How Mark Klein told the EFF about Room 641A [book excerpt]

"With all due respect, Cindy, you don’t know if they are classified since they don’t have to have markings and can still be classified. Only we can tell. And if they are classified, you are likely in trouble."

That's awfully convenient. Impossible to check if something's classified, but you can still go to jail over it.

"One big change impacting surveillance was clear: Prior to September 11, the U.S. had what could reasonably be called a “wall” separating foreign surveillance for national security purposes done by the NSA from domestic surveillance for law enforcement purposes done by the FBI."

It turns out that the above statement is not entirely correct. I was aware of this rule at the time (early 90's), and was very surprised to find that it had been routinely violated for at least a decade. Unlike Snowden, I kept this to myself because I had signed (many) NDAs with the US Government.

Shameless plug (as a board member): If you are interested in the book that this is from, a great way to pick it up is on the EFF website, where your purchase helps EFF keep up the fight for privacy. https://www.eff.org/Privacys-Defender

I suppose this is as good a place as any to dump this. In 2002, I was hosting a 1U server in downtown Los Angeles. No cages, minimal security, pretty sure I just walked in.

Crash carts sat unattended, usually a screen filled with porn and a cable running on the floor to the nearest tap. I got the feeling that many of the techs were hosting porn sites as a side gig.

On my second visit, in plain sight, was new construction. A corner of the room with what looked like four inch fiber bundles going in and out. One dusty, one fresh. Taped dry-wall, unpainted. If the door wasn't so fancy you'd never look twice.

Is that...? Dude grimaced and nodded.

This is a great behind-the-scenes look at the NSA-Hepting case.

Can't wait to read Cohn's book.

Also RIP Mark Klein. A true American hero who never tried to turn his whistle-blowing into becoming a celebrity.

Beware, this is a book excerpt rather than a standalone blog post, so it ends on a cliffhanger. Still a fun read.

Instances like this is a powerful statement that truly free and democratic governance is not sustainable in the long run with technological advancements.

We are basically trading marginal comforts from new technology in the short run for political freedom in the long run and the latency is decreasing.

The difference is overt governance of this nature is vilified and amplified in the media and the covert governance is insulated and critics marginalized.

Didn't see it in the actual text of the article, but as a caption of one of the images. The actual book this is excerpted from is Privacy's Defender by Cindy Cohn https://mitpress.mit.edu/9780262051248/privacys-defender/

This was an amazing read for me, so much so I bought the book and am enjoying reading it. It's quite an interesting read and I'm learning quite a bit more than I knew about the mission EFF stands for.

I think Perfect Forward Secrecy has a great deal to do with how things have turned out. In the days of Room 641A, copying and diverting fiber traffic to somewhere like Utah even before it could be read, would have conferred an advantage if it was encrypted (and important enough for other attacks like black bag jobs on servers). PFS has turned ephemeral encryption into the garbage it deserves to be.

arpwatch running on an edge router of mine tells me that there's a host with a DoD-registered IP address connected to my (major US) ISP network segment, which I know for a fact contains both business and residential subscribers. I port scanned it when I first discovered it just to say 'hello', and I have little doubt that a dragnet surveillance apparatus lives on the other side of that firewall.

Governments have utilized clandestine wiretaps for as long as there have been wires. Bad guys and the children and all that. Not to mention, what an advantage that people think you're kooky when you talk openly about this stuff!

This is literally old news - contemporaneous with Snowden, Prism, etc. in early 2000s. Go read about the current Section 702 / FISA authorization renewal battle about which Senator Wyden recently said:

    “I strongly believe that this matter can and should be declassified and that Congress needs to debate it openly before Section 702 is reauthorized,” Wyden said in a Senate floor speech last month. “In fact, when it is eventually declassified, the American people will be stunned that it took so long and that Congress has been debating this authority with insufficient information.”

Some articles:

https://time.com/article/2026/04/27/fisa-fbi-spying-surveill...

https://www.motherjones.com/politics/2026/04/trump-congress-...

The problem is that modern Americans politicize everything.

There was a short period at the end of the Bush years when this was a big deal, but as soon as the gaslighting was coming from both political teams, it became a non-issue politically.

> President Obama defended the U.S. government's surveillance programs, telling NBC's Jay Leno on Tuesday that: "There is no spying on Americans."

