How the NSA Plans to Infect 'Millions' of Computers With Malware

By Ryan Gallagher, Glenn Greenwald, The Intercept

12 March 14

 

op-secret documents reveal that the National Security Agency is dramatically expanding its ability to covertly hack into computers on a mass scale by using automated systems that reduce the level of human oversight in the process.

The classified files - provided previously by NSA whistleblower Edward Snowden - contain new details about groundbreaking surveillance technology the agency has developed to infect potentially millions of computers worldwide with malware "implants." The clandestine initiative enables the NSA to break into targeted computers and to siphon out data from foreign Internet and phone networks.

The covert infrastructure that supports the hacking efforts operates from the agency's headquarters in Fort Meade, Maryland, and from eavesdropping bases in the United Kingdom and Japan. GCHQ, the British intelligence agency, appears to have played an integral role in helping to develop the implants tactic.

In some cases the NSA has masqueraded as a fake Facebook server, using the social media site as a launching pad to infect a target's computer and exfiltrate files from a hard drive. In others, it has sent out spam emails laced with the malware, which can be tailored to covertly record audio from a computer's microphone and take snapshots with its webcam. The hacking systems have also enabled the NSA to launch cyberattacks by corrupting and disrupting file downloads or denying access to websites.

The implants being deployed were once reserved for a few hundred hard-to-reach targets, whose communications could not be monitored through traditional wiretaps. But the documents analyzed by The Intercept show how the NSA has aggressively accelerated its hacking initiatives in the past decade by computerizing some processes previously handled by humans. The automated system - codenamed TURBINE - is designed to "allow the current implant network to scale to large size (millions of implants) by creating a system that does automated control implants by groups instead of individually."

In a top-secret presentation, dated August 2009, the NSA describes a pre-programmed part of the covert infrastructure called the "Expert System," which is designed to operate "like the brain." The system manages the applications and functions of the implants and "decides" what tools they need to best extract data from infected machines.

Mikko Hypponen, an expert in malware who serves as chief research officer at the Finnish security firm F-Secure, calls the revelations "disturbing." The NSA's surveillance techniques, he warns, could inadvertently be undermining the security of the Internet.

"When they deploy malware on systems," Hypponen says, "they potentially create new vulnerabilities in these systems, making them more vulnerable for attacks by third parties."

Hypponen believes that governments could arguably justify using malware in a small number of targeted cases against adversaries. But millions of malware implants being deployed by the NSA as part of an automated process, he says, would be "out of control."

"That would definitely not be proportionate," Hypponen says. "It couldn't possibly be targeted and named. It sounds like wholesale infection and wholesale surveillance."

The NSA declined to answer questions about its deployment of implants, pointing to a new presidential policy directive announced by President Obama. "As the president made clear on 17 January," the agency said in a statement, "signals intelligence shall be collected exclusively where there is a foreign intelligence or counterintelligence purpose to support national and departmental missions, and not for any other purposes."

"Owning the Net"

The NSA began rapidly escalating its hacking efforts a decade ago. In 2004, according to secret internal records, the agency was managing a small network of only 100 to 150 implants. But over the next six to eight years, as an elite unit called Tailored Access Operations (TAO) recruited new hackers and developed new malware tools, the number of implants soared to tens of thousands.

To penetrate foreign computer networks and monitor communications that it did not have access to through other means, the NSA wanted to go beyond the limits of traditional signals intelligence, or SIGINT, the agency's term for the interception of electronic communications. Instead, it sought to broaden "active" surveillance methods - tactics designed to directly infiltrate a target's computers or network devices.

In the documents, the agency describes such techniques as "a more aggressive approach to SIGINT" and says that the TAO unit's mission is to "aggressively scale" these operations.

But the NSA recognized that managing a massive network of implants is too big a job for humans alone.

"One of the greatest challenges for active SIGINT/attack is scale," explains the top-secret presentation from 2009. "Human 'drivers' limit ability for large-scale exploitation (humans tend to operate within their own environment, not taking into account the bigger picture)."

The agency's solution was TURBINE. Developed as part of TAO unit, it is described in the leaked documents as an "intelligent command and control capability" that enables "industrial-scale exploitation."

TURBINE was designed to make deploying malware much easier for the NSA's hackers by reducing their role in overseeing its functions. The system would "relieve the user from needing to know/care about the details," the NSA's Technology Directorate notes in one secret document from 2009. "For example, a user should be able to ask for 'all details about application X' and not need to know how and where the application keeps files, registry entries, user application data, etc."

