analysis & Reverse Engineering — ACNO Skill Levels — GCHQ

U.S. officials have maintained that they do not steal secrets to give an advantage to U.S. companies, but in China, Lewis said, the line between military and business prowess is unclear.Unit 61398 has hundreds of active spies and is just one of dozens of such bodies in China, said Jen Weedon, an analyst at Mandiant, now owned by global network security company FireEye Inc. She said the group is not among the most sophisticated.

Washington announced the charges as new claims emerged last week about the scope of overseas spying by the United States. Documents leaked by Snowden showed the agency intercepted and modified equipment made by Cisco Systems Inc that was headed overseas.Cisco responded by asking Obama to curtail U.S. surveillance programs, underscoring the vulnerability of multinationals to a whipsaw of competing government interests.

Skeptics said U.S. authorities would not be able to arrest those indicted because Beijing would not hand them over. Still, the move would prevent the individuals from traveling to the United States or other countries that have an extradition agreement with the United States.

In an indictment filed in the Western District of Pennsylvania, prosecutors said the officers hacked into computers starting in 2006, often by infecting machines with tainted "spear phishing" emails to employees that purport to be from colleagues.Prosecutors alleged that one hacker, for example, stole cost and pricing information in 2012 from an Oregon-based solar panel production unit of SolarWorld. The company was losing market share at the time to Chinese competitors who were systematically pricing exports below production costs, according to the indictment.Another officer is accused of stealing technical and design specifications about pipes for nuclear plants from Westinghouse Electric as the company was negotiating with a Chinese company to build four power plants in China, prosecutors said.

In addition to the tech coalition’s protest, the Computer & Communications Industry Association – whose members include Pandora, Samsung, Sprint, and others – said Wednesday it would “not support consideration or passage of the USA Freedom Act in its current form." The Obama administration publicly threw its support behind the amended USA Freedom Act, saying the bill would “provide the public greater confidence in our programs and the checks and balances in the system.” “The bill ensures our intelligence and law enforcement professionals have the authorities they need to protect the nation, while further ensuring that individuals’ privacy is appropriately protected when these authorities are employed,” the White House included.

Lawmakers opposed to the secretive negotiations attempted on Tuesday to counter the weakened surveillance reform bill by offering an amendment to the National Defense Authorization Act (NDAA) that is “materially identical” to the version of the USA Freedom Act that was advanced by the House Judiciary and Intelligence Committees earlier this month. Yet the amendment was denied by the House Rules Committee late Tuesday. The House is now scheduled to vote on the USA Freedom Act on Thursday under closed rules, which forbids adding amendments before the final vote.

Still, the CIA had one further reason for doubting claims that Gul was at the center of an Al-Qaeda election-year plot. Ghu told the CIA about an attempt by Gul, in the fall of 2003, to sell anti-aircraft missiles to Al-Qaeda; the Qaeda figure in Ghul’s story didn't even want to work with Gul. And Ghul later learned Gul was probably lying about his ability to acquire the missiles.

Nevertheless, the CIA took seriously Asset Y’s claim that Gul was involved in an election plot and moved quickly to gain custody of him after his arrest by Pakistan in June 2004. Even before CIA rendered Gul to its custody, Tenet started lobbying to get torture techniques reapproved for his interrogation. On June 29, Tenet wrote National Security Adviser Condoleezza Rice seeking approval to once again use some of the techniques whose use he suspended less than four weeks earlier, in the hope of gathering information on the election season plot. "Given the magnitude of the danger posed by the pre-election plot and Gul's almost certain knowledge of any intelligence about that plot” Tenet wrote, relying on Asset Y's claims, “I request the fastest possible resolution of the above issues." On July 20, according to the report, top administration officials gave CIA verbal approval to get back into the torture business. Ashcroft stated that most previously approved interrogation techniques would not violate U.S. law on July 22 (though not waterboarding). And by the end of July, CIA started coaxing DOJ to approve other techniques — such as slapping someone in the stomach or hosing them down with cold water or limiting their food — which had already been used by the CIA but never officially approved by DOJ.

At the same time, the government was also using the ostensible election-season plot, among others, to persuade the Foreign Intelligence Surveillance Court (FISC) – the secret court that approves domestic spying on Americans – to authorize the Internet dragnet. After Bush halted the Internet dragnet on March 26, his aides began working with FISC presiding judge Colleen Kollar-Kotelly to find a way to use FISA authority -- normally been used to access records for a single phone or Internet account -- to collect Internet metadata in bulk. They provided a series of briefings, including one attended by Terrorist Threat Integration Center head John Brennan and CIA Director George Tenet, to explain the threat. In addition, they provided what – under Stellar Wind – analysts called a “scary memo,” summarizing all the threats facing the country to underscore the urgency of the program. Tenet's declaration included as an appendix to an application submitted in the days before July 14, 2004, laid out the threats CIA and others were fighting that summer.

