“Encryption” Is Just Intel Code for “Failure to Achieve Omniscience”

After receiving a briefing on the San Bernardino attack, Richard Burr went out and made two contradictory claims. First, Burr — and or other sources for The Hill — said that there was no evidence the Tashfeen Malik and Syed Rizwan Farook used encryption.

Lawmakers on Thursday said there was no evidence yet that the two suspected shooters used encryption to hide from authorities in the lead-up to last week’s San Bernardino, Calif., terror attack that killed 14 people.

“We don’t know whether it played a part in this attack,” Senate Intelligence Committee Chairman Richard Burr (R-N.C.) told reporters following a closed-door briefing with federal officials on the shootings.

That’s consistent with what we know so far. After all, a husband and wife wouldn’t need to — or have a way of — encrypting their communications with each other, as it would be mostly face-to-face. The fact that they tried to destroy their devices (and apparently got rid of a still undiscovered hard drive) suggests they weren’t protecting that via encryption, but rather via physical destruction. That doesn’t rule out using both, but the FBI would presumably know if the devices they’re reconstructed were encrypted.

So it makes sense that the San Bernardino attacks did not use encryption.

But then later in the same discussion with reporters, Burr suggested Malik and Farook must have used encryption because the IC didn’t know about their attack.

Burr suggested it might have even played a role in the accused San Bernardino shooters — Tashfeen Malik and Syed Rizwan Farook — going unnoticed for years, despite the FBI saying they had been radicalized for some time.

“Any time you glean less information at the beginning, clearly encryption probably played a role in it,” he said. “And there were a lot of conversations that went on between these two individuals before [Malik] came to the United States that you would love to have some insight to other than after an attack took place.”

This is a remarkable comment!

After all, the FBI and NSA don’t even read all the conversations of foreigners, as Malik would still have legally been, that they can. Indeed, if these conversations were in Arabic or Urdu, the IC would only have had them translated if there were some reason to find them interesting. And even in spite of the pair’s early shooting training, it’s not apparent they had extensive conversations, particularly not online, to guide that training.

Those details would make it likely that the IC would have had no reason to be interested. To say nothing of the fact that ultimately “radicalization” is a state of mind, and thus far, NSA doesn’t have a way to decrypt thoughts.

But this is the second attack in a row, with Paris, where Burr and others have suggested that their lack of foreknowledge of the attack makes it probable the planners used encryption. Burr doesn’t even seem to be considering a number of other things, such as good operational security, languages, and metadata failures might lead the IC to miss warning signs, even assuming they’re collecting everything (there should have been no legal limits to their ability to collect on Malik).

We’re not having a debate about encryption anymore. We’re debating making the Internet less secure to excuse the IC’s less-than-perfect-omniscience.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

13 replies
  1. orionATL says:

    “We’re debating making the Internet less secure to excuse the IC’s less-than-perfect-omniscience.”

    and that’s just what all this noise is now about encryption is,

    and what john brennan’s widely attended obscuring concerns after the paris attack were,

    calculated distractions from the evident fact that the giant surveillance hydra they bred can’t hunt – can’ t predict individual behavior isolated from a network of others, and needing sufficient time to pick up a pattern of that network behavior.

    that is why the very shrewd granny feinstein was willing to sound like a demented old crone blathering on about child predators, and chairman burr talks out of both sides of his mouth, and the senator from illinois references tv/movieland as his sources of understanding, and “james” big scare” comey starts sounding like ol’ haystacks alexander –

    they’re all trying to draw attantion away from the failures of their pet hydra.

    talk about the hydra that didn’t bark…

    this hydra won’t hunt :)

  2. orionATL says:

    but then i mustn’t forget the cisa legislation which, down in the cold bottom ring of the congress, is being prepared for the solons’ approval.

    the cisa, recall, is that piece of legislation the fuses corporate and government spying into a unity – classic fascism.

    along the way it protects cooperating corporations from niggling government regulation and from consumer lawsuits.

    this is granny feinstein’s hideous baby. sen. burr did his part. read about it in the enquirer.

  3. bloopie2 says:

    Come now, EW, you’re married, how can you say this?: “After all, a husband and wife wouldn’t need to — or have a way of — encrypting their communications with each other, as it would be mostly face-to-face.” Really — he understands everything you say? I’d venture that it’s a good percentage of men who think their wives are encrypting their speech, based on the number of times it’s followed up with “Don’t you understand what I’m saying?”

  4. jerryy says:

    .
    Hmm, so how will they explain missing Schuyler Barbeau? His arrest has some in the northwest rather angry. (Use his name in your favorite search engine.)
    .
    His Facebook postings are in plain sight, not encrypted at all, for example:
    .
    https://www.facebook.com/schuyler.barbeau/posts/1029630923766158
    .
    Yet it took a ‘confidential informant’ to tip the feds he was making threats against government officials…
    .
    If the government wishes to privatize their groups tracking, I nominate the Southern Poverty Law Center, they seem to be pretty able to handle the job. Of course this may be a bad idea, it could free up government resources for more fishing trips, uh excuse me, haystack maneuvering — is that a better term orionATL? :^)
    .

    • orionATL says:

      any use or form of the terms “haystacks/pitchforks ” in the context of u. s. gov surveillance is a good use. :)

      that sarcastic use arises from nsa honcho general keith (or was it kermit? ) alexanders’ conviction that looking for terrorists was like looking for needles in haystacks. his brillant solution was to collect all american and international communication possible in a myriad of haystacks and devise ways to search them, called “pitchforking” in nsa jargon.

      the sarcastic use conveys the military-engineering hubris, that machinery – even computer machinery – can detect and track individual and group human behavior with a sufficiently high degree of accuracy to detect terrorist plots.

      fail!

      fail!

      fail!
      .
      .
      .
      .
      pnd.

  5. Anon says:

    When I have discussed issues such as this with people offline I have noticed that some individuals, generally older ones, really and truly believe the hype surrounding the NSA, CIA, etc. That is they do actually believe that the IC should be able to catch all the bad people and know all the secret networks, and so on. In more extreme cases they also take it as a given that we can get a batallion of marines to the middle of Bhengazi in 4 hours or less, and so on.
    .
    Given that assumption they do genuinely find it difficult to imagine that something like the Paris attacks can happen without the IC knowing about it. That is in fact why they find NSA’s self-serving “Encryption Bad” arguments so plausible because they start from an assumption of benevolent omniscience and look for excuses in all other cases.
    .
    Burr might genuinely believe what he says. That doesn’t make it right but it does explain why he looks so totally out of touch.

  6. yeahbut says:

    > “We’re not having a debate about encryption anymore. We’re debating making the Internet less secure to excuse the IC’s less-than-perfect-omniscience.”

    News to me that “security”, if you can call the “Crypto war” that, was for front in the design of the internet… But everything else makes for an amusing tale of the status quo.

  7. RepubAnon says:

    If they can’t even be bothered to monitor social media, how would weakening encryption help?

    U.S. Visa Process Missed San Bernardino Wife’s Zealotry on Social Media
    WASHINGTON — Tashfeen Malik, who with her husband carried out the massacre in San Bernardino, Calif., passed three background checks by American immigration officials as she moved to the United States from Pakistan. None uncovered what Ms. Malik had made little effort to hide — that she talked openly on social media about her views on violent jihad.

    She said she supported it. And she said she wanted to be a part of it.

    If we weaken encryption, all it does is open a new method for terrorists to attack… say, by draining everyone’s bank accounts,

Comments are closed.