In practice, this meant that TURBINE would automate crucial processes that previously had to be performed manually - including the configuration of the implants as well as surveillance collection, or "tasking," of data from infected systems. But automating these processes was about much more than a simple technicality. The move represented a major tactical shift within the NSA that was expected to have a profound impact - allowing the agency to push forward into a new frontier of surveillance operations.

The ramifications are starkly illustrated in one undated top-secret NSA document, which describes how the agency planned for TURBINE to "increase the current capability to deploy and manage hundreds of Computer Network Exploitation (CNE) and Computer Network Attack (CNA) implants to potentially millions of implants." (CNE mines intelligence from computers and networks; CNA seeks to disrupt, damage or destroy them.)

Eventually, the secret files indicate, the NSA's plans for TURBINE came to fruition. The system has been operational in some capacity since at least July 2010, and its role has become increasingly central to NSA hacking operations.

Earlier reports based on the Snowden files indicate that the NSA has already deployed between 85,000 and 100,000 of its implants against computers and networks across the world, with plans to keep on scaling up those numbers.

The intelligence community's top-secret "Black Budget" for 2013, obtained by Snowden, lists TURBINE as part of a broader NSA surveillance initiative named "Owning the Net."

The agency sought $67.6 million in taxpayer funding for its Owning the Net program last year. Some of the money was earmarked for TURBINE, expanding the system to encompass "a wider variety" of networks and "enabling greater automation of computer network exploitation."

Circumventing Encryption

The NSA has a diverse arsenal of malware tools, each highly sophisticated and customizable for different purposes.

One implant, codenamed UNITEDRAKE, can be used with a variety of "plug-ins" that enable the agency to gain total control of an infected computer.

An implant plug-in named CAPTIVATEDAUDIENCE, for example, is used to take over a targeted computer's microphone and record conversations taking place near the device. Another, GUMFISH, can covertly take over a computer's webcam and snap photographs. FOGGYBOTTOM records logs of Internet browsing histories and collects login details and passwords used to access websites and email accounts. GROK is used to log keystrokes. And SALVAGERABBIT exfiltrates data from removable flash drives that connect to an infected computer.

The implants can enable the NSA to circumvent privacy-enhancing encryption tools that are used to browse the Internet anonymously or scramble the contents of emails as they are being sent across networks. That's because the NSA's malware gives the agency unfettered access to a target's computer before the user protects their communications with encryption.

It is unclear how many of the implants are being deployed on an annual basis or which variants of them are currently active in computer systems across the world.

Previous reports have alleged that the NSA worked with Israel to develop the Stuxnet malware, which was used to sabotage Iranian nuclear facilities. The agency also reportedly worked with Israel to deploy malware called Flame to infiltrate computers and spy on communications in countries across the Middle East.

According to the Snowden files, the technology has been used to seek out terror suspects as well as individuals regarded by the NSA as "extremist." But the mandate of the NSA's hackers is not limited to invading the systems of those who pose a threat to national security.

In one secret post on an internal message board, an operative from the NSA's Signals Intelligence Directorate describes using malware attacks against systems administrators who work at foreign phone and Internet service providers. By hacking an administrator's computer, the agency can gain covert access to communications that are processed by his company. "Sys admins are a means to an end," the NSA operative writes.

The internal post - titled "I hunt sys admins" - makes clear that terrorists aren't the only targets of such NSA attacks. Compromising a systems administrator, the operative notes, makes it easier to get to other targets of interest, including any "government official that happens to be using the network some admin takes care of."

Similar tactics have been adopted by Government Communications Headquarters, the NSA's British counterpart. As the German newspaper Der Spiegel reported in September, GCHQ hacked computers belonging to network engineers at Belgacom, the Belgian telecommunications provider.

The mission, codenamed "Operation Socialist," was designed to enable GCHQ to monitor mobile phones connected to Belgacom's network. The secret files deem the mission a "success," and indicate that the agency had the ability to covertly access Belgacom's systems since at least 2010.

Infiltrating cellphone networks, however, is not all that the malware can be used to accomplish. The NSA has specifically tailored some of its implants to infect large-scale network routers used by Internet service providers in foreign countries. By compromising routers - the devices that connect computer networks and transport data packets across the Internet - the agency can gain covert access to monitor Internet traffic, record the browsing sessions of users, and intercept communications.