Judge Kollar-Kotelly invoked Tenet's material in a redacted section of her opinion authorizing the phone dragnet, pointing to it as a key reason to permit collection of what she called “enormous” amounts of data from innocent Americans.

Soon after the reauthorization of the torture and the Internet dragnet, the CIA realized ASSET Y's story wasn't true. By September, an officer involved in Janat Gul's interrogation observed, “we lack credible information that ties him to pre-election threat information or direct operational planning against the United States, at home or abroad.” In October, CIA reassessed ASSET Y, and found him to be deceptive. When pressured, ASSET Y admitted had had made up the story of a meeting set up by Gul. ASSET Y blamed his CIA handler for pressuring him for intelligence, leading him to lie about the meeting. By 2005, CIA had concluded that ASSET Y was a fabricator, and Janat Gul was a “rather poorly educated village man [who is] quite lazy [who] was looking to make some easy money for little work and he was easily persuaded to move people and run errands for folks on our target list” (though the Agency wasn't always forthright about the judgment to DOJ). The torture program, which was resumed in part because of a perceived urgency of extracting information from Gul on a plot that didn't exist, continued for several more years. The Internet dragnet continued under FISC authorization, on and off, until December 2011. And several other still active NSA programs, including the phone dragnet, relied on Kollar-Kotelly's earlier authorization as precedents – the case for which had also been derived, in part, from one long discredited fabricator.

“Friends of Israel,” within the US defense community were convinced by Israel that the system could be finished and deployed to protect Israel against a purported “missile onslaught” from Tehran. In truth, there was no such intention. Instead, as in the film “Real Genius,” the laser system was always intended to be deployed against ground targets, for terrorism and assassinations. The “delivery system,” a Boeing airliner configured for AWAC, electronic warfare or refueling, could easily be modified to “clone” commercial air traffic and attack targets thousands of miles away or as close as Gaza, Lebanon, Syria or Iraq with total impunity.

McLeod and Rogers, in The Law of War, examine the history of prohibition of incendiary weapons. Israel’s use of white phosphorous, intended as a “smoke market” as a corrosive anti-personnel weapon against civilian populations in Lebanon and Gaza skirts initial language, as cited below, in the St. Petersburg Declaration of 1868, but falls well short of evading later prohibition on the use of chemical agents. “The first treaty to deal with weapons was the St Petersburg Declaration of 1868. Here states were concerned about the development of explosive or incendiary bullets for use against the wagon trains of enemy forces. It was felt that these bullets might be used against enemy personnel15 and cause unnecessary injury. The Contracting Parties agreed ‘mutually to renounce, in case of war among themselves, the employment by their military or naval troops of any projectile of a weight below 400 grammes, which is either explosive or charged with fulminating or inflammable substances’.

The declaration does not seem to have affected the practice of states in using tracer for range finding, even mixed with normal ammunition, nor the use of small explosive projectiles for anti-aircraft and anti-material uses. It did not prevent states from using four pound, thermite-based incendiary bombs during the Second World War. These, obviously, were more than 400 grammes in weight. Furthermore it could be argued that they were not ‘projectiles’, a term that certainly would not include illuminating flares or smoke canisters.” The use of energy weapons for assassinations and terrorism had, prior to only a few short days ago, been subject of speculative fiction only. No one had imagined that a failed American weapons system would be pirated for deployment in acts of terrorism by a rogue state. A greater question arises, if this “failed system” costing many billions has been shipped off “in the dark of night” without public knowledge or official authorization for use in a criminal manner, what other systems may have been similarly pirated? There is conclusive evidence that W54/Davy Crocket nuclear weapons made their way to Israel after 1991 after an accident at Dimona is reputed to have made that facility useless for weapons development.