"We don't have a domestic spying program," Obama said on The Tonight Show with Jay Leno. "What we do have is some mechanisms that can track a phone number or an email address that is connected to a terrorist attack. ... That information is useful."

https://www.npr.org/sections/thetwo-way/2013/08/06/209692380...

Even if you're in favour of surveillance, why does the surveillance also need to be secret?

The article ends with "we were all a little worried." Is this where it's supposed to end? Feels incomplete. I'm hooked anyway.

Back then the EFF cared about privacy, now they care about virtue signalling.

Wowwww I didn't know what Room 641A meant, but when I clicked on the link and saw the image of the door to the server closet it brought it all back. Funny how people remember things.

One of the few good outcomes: Mark Klein never faced a lawsuit or criminal charges from the government, AT&T or the justice system in general for his disclosure.

"Privacy's Defender" eh? Rather grandiose title considering that defense has been an abject historical failure.

(Not to suggest the EFF has not waged a valiant effort regardless.)

Entire generations of people who were never alive to remember a world where their every movement and utterance was not being tracked by the advertising/surveillance industrial complex.

It's just considered normal now. The west is very sick.

See also perhaps:

* https://en.wikipedia.org/wiki/Room_641A

So much of surveillance should be blatantly illegal/unconstitutional, but I really don't understand how there can be such a thing as documents that are illegal to possess.

The HN headline really should use the title of the article. Almost no one knows what room 641F means.

Who runs this backbone now? CloudFlare?

Gripping!

Adding this to my tsundoku

[dead]

Kevin Mitnick also discovered this.. ages ago.

Same stuff different day. The United State's laws do not allow for direct domestic spying or something to that effect so they use Five Eyes anglosphere intelligence alliance marketplace as a loop hole. Since Reed Elsevier plc aka "RELX" has purchased LexisNexis who had purchased Seisint, Inc and the technology for Flordia's Multistate Anti-Terrorism Information Exchange Program "MATRIX", which was shut down due to privacy concerns by congress, it is only logical that the data aggregation technology is being used in full force now. There seems to be no other way but to allow 100% technology and communication introspection by the government to stop terrorism.

So, this is an uncomfortable read and comes from my personal experience. I'm posting this here as I haven't yet found great outlets and support for what I experienced, and this thread seems like a good spot. Open to outreach and support and ideas from people.

In 2021-2022 I was vocal about the CIA being a terrorist organization (I bet many people adjacently believe similar things and are silent) and this got me attention from them. I posted several things I learned from documentaries and on the web, and from my personal background I think it was enough to trigger something in their system. From that time onwards, people I could best describe as Agents w/behavior that matches what professional interrogators would do kept showing up at public events I was a part of and in the most terrifying scenario also infiltrated my public commune.

There's an odd history with the FBI and possibly CIA and communes such as Osho the Bagawan (see, Netflix documentary) and I witnessed firsthand how deceptive, harmful and insidious this was. In some cases I believe substances were put in my food and drink, and in the cases matching that my body would later have adverse reactions with the agent's closely observing my behavior and consistently trying to elicit Black Web conversations. I had to flee and colocate to the familiarity of family and friends since, and only recently 3-years later have I been socializing my experience and writing to my congress and house representatives. That said, that was a month ago and they have yet to provide any substantive relief or support - I asked for assistance and guidance with investigating the intelligence community for misconduct as when they're doing this to Americans without any accountability, it undermines the integrity of our Country and I believe our national security. It brings into question who they are really serving. I'm no terrorist, even if I call you one and my skin color is brown and matches what the media-funded-by-the-CIA tells you to believe. I want this story documented and heard, believe what you will, though I leave you with the story that "We know our intelligence community does unethical things, its part of what we've given them the responsibility to do so we ourselves don't have to, and now when that unethical thing has happened to you or someone you know what do you do? What do you do when everyone you turn to for help gaslights you and tells you that surely did not happen? Find proof that the organization whose job it is to go undetected, did indeed do that thing to you." I ask for some empathy and understanding, please.

If the documents are classified. And you dont know the levels of it.

I would never hand them over. As i dont know who is cleared. And wait for the court to decide what should i do with them. Or meet the president and hand them personally. By the good semeriton, should protect the lawyes, as they did their best to hold the secret.

I am no lawyer .

Isn't AI both the problem ... AND the solution here?

True, you can't publish a book anonymously anymore: that ship seems to have sailed. But if you want to publish a political piece or anything else potentially "substantive", can't you just ask AI to rewrite it for you? Instant anonymization!