Two implants the NSA injects into network routers, HAMMERCHANT and HAMMERSTEIN, help the agency to intercept and perform "exploitation attacks" against data that is sent through a Virtual Private Network, a tool that uses encrypted "tunnels" to enhance the security and privacy of an Internet session.

The implants also track phone calls sent across the network via Skype and other Voice Over IP software, revealing the username of the person making the call. If the audio of the VOIP conversation is sent over the Internet using unencrypted "Real-time Transport Protocol" packets, the implants can covertly record the audio data and then return it to the NSA for analysis.

But not all of the NSA's implants are used to gather intelligence, the secret files show. Sometimes, the agency's aim is disruption rather than surveillance. QUANTUMSKY, a piece of NSA malware developed in 2004, is used to block targets from accessing certain websites. QUANTUMCOPPER, first tested in 2008, corrupts a target's file downloads. These two "attack" techniques are revealed on a classified list that features nine NSA hacking tools, six of which are used for intelligence gathering. Just one is used for "defensive" purposes - to protect U.S. government networks against intrusions.

"Mass exploitation potential"

Before it can extract data from an implant or use it to attack a system, the NSA must first install the malware on a targeted computer or network.

According to one top-secret document from 2012, the agency can deploy malware by sending out spam emails that trick targets into clicking a malicious link. Once activated, a "back-door implant" infects their computers within eight seconds.

There's only one problem with this tactic, codenamed WILLOWVIXEN: According to the documents, the spam method has become less successful in recent years, as Internet users have become wary of unsolicited emails and less likely to click on anything that looks suspicious.

Consequently, the NSA has turned to new and more advanced hacking techniques. These include performing so-called "man-in-the-middle" and "man-on-the-side" attacks, which covertly force a user's internet browser to route to NSA computer servers that try to infect them with an implant.

To perform a man-on-the-side attack, the NSA observes a target's Internet traffic using its global network of covert "accesses" to data as it flows over fiber optic cables or satellites. When the target visits a website that the NSA is able to exploit, the agency's surveillance sensors alert the TURBINE system, which then "shoots" data packets at the targeted computer's IP address within a fraction of a second.

In one man-on-the-side technique, codenamed QUANTUMHAND, the agency disguises itself as a fake Facebook server. When a target attempts to log in to the social media site, the NSA transmits malicious data packets that trick the target's computer into thinking they are being sent from the real Facebook. By concealing its malware within what looks like an ordinary Facebook page, the NSA is able to hack into the targeted computer and covertly siphon out data from its hard drive. A top-secret animation demonstrates the tactic in action.

The documents show that QUANTUMHAND became operational in October 2010, after being successfully tested by the NSA against about a dozen targets.

According to Matt Blaze, a surveillance and cryptography expert at the University of Pennsylvania, it appears that the QUANTUMHAND technique is aimed at targeting specific individuals. But he expresses concerns about how it has been covertly integrated within Internet networks as part of the NSA's automated TURBINE system.

"As soon as you put this capability in the backbone infrastructure, the software and security engineer in me says that's terrifying," Blaze says.

"Forget about how the NSA is intending to use it. How do we know it is working correctly and only targeting who the NSA wants? And even if it does work correctly, which is itself a really dubious assumption, how is it controlled?"

In an email statement to The Intercept, Facebook spokesman Jay Nancarrow said the company had "no evidence of this alleged activity." He added that Facebook implemented HTTPS encryption for users last year, making browsing sessions less vulnerable to malware attacks.

Nancarrow also pointed out that other services besides Facebook could have been compromised by the NSA. "If government agencies indeed have privileged access to network service providers," he said, "any site running only [unencrypted] HTTP could conceivably have its traffic misdirected."

A man-in-the-middle attack is a similar but slightly more aggressive method that can be used by the NSA to deploy its malware. It refers to a hacking technique in which the agency covertly places itself between computers as they are communicating with each other.

This allows the NSA not only to observe and redirect browsing sessions, but to modify the content of data packets that are passing between computers.

The man-in-the-middle tactic can be used, for instance, to covertly change the content of a message as it is being sent between two people, without either knowing that any change has been made by a third party. The same technique is sometimes used by criminal hackers to defraud people.