Similarly, when the Ukraine retired its “fleet” of SS21 tactical nuclear missiles, Israel took possession of the warheads, servicing their deuterium booster gas all these years to keep them ready for deployment. Intercepted communications between the Kiev junta and Israel now indicate that Israel is ready to “repatriate” some of these nuclear weapons to the Ukraine for use against pro-Russian separatists. Ukrainian leaders have spoken of the intent to deploy and use these nuclear weapons publicly on several recent occasions. From USA Today: “KIEV, Ukraine — Ukraine may have to arm itself with nuclear weapons if the United States and other world powers refuse to enforce a security pact that obligates them to reverse the Moscow-backed takeover of Crimea, a member of the Ukraine parliament told USA TODAY. ‘We gave up nuclear weapons because of this agreement,’ said Rizanenko, a member of the Udar Party headed by Vitali Klitschko, a candidate for president. ‘Now there’s a strong sentiment in Ukraine that we made a big mistake.’”

With the recent bombing of a UN refugee facility in Gaza, with the use of chemical and now energy weapons, with Israel’s planned sale of nuclear warheads to Ukraine, there is little more that could be done to establish Israel, not only as a rogue state, but as a “clear and present danger” to not only regional but global security as well. As Jim W. Dean of Veterans Today recently stated, “Their fingerprints are at every crime scene.”

Director of National Intelligence James Clapper, for instance, responded to the Petrobras revelations by claiming: “It is not a secret that the Intelligence Community collects information about economic and financial matters…. What we do not do, as we have said many times, is use our foreign intelligence capabilities to steal the trade secrets of foreign companies on behalf of—or give intelligence we collect to—U.S. companies to enhance their international competitiveness or increase their bottom line.” But a secret 2009 report issued by Clapper’s own office explicitly contemplates doing exactly that. The document, the 2009 Quadrennial Intelligence Community Review—provided by NSA whistleblower Edward Snowden—is a fascinating window into the mindset of America’s spies as they identify future threats to the U.S. and lay out the actions the U.S. intelligence community should take in response. It anticipates a series of potential scenarios the U.S. may face in 2025, from a “China/Russia/India/Iran centered bloc [that] challenges U.S. supremacy” to a world in which “identity-based groups supplant nation-states,” and games out how the U.S. intelligence community should operate in those alternative futures—the idea being to assess “the most challenging issues [the U.S.] could face beyond the standard planning cycle.”

he report describes itself as “an essential long-term piece, looking out between 10 and 20 years” designed to enable ”the IC [to] best posture itself to meet the range of challenges it may face.” Whatever else is true, one thing is unmistakable: the report blithely acknowledges that stealing secrets to help American corporations secure competitive advantage is an acceptable future role for U.S. intelligence agencies. In May, the U.S. Justice Department indicted five Chinese government employees on charges that they spied on U.S. companies. At the time, Attorney General Eric Holder said the spying took place “for no reason other than to advantage state-owned companies and other interests in China,” and “this is a tactic that the U.S. government categorically denounces.” But the following day, The New York Times detailed numerous episodes of American economic spying that seemed quite similar. Harvard Law School professor and former Bush Justice Department official Jack Goldsmith wrote that the accusations in the indictment sound “a lot like the kind of cyber-snooping on firms that the United States does.” But U.S. officials continued to insist that using surveillance capabilities to bestow economic advantage for the benefit of a country’s corporations is wrong, immoral, and illegal.

Yet this 2009 report advocates doing exactly that in the event that ”that the technological capacity of foreign multinational corporations outstrip[s] that of U.S. corporations.” Using covert cyber operations to pilfer “proprietary information” and then determining how it ”would be useful to U.S. industry” is precisely what the U.S. government has been vehemently insisting it does not do, even though for years it has officially prepared to do precisely that.

The issue is whether the United States can live with this situation or whether it must reshape it. The immediate question is whether the United States has the power to reshape it and to what extent. The American interest turns on its ability to balance local forces. If that exists, the question is whether there is any other shape that can be achieved through American power that would be superior. From my point of view, there are many different shapes that can be imagined, but few that can be achieved. The American experience in Iraq highlighted the problems with counterinsurgency or being caught in a local civil war. The idea of major intervention assumes that this time it will be different. This fits one famous definition of insanity.

A national strategy emerges over the decades and centuries. It becomes a set of national interests into which a great deal has been invested, upon which a great deal depends and upon which many are counting. Presidents inherit national strategies, and they can modify them to some extent. But the idea that a president has the power to craft a new national strategy both overstates his power and understates the power of realities crafted by all those who came before him. We are all trapped in circumstances into which we were born and choices that were made for us. The United States has an inherent interest in Ukraine and in Syria-Iraq. Whether we should have that interest is an interesting philosophical question for a late-night discussion, followed by a sunrise when we return to reality. These places reflexively matter to the United States. The American strategy is fixed: Allow powers in the region to compete and balance against each other. When that fails, intervene with as little force and risk as possible. For example, the conflict between Iran and Iraq canceled out two rising powers until the war ended. Then Iraq invaded Kuwait and threatened to overturn the balance of power in the region. The result was Desert Storm.

