NSA chief declines comment on malware put on civilian computers, says programs “lawful”
I’m still unsure how infecting innocent civilians’ hard drives with a virus is lawful seeing how they put many hackers in prison for exactly the same thing.
(Reuters) – The head of the National Security Agency refused to comment on Monday on reports that the U.S. government implants spyware on computer hard drives for surveillance purposes, saying “we fully comply with the law.”
U.S. Navy Admiral Michael Rogers was responding to reports that the NSA had embedded spyware in computers on a vast scale and that along with its British counterpart, had hacked into the world’s biggest manufacturer of cellphone SIM cards.
“Clearly I’m not going to get into the specifics of allegations. But the point I would make is, we fully comply with the law,” Rogers said at a Washington forum sponsored by the New America think-tank.
The Moscow-based security software maker Kaspersky Lab said last week that the NSA had figured out how to embed spy software deep within hard drives by Western Digital, Seagate, Toshiba and other top manufacturers, giving the agency the means to eavesdrop on a majority of the world’s computers.
Another report, based on documents provided by former NSA contractor Edward Snowden and published by the Intercept site, said the U.S. agency and its British counterpart hacked into Gemalto, which produces SIM cards. That would potentially allow intelligence agencies to monitor the calls, texts and emails of billions of people, the report said. [ID:nL5N0VU1CG}
Rogers, whose agency has come under intense scrutiny since 2013 when Snowden exposed details of its widespread surveillance programs, said: “I am not going to chase every allegation out there. I don’t have time.”
Even as he declined comment on the reports of aggressive NSA operations, Rogers argued that U.S. intelligence, along with law enforcement agencies, needs the legal means to break strong encryption increasingly built into operating systems such as those of Apple or Google.
“Most of the debate that I’ve seen has been, ‘It’s all or nothing. It’s either total encryption or no encryption at all,'” Rogers said.
If a specific phone is being used to commit a crime or threaten national security, “can’t there be a legal framework for how we access that?” he asked.