A top-secret NSA presentation from 2012 reveals that the agency developed a man-in-the-middle capability called SECONDDATE to "influence real-time communications between client and server" and to "quietly redirect web-browsers" to NSA malware servers called FOXACID. In October, details about the FOXACID system were reported by the Guardian, which revealed its links to attacks against users of the Internet anonymity service Tor.

But SECONDDATE is tailored not only for "surgical" surveillance attacks on individual suspects. It can also be used to launch bulk malware attacks against computers.

According to the 2012 presentation, the tactic has "mass exploitation potential for clients passing through network choke points."

Blaze, the University of Pennsylvania surveillance expert, says the potential use of man-in-the-middle attacks on such a scale "seems very disturbing." Such an approach would involve indiscriminately monitoring entire networks as opposed to targeting individual suspects.

"The thing that raises a red flag for me is the reference to 'network choke points,'" he says. "That's the last place that we should be allowing intelligence agencies to compromise the infrastructure - because that is by definition a mass surveillance technique."

To deploy some of its malware implants, the NSA exploits security vulnerabilities in commonly used Internet browsers such as Mozilla Firefox and Internet Explorer.

The agency's hackers also exploit security weaknesses in network routers and in popular software plugins such as Flash and Java to deliver malicious code onto targeted machines.

The implants can circumvent anti-virus programs, and the NSA has gone to extreme lengths to ensure that its clandestine technology is extremely difficult to detect. An implant named VALIDATOR, used by the NSA to upload and download data to and from an infected machine, can be set to self-destruct - deleting itself from an infected computer after a set time expires.

In many cases, firewalls and other security measures do not appear to pose much of an obstacle to the NSA. Indeed, the agency's hackers appear confident in their ability to circumvent any security mechanism that stands between them and compromising a computer or network. "If we can get the target to visit us in some sort of web browser, we can probably own them," an agency hacker boasts in one secret document. "The only limitation is the 'how.'"

Covert Infrastructure

The TURBINE implants system does not operate in isolation.

It is linked to, and relies upon, a large network of clandestine surveillance "sensors" that the agency has installed at locations across the world.

The NSA's headquarters in Maryland are part of this network, as are eavesdropping bases used by the agency in Misawa, Japan and Menwith Hill, England.

The sensors, codenamed TURMOIL, operate as a sort of high-tech surveillance dragnet, monitoring packets of data as they are sent across the Internet.

When TURBINE implants exfiltrate data from infected computer systems, the TURMOIL sensors automatically identify the data and return it to the NSA for analysis. And when targets are communicating, the TURMOIL system can be used to send alerts or "tips" to TURBINE, enabling the initiation of a malware attack.

The NSA identifies surveillance targets based on a series of data "selectors" as they flow across Internet cables. These selectors, according to internal documents, can include email addresses, IP addresses, or the unique "cookies" containing a username or other identifying information that are sent to a user's computer by websites such as Google, Facebook, Hotmail, Yahoo, and Twitter.

Other selectors the NSA uses can be gleaned from unique Google advertising cookies that track browsing habits, unique encryption key fingerprints that can be traced to a specific user, and computer IDs that are sent across the Internet when a Windows computer crashes or updates.

What's more, the TURBINE system operates with the knowledge and support of other governments, some of which have participated in the malware attacks.

Classification markings on the Snowden documents indicate that NSA has shared many of its files on the use of implants with its counterparts in the so-called Five Eyes surveillance alliance - the United Kingdom, Canada, New Zealand, and Australia.

GCHQ, the British agency, has taken on a particularly important role in helping to develop the malware tactics. The Menwith Hill satellite eavesdropping base that is part of the TURMOIL network, located in a rural part of Northern England, is operated by the NSA in close cooperation with GCHQ.

Top-secret documents show that the British base - referred to by the NSA as "MHS" for Menwith Hill Station - is an integral component of the TURBINE malware infrastructure and has been used to experiment with implant "exploitation" attacks against users of Yahoo and Hotmail.

In one document dated 2010, at least five variants of the QUANTUM hacking method were listed as being "operational" at Menwith Hill. The same document also reveals that GCHQ helped integrate three of the QUANTUM malware capabilities - and test two others - as part of a surveillance system it operates codenamed INSENSER.