The American strategy is fixed: Allow powers in the region to compete and balance against each other. When that fails, intervene with as little force and risk as possible. For example, the conflict between Iran and Iraq canceled out two rising powers until the war ended. Then Iraq invaded Kuwait and threatened to overturn the balance of power in the region. The result was Desert Storm. This strategy provides a model. In the Syria-Iraq region, the initial strategy is to allow the regional powers to balance each other, while providing as little support as possible to maintain the balance of power. It is crucial to understand the balance of power in detail, and to understand what might undermine it, so that any force can be applied effectively. This is the tactical part, and it is the tactical part that can go wrong. The strategy has a logic of its own. Understanding what that strategy demands is the hard part. Some nations have lost their sovereignty by not understanding what strategy demands. France in 1940 comes to mind. For the United States, there is no threat to sovereignty, but that makes the process harder: Great powers can tend to be casual because the situation is not existential. This increases the cost of doing what is necessary. The ground where we are talking about applying this model is Syria and Iraq. Both of these central governments have lost control of the country as a whole, but each remains a force. Both countries are divided by religion, and the religions are divided internally as well. In a sense the nations have ceased to exist, and the fragments they consisted of are now smaller but more complex entities.

This strategy provides a model. In the Syria-Iraq region, the initial strategy is to allow the regional powers to balance each other, while providing as little support as possible to maintain the balance of power. It is crucial to understand the balance of power in detail, and to understand what might undermine it, so that any force can be applied effectively. This is the tactical part, and it is the tactical part that can go wrong. The strategy has a logic of its own. Understanding what that strategy demands is the hard part. Some nations have lost their sovereignty by not understanding what strategy demands. France in 1940 comes to mind. For the United States, there is no threat to sovereignty, but that makes the process harder: Great powers can tend to be casual because the situation is not existential. This increases the cost of doing what is necessary. The ground where we are talking about applying this model is Syria and Iraq. Both of these central governments have lost control of the country as a whole, but each remains a force. Both countries are divided by religion, and the religions are divided internally as well. In a sense the nations have ceased to exist, and the fragments they consisted of are now smaller but more complex entities.

There is then the special case of the Islamic State. It is special because its emergence triggered the current crisis. It is special because the brutal murder of two prisoners on video showed a particular cruelty. And it is different because its ideology is similar to that of al Qaeda, which attacked the United States. It has excited particular American passions. To counter this, I would argue that the uprising by Iraq’s Sunni community was inevitable, with its marginalization by Nouri al-Maliki’s Shiite regime in Baghdad. That it took this particularly virulent form is because the more conservative elements of the Sunni community were unable or unwilling to challenge al-Maliki. But the fragmentation of Iraq into Shiite, Sunni and Kurdish regions was well underway before the Islamic State, and jihadism was deeply embedded in the Sunni community a long time ago. Moreover, although the Islamic State is brutal, its cruelty is not unique in the region. Syrian President Bashar al Assad and others may not have killed Americans or uploaded killings to YouTube, but their history of ghastly acts is comparable. Finally, the Islamic State — engaged in war with everyone around it — is much less dangerous to the United States than a small group with time on its hands, planning an attack. In any event, if the Islamic State did not exist, the threat to the United States from jihadist groups in Yemen or Libya or somewhere inside the United States would remain.

The issue is whether the United States can live with this situation or whether it must reshape it. The immediate question is whether the United States has the power to reshape it and to what extent. The American interest turns on its ability to balance local forces. If that exists, the question is whether there is any other shape that can be achieved through American power that would be superior. From my point of view, there are many different shapes that can be imagined, but few that can be achieved. The American experience in Iraq highlighted the problems with counterinsurgency or being caught in a local civil war. The idea of major intervention assumes that this time it will be different. This fits one famous definition of insanity.

