[ISN] AT&T leaks sensitive info in NSA suit

From: InfoSec News (isn@private)
Date: Mon May 29 2006 - 22:06:14 PDT


By Declan McCullagh 
Staff Writer, CNET News.com
May 26, 2006

Lawyers for AT&T accidentally released sensitive information while
defending a lawsuit that accuses the company of facilitating a
government wiretapping program, CNET News.com has learned.

AT&T's attorneys this week filed a 25-page legal brief striped with
thick black lines that were intended to obscure portions of three
pages and render them unreadable.

But the obscured text nevertheless can be copied and pasted inside
some PDF readers, including Preview under Apple Computer's OS X and
the xpdf utility used with X11.

The deleted portions of the legal brief seek to offer benign reasons
why AT&T would allegedly have a secret room at its downtown San
Francisco switching center that would be designed to monitor Internet
and telephone traffic. The Electronic Frontier Foundation, which filed
the class-action lawsuit in January, alleges that the room is used by
an unlawful National Security Agency surveillance program.

"AT&T notes that the facts recited by plaintiffs are entirely
consistent with any number of legitimate Internet monitoring systems,
such as those used to detect viruses and stop hackers," the redacted
pages say.

Another section says: "Although the plaintiffs ominously refer to the
equipment as the 'Surveillance Configuration,' the same physical
equipment could be utilized exclusively for other surveillance in full
compliance with" the Foreign Intelligence Surveillance Act.

The redacted portions of AT&T's court filing are not classified, and
no information relating to actual operations of an NSA surveillance
program was disclosed. Also, AT&T's attorneys at the law firms of
Pillsbury Winthrop Shaw Pittman and Sidley Austin were careful not to
explicitly acknowledge that such a secret room actually exists.

A representative for AT&T was not immediately available to comment.

Although EFF's lawsuit was filed before allegations about the room
surfaced, reports of its existence have become central to the
nonprofit group's attempts to prove AT&T opened its network to the
NSA. A former AT&T employee, Mark Klein, has released documents
alleging the company spliced its fiber optic cables and ran a
duplicate set of cables to Room 641A at its 611 Folsom Street

This is hardly the first time that PDF files have leaked embarrassing
or sensitive information. In an ironic twist, the NSA published a
13-page paper in January describing how redactions could be done

A similar problem has arisen with metadata associated with Microsoft
Office files. In March 2004, a gaffe by the SCO Group revealed which
companies it had considered targeting in its legal campaign against
Linux users. Microsoft Office 2003/XP even offers a way to
"permanently remove hidden data and collaboration data" from Word,
Excel and PowerPoint files.

Documents that EFF filed, including a redacted version (click here for
PDF) of a sworn statement by Klein released this week, were properly
redacted. Instead of including the underlying text and layering a
black rectangle on top, the San Francisco-based civil liberties group
saved those pages as image files.

Copyright 1995-2006 CNET Networks, Inc. All rights reserved.

Attend the Black Hat Briefings and
Training, Las Vegas July 29 - August 3
2,500+ international security experts from 40 nations,
10 tracks, no vendor pitches.

This archive was generated by hypermail 2.1.3 : Mon May 29 2006 - 22:10:18 PDT