GCHQ cooperated with the hacking attacks despite having reservations about their legality. One of the Snowden files, previously disclosed by Swedish broadcaster SVT, revealed that as recently as April 2013, GCHQ was apparently reluctant to get involved in deploying the QUANTUM malware due to "legal/policy restrictions." A representative from a unit of the British surveillance agency, meeting with an obscure telecommunications standards committee in 2010, separately voiced concerns that performing "active" hacking attacks for surveillance "may be illegal" under British law.

In response to questions from The Intercept, GCHQ refused to comment on its involvement in the covert hacking operations. Citing its boilerplate response to inquiries, the agency said in a statement that "all of GCHQ's work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorized, necessary and proportionate, and that there is rigorous oversight."

Whatever the legalities of the United Kingdom and United States infiltrating computer networks, the Snowden files bring into sharp focus the broader implications. Under cover of secrecy and without public debate, there has been an unprecedented proliferation of aggressive surveillance techniques. One of the NSA's primary concerns, in fact, appears to be that its clandestine tactics are now being adopted by foreign rivals, too.

"Hacking routers has been good business for us and our 5-eyes partners for some time," notes one NSA analyst in a top-secret document dated December 2012. "But it is becoming more apparent that other nation states are honing their skillz [sic] and joining the scene."

Noam Chomsky: How the US Is Playing With Fire in Asia

By David McNeill, Japan Times

12 March 14

 

A shifting balance of power in Asia has the potential for regional conflicts if it's not managed, warns Chomsky.

n unrelenting critic of U.S. foreign policy since the 1960s, much of his intellectual life has been spent stripping away what he calls America's "flattering self-image" and the layers of self-justification and propaganda he says it uses to mask its naked pursuit of power and profit around the world.

Now aged 85, Chomsky is still in demand across the world as a public speaker. He maintains a punishing work schedule that requires him to write, lecture and personally answer thousands of emails that flood into his account every week. He is professor emeritus of linguistics and philosophy at the Massachusetts Institute of Technology in Cambridge, where he has been based for nearly 60 years.

Chomsky will make a rare trip to Tokyo in March, where he is scheduled to give two lectures at Sophia University. Among the themes he will discuss are conceptions of the common good, one deriving from classical liberalism, the other from neoliberal globalization that he predicts will lead to disaster very soon if not radically modified.

"That gives the answer to the question posed in the title of the talk: 'Capitalist Democracy and the Prospects for Survival,' " he says. "The quick answer is 'dim.' "

Tell us about your connections to Japan.

I've been interested in Japan since the 1930s, when I read about Japan's vicious crimes in Manchuria and China. In the early 1940s, as a young teenager, I was utterly appalled by the racist and jingoist hysteria of the anti-Japanese propaganda. The Germans were evil, but treated with some respect: They were, after all, blond Aryan types, just like our imaginary self-image. Japanese were mere vermin, to be crushed like ants. Enough was reported about the firebombing of cities in Japan to recognize that major war crimes were underway, worse in many ways than the atom bombs.

I heard a story once that you were so appalled by the bombing of Hiroshima and the reaction of Americans that you had to go off and mourn alone . . .

Yes. On Aug. 6, 1945, I was at a summer camp for children when the atomic bombing of Hiroshima was announced over the public address system. Everyone listened, and then at once went on to their next activity: baseball, swimming, et cetera. Not a comment. I was practically speechless with shock, both at the horrifying events and at the null reaction. So what? More Japs incinerated. And since we have the bomb and no one else does, great; we can rule the world and everyone will be happy.

I followed the postwar settlement with considerable disgust as well. I didn't know then what I do now, of course, but enough information was available to undermine the patriotic fairy tale.

My first trip to Japan was with my wife and children 50 years ago. It was linguistics, purely, though on my own I met with people from Beheiren (Citizen's League for Peace in Vietnam). I've returned a number of times since, always to study linguistics. I was quite struck by the fact that Japan is the only country I visited - and there were many - where talks and interviews focused solely on linguistics and related matters, even while the world was burning.

You arrive in Japan at a possibly defining moment: the government is preparing to launch a major challenge to the nation's six-decade pacifist stance, arguing that it must be "more flexible" in responding to external threats; relations with China and Korea have turned toxic; and there is even talk of war. Should we be concerned?

