LAS VEGAS National Security Agency director Gen. Keith Alexander was met with cheers and heckling Wednesday at the Black Hat conference in Las Vegas, an annual meeting of hackers and cybersecurity professionals.
Alexander was asked to give the keynote address at the conference before former NSA contractor Edward Snowden leaked documents to the media about PRISM -- a government surveillance program that collected metadata over telecommunication lines. Black Hat organizers say that he could have easily backed out, but chose to attend open a dialog with the hacking community.
The mood was one of respectful skepticism among a majority of audience members. But halfway through the address, which promised to answer tough questions in the wake of the PRISM leak, some in the audience decided they had heard enough.
Alexander was speaking about ways the controversial initiative FAA 702 has thwarted terrorism plots, when he said of the NSA: "We stand for freedom."
"Bulls***," a heckler in an audience of hundreds yelled out. After a handful of claps, he continued, "You lied to Congress. Why should we believe you're not lying to us?"
Unfazed by the comment, Alexander calmly replied, "I did not lie to Congress."
Alexander spent the majority of his speech explaining how the U.S. government arrived at its current cybersecurity posture and where to go next. The director pointed at some of the major terrorist attacks in the last 20 years, like the first World Trade Center bombing in 1993, the U.S.S. Cole bombing in 2000, and the September 11th attacks as examples of why the intelligence community had to step up its data gathering.
"The intelligence community failed to connect the dots," Alexander said.
Addressing the concerns that NSA analysts can access the personal data of Americans at will, Alexander said there is a misconception about how much information is being accessed, adding that the program can be completely audited.
Alexander said there are only 22 people at the NSA who can approve the surveillance of a phone number, and 35 analysts who are authorized to review the queries. Of 300 phone numbers that were approved for query in 2012, 12 were reported to the Federal Bureau of Investigation.
The director said that if a query appeared unrelated to national security, its auditing tools would detect it and the analyst would have to explain their intent. He added that an audit conducted by Congress found no incidences of abuse of the program.
Alexander shared a slide that revealed a sample of what a document with metadata looks like. A snippet of a spreadsheet reveals columns including date, time, from address, to address, length, site and source -- not the content of the communication itself. The director added that the NSA does not "collect everything."
"It's focused," Alexander said. "We don't want to collect everything."
Alexander ended his speech with a plea to the audience, saying, "help us defend the country and find a greater solution.The whole reason I came here is to ask you to make it better."
"Read the constitution," a heckler in the audience yelled out.
"I have. You should too," Alexander calmly responded. His comment was followed by cheering from the audience.