Because the Islamic State operates to some extent as a conventional military force, it is vulnerable to U.S. air power. The use of air power against conventional forces that lack anti-aircraft missiles is a useful gambit. It shows that the United States is doing something, while taking little risk, assuming that the Islamic State really does not have anti-aircraft missiles. But it accomplishes little. The Islamic State will disperse its forces, denying conventional aircraft a target. Attempting to defeat the Islamic State by distinguishing its supporters from other Sunni groups and killing them will founder at the first step. The problem of counterinsurgency is identifying the insurgent. There is no reason not to bomb the Islamic State’s forces and leaders. They certainly deserve it. But there should be no illusion that bombing them will force them to capitulate or mend their ways. They are now part of the fabric of the Sunni community, and only the Sunni community can root them out. Identifying Sunnis who are anti-Islamic State and supplying them with weapons is a much better idea. It is the balance-of-power strategy that the United States follows, but this approach doesn’t have the dramatic satisfaction of blowing up the enemy. That satisfaction is not trivial, and the United States can certainly blow something up and call it the enemy, but it does not address the strategic problem. In the first place, is it really a problem for the United States?

There is no reason not to bomb the Islamic State’s forces and leaders. They certainly deserve it. But there should be no illusion that bombing them will force them to capitulate or mend their ways. They are now part of the fabric of the Sunni community, and only the Sunni community can root them out. Identifying Sunnis who are anti-Islamic State and supplying them with weapons is a much better idea. It is the balance-of-power strategy that the United States follows, but this approach doesn’t have the dramatic satisfaction of blowing up the enemy. That satisfaction is not trivial, and the United States can certainly blow something up and call it the enemy, but it does not address the strategic problem. In the first place, is it really a problem for the United States? The American interest is not stability but the existence of a dynamic balance of power in which all players are effectively paralyzed so that no one who would threaten the United States emerges. The Islamic State had real successes at first, but the balance of power with the Kurds and Shia has limited its expansion, and tensions within the Sunni community diverted its attention. Certainly there is the danger of intercontinental terrorism, and U.S. intelligence should be active in identifying and destroying these threats. But the re-occupation of Iraq, or Iraq plus Syria, makes no sense. The United States does not have the force needed to occupy Iraq and Syria at the same time. The demographic imbalance between available forces and the local population makes that impossible.

The danger is that other Islamic State franchises might emerge in other countries. But the United States would not be able to block these threats as well as the other countries in the region. Saudi Arabia must cope with any internal threat it faces not because the United States is indifferent, but because the Saudis are much better at dealing with such threats. In the end, the same can be said for the Iranians. Most important, it can also be said for the Turks. The Turks are emerging as a regional power. Their economy has grown dramatically in the past decade, their military is the largest in the region, and they are part of the Islamic world. Their government is Islamist but in no way similar to the Islamic State, which concerns Ankara. This is partly because of Ankara’s fear that the jihadist group might spread to Turkey, but more so because its impact on Iraqi Kurdistan could affect Turkey’s long-term energy plans.

The United States cannot win the game of small mosaic tiles that is emerging in Syria and Iraq. An American intervention at this microscopic level can only fail. But the principle of balance of power does not mean that balance must be maintained directly. Turkey, Iran and Saudi Arabia have far more at stake in this than the United States. So long as they believe that the United States will attempt to control the situation, it is perfectly rational for them to back off and watch, or act in the margins, or even hinder the Americans. The United States must turn this from a balance of power between Syria and Iraq to a balance of power among this trio of regional powers. They have far more at stake and, absent the United States, they have no choice but to involve themselves. They cannot stand by and watch a chaos that could spread to them. It is impossible to forecast how the game is played out. What is important is that the game begins. The Turks do not trust the Iranians, and neither is comfortable with the Saudis. They will cooperate, compete, manipulate and betray, just as the United States or any country might do in such a circumstance. The point is that there is a tactic that will fail: American re-involvement. There is a tactic that will succeed: the United States making it clear that while it might aid the pacification in some way, the responsibility is on regional powers. The inevitable outcome will be a regional competition that the United States can manage far better than the current chaos.

U.S. strategy is sound. It is to allow the balance of power to play out, to come in only when it absolutely must — with overwhelming force, as in Kuwait — and to avoid intervention where it cannot succeed. The tactical application of strategy is the problem. In this case the tactic is not direct intervention by the United States, save as a satisfying gesture to avenge murdered Americans. But the solution rests in doing as little as possible and forcing regional powers into the fray, then in maintaining the balance of power in this coalition. Such an American strategy is not an avoidance of responsibility. It is the use of U.S. power to force a regional solution. Sometimes the best use of American power is to go to war. Far more often, the best use of U.S. power is to withhold it. The United States cannot evade responsibility in the region. But it is enormously unimaginative to assume that carrying out that responsibility is best achieved by direct intervention. Indirect intervention is frequently more efficient and more effective.