We should most definitely be concerned. Instead of abandoning its pacifist stance, Japan should take pride in it as an inspiring model for the world, and should take the lead in upholding the goals of the United Nations "to save succeeding generations from the scourge of war." The challenges in the region are real, but what is needed is steps toward political accommodation and establishing peaceful relations, not a return to policies that proved disastrous not so long ago.

How in concrete terms, though, can political accommodation be achieved? The historical precedents for the kind of situation we face in Asia - competing nationalisms; a rising undemocratic power with opaque military spending and something to prove in tandem with a declining power, increasingly fearful about what this means - are not good.

There is a real issue, but I think the question should be formulated a bit differently. Chinese military spending is carefully monitored by the United States. It is indeed growing, but it is a small fraction of U.S. expenditures, which are amplified by U.S. allies (China has none). China is indeed seeking to break out of the arc of containment in the Pacific that limits its control over the waters essential to its commerce and open access to the Pacific. That does set up possible conflicts, partly with regional powers that have their own interests, but mainly with the U.S., which of course would never even consider anything remotely comparable for itself and, furthermore, insists upon global control.

Although the U.S. is a "declining power," and has been since the late 1940s, it still has no remote competitor as a hegemonic power. Its military spending virtually matches the rest of the world combined, and it is far more technologically advanced. No other country could dream of having a network of hundreds of military bases all over the world, nor of carrying out the world's most expansive campaign of terror - and that is exactly what (President Barack) Obama's drone assassination campaign is. And the U.S., of course, has a brutal record of aggression and subversion.

These are the essential conditions within which political accommodation should be sought. In concrete terms, China's interests should be recognized along with those of others in the region. But there is no justification for accepting the domination of a global hegemon.

One of the perceived problems with Japan's "pacifist" Constitution is that it is so at odds with the facts. Japan operates under the U.S. nuclear umbrella and is host to dozens of bases and thousands of American soldiers. Is that an embodiment of the pacifist ideals of Article 9?

Insofar as Japan's behavior is inconsistent with the legitimate constitutional ideals, the behavior should be changed - not the ideals.

Are you following the political return of Prime Minister Shinzo Abe? His critics call him an ultranationalist. Supporters say he is merely trying to update Japan's three outdated charters - education, the 1947 pacifist Constitution and the security treaty with Washington - all products of the U.S. postwar occupation. What's your view?

It makes sense for Japan to pursue a more independent role in the world, following Latin America and others in freeing itself from U.S. domination. But it should do so in a manner that is virtually the opposite of Abe's ultranationalism, a term that seems to me accurate. The pacifist Constitution, in particular, is one legacy of the occupation that should be vigorously defended.

What do you make of comparisons between the rise of Nazi Germany and China? We hear such comparisons frequently from nationalists in Japan, and also recently from Benigno Aquino, the Philippine president. China's rise is often cited as a reason for Japan to stop pulling in its horns.

China is a rising power, casting off its "century of humiliation" in a bid to become a force in regional and world affairs. As always, there are negative and sometimes threatening aspects to such a development. But a comparison to Nazi Germany is absurd. We might note that in an international poll released at the end of 2013 on the question which country is "the greatest threat to world peace," the U.S. was ranked far higher than any other, receiving four times the votes of China. There are quite solid reasons for this judgment, some mentioned earlier. Nevertheless, to compare the U.S. to Nazi Germany would be completely absurd, and a fortiori that holds for China's far lesser resort to violence, subversion and other forms of intervention.

The comparison between China and Nazi Germany really is hysteria. I wonder whether Japanese readers have even the slightest idea of what the U.S. is doing throughout the world, and has been since it took over Britain's role of global dominance - and greatly expanded it - after World War II.

Some see the possible emergence of an Asian regionalism building on the dynamic of intertwined trade centered on China, Japan and South Korea but extending throughout Asia. Under what conditions could such an approach trump both U.S. hegemony and nationalism?

It is not just possible, it already exists. China's recent growth spurt is based very heavily on advanced parts, components, design and other high-tech contributions from the surrounding industrial powers. And the rest of Asia is becoming linked to this system, too. The U.S. is a crucial part of the system - Western Europe, too. The U.S. exports production, including high technology, to China, and imports finished goods, all on an enormous scale. The value added in China remains small, although it will increase as China moves up the technology ladder. These developments, if handled properly, can contribute to the general political accommodation that is imperative if serious conflict is to be avoided.

The recent tension over the Senkaku Islands has raised the threat of military conflict between China and Japan. Most commenters still think war is unlikely, given the enormous consequences and the deep finance and trade links that bind the two economies together. What's your view?

The confrontations taking place are extremely hazardous. The same is true of China's declaration of an air defense identification zone in a contested region, and Washington's immediate violation of it. History has certainly taught us that playing with fire is not a wise course, particularly for states with an awesome capacity to destroy. Small incidents can rapidly escalate, overwhelming economic links.

What's the U.S. role in all this? It seems clear that Washington does not want to be pulled into a conflict with Beijing. We also understand that the Obama administration is upset at Abe's views on history, and his visits to Yasukuni Shrine, the linchpin of historical revisionism in Japan. However we can hardly call the U.S. an honest broker . . .

Hardly. The U.S. is surrounding China with military bases, not conversely. U.S. strategic analysts describe a "classic security dilemma" in the region, as the U.S. and China each perceive the other's stance as a threat to their basic interests. The issue is control of the seas off China's coasts, not the Caribbean or the waters off California. For the U.S., global control is a "vital interest."

We might also recall the fate of Prime Minister Yukio Hatoyama when he followed the will of the large majority of Okinawans, defying Washington. As The New York Times reported, "Apologizing for failing to fulfill a prominent campaign promise, Hatoyama told outraged residents of Okinawa on Sunday that he has decided to relocate an American air base to the north side of the island as originally agreed upon with the United States." His "capitulation," as it was correctly described, resulted from strong U.S. pressure.

China is now embroiled in territorial conflicts with Japan and the Philippines and Vietnam in the South China Sea as well as the air defense identification zone on its contested borders. In all of these cases, the U.S. is directly or indirectly involved. Should these be understood as cases of Chinese expansionism?

China is seeking to expand its regional influence, which conflicts with the traditional U.S. demand to be recognized as the global hegemon, and conflicts as well with local interests of regional powers. The phrase "Chinese expansionism" is accurate, but rather misleading, in the light of overwhelming U.S. global dominance.

It is useful to think back to the early post-World War II period. U.S. global planning took for granted that Asia would be under U.S. control. China's independence was a serious blow to these intentions. In U.S. discourse, it is called "the loss of China," and the issue of who was responsible for "the loss of China" became a major domestic issue, including the rise of McCarthyism. The terminology itself is revealing. I can lose my wallet, but I cannot lose yours. The tacit assumption of U.S. discourse is that China was ours by right. One should be cautious about using the phrase "expansionism" without due attention to this hegemonic conception and its ugly history.

On Okinawa, the scene seems set for a major confrontation between the mainland and prefectural governments, which support the construction of a new U.S. military base in Henoko, and the local population, which last month overwhelmingly re-elected an anti-base mayor. Do you have any thoughts on how this will play out?

One can only admire the courage of the people of Nago city and Mayor Inamine Susumu in rejecting the deplorable efforts of the Abe government to coerce them into accepting a military base to which the population was overwhelmingly opposed. And it was no less disgraceful that the central government instantly overrode their democratic decision. What the outcome will be, I cannot predict. It will, however, have considerable import for the fate of democracy and the prospects for peace.

The Abe government is trying to rekindle nuclear power and restart Japan's idling reactors. Supporters say the cost of keeping those reactors offline is a massive increase in energy costs and use of fossil fuels. Opponents say it is too dangerous . . .

The general question of nuclear power is not a simple one. It is hardly necessary to stress how dangerous it is after the Fukushima nuclear disaster, which has far from ended. Continued use of fossil fuels threatens global disaster, and not in the distant future. The sensible course would be to move as quickly as possible to sustainable energy sources, as Germany is now doing. The alternatives are too disastrous to contemplate.

You'll have followed the work of committed environmentalists such as James Lovelock and George Monbiot, who say nuclear power is the only way to save the planet from cooking. In the short term, that analysis seems to have some merit: One of the immediate consequences of Japan's nuclear disaster has been a massive expansion in imports of coal, gas and oil. They say there is no way for us to produce enough renewables in time to stop runaway climate change.

As I said, there is some merit in these views. More accurately, there would be if limited and short-term reliance on nuclear energy, with all of its extreme hazards and unsolved problems - like waste disposal - was taken as an opportunity for rapid and extensive development of sustainable energy. That should be the highest priority, and very quickly, because severe threats of environmental catastrophe are not remote.