Not-So-Trusted Computing: German Government Worried About Windows 8 Risks

/33 Comments/in , , /by

Microsoft’s “trusted computing platform.”

Microsoft’s “secure boot” technology.

The doublespeak almost writes itself these days. Whose “trusted computing”? Whose “platform”? And whose “secure boot”?

At least one government has expressed concerns in internal documents, buttressed by an unusual public statement in response to reports about the leaked documents.

According to German news outlet Die Zeit, internal documents from the Bundesamt fur Sicherheit in der Informationstechnik (Germany’s Federal Office for information Security – BSI) warn that Microsoft Windows 8’s Trusted Computing Platform poses a security risk.

The BSI issued a response, the first paragraph of which acknowledges the news reports; it also refers to an internal paper by the Bundeswirtschaftsministeriums (Germany’s Federal Ministry of Economics and Technology – BMWi) advising caution in using the Trusted Computing Platform. This may not be the first cautionary communication by the BMWi as it is not clear whether the paper referenced by the BSI today is the same internal paper issued on the subject in early 2012.

In the second paragraph, BSI denies it has issued any warning to private or public sector users, though this announcement doesn’t deny a warning might be warranted since government agencies are warning each other internally.

The third paragraph says that the Win 8 TCP (using Trusted Platform Module TPM 2.0) might offer improved security for some groups, though transparency should be offered by the manufacturer.

But the kicker is the fourth paragraph:

“From the BSI’s perspective, the use of Windows 8 combined with TPM 2.0 is accompanied by a loss of control over the operating system and the hardware used. As a result, new risks arise for the user, especially for the federal government and for those providing critical infrastructure. In particular, on hardware running Windows 8 that employs TPM 2.0, unintentional errors of hardware or the operating system, but also errors made by the owner of the IT system, could create conditions that prevent further operation of the system. This can even lead to both the operating system and the hardware employed becoming permanently unusable. Such a situation would not be acceptable for either the federal authorities or for other users. In addition, the newly-established mechanisms can also be used for sabotage by third parties. These risks must to be addressed.”[1]

“Loss of control over the operating system” isn’t a minor trifle. This suggests that any and all computers with this “feature” could go rogue and operate in contravention to the owners’ instructions, at the direction of some unseen entity on a network or by injection of an application through thumb drive, disk drive, CD, etc.

This also suggests that a Win 8 system using TPM 2.0 might well reject any attempts to use an alternative operating system — a so-called “secure boot” might cut off any application other than Win 8. For all intents and purposes, a machine with Win 8 and TPM 2.0 will operate to Microsoft’s orders and to the orders of whomever is ordering Microsoft these days. It’s not out of the question that Win 8 systems lacking valid TPM 2.0 might be prevented from accessing the internet or any other network.

Which begs the question: if Windows 8 and TPM 2.0 are installed, whose computer is it? Read more

Advocate of Secret Infiltration, Cass Sunstein, on Obama’s “Committee To Make Us Trust the Dragnet”

/29 Comments/in , /by

ABC reports that, along with former CIA Deputy Director Mike Morell, former Homeland Security Czar Richard Clarke, and former Obama special assistant for economic policy Peter Swire, the White House (or James Clapper — who knows at this point) has picked Cass Sunstein for its Review Committee on NSA programs.

Frankly, a lot of people are investing misplaced confidence that Richard Clarke will make this committee useful. While he’s good on a lot of issues, he’s as hawkish on cybersecurity as anyone else in this country. And as I keep pointing out, these programs are really about cybersecurity. Richard Clarke is not going to do a damned thing to rein in a program that increasingly serves to surveil US Internet data to protect against cyberthreats.

But Sunstein? Really?

As Glenn Greenwald (yeah — that Glenn; did they really think no one would raise this point?) reported back in 2010, Sunstein wrote a paper in 2008 advocating very creepy stealth measures against “conspiracy theories.”

In 2008, while at Harvard Law School, Sunstein co-wrote a truly pernicious paper proposing that the U.S. Government employ teams of covert agents and pseudo-”independent” advocates to “cognitively infiltrate” online groups and websites — as well as other activist groups — which advocate views that Sunstein deems “false conspiracy theories” about the Government.  This would be designed to increase citizens’ faith in government officials and undermine the credibility of conspiracists.  The paper’s abstract can be read, and the full paper downloaded, here.

Sunstein advocates that the Government’s stealth infiltration should be accomplished by sending covert agents into “chat rooms, online social networks, or even real-space groups.”  He also proposes that the Government make secret payments to so-called “independent” credible voices to bolster the Government’s messaging (on the ground that those who don’t believe government sources will be more inclined to listen to those who appear independent while secretly acting on behalf of the Government).   This program would target those advocating false “conspiracy theories,” which they define to mean: “an attempt to explain an event or practice by reference to the machinations of powerful people, who have also managed to conceal their role.”

And remember, a big mandate for this committee is not to review the programs to see if we can make them more privacy-protective, but simply to increase our trust in them. Which goes to the core of what Sunstein was talking about in his paper: using covert government propaganda to, in this case, better sell covert government spying.

Well, if Obama and Clapper’s rollout hadn’t already discredited this committee, Sunstein’s selection sure does.

Read more

Bradley Manning’s Sentence, Parole and Appeal Implications

/27 Comments/in , , , , , , , , , , /by

CryingJusticeOn Monday I laid out the dynamics that would be in play for the court in considering what sentence to give Bradley Manning in light of both the trial evidence and testimony, and that presented during the sentencing phase after the guilty verdict was rendered. Judge Lind has entered her decision, and Bradley Manning has been sentenced to a term of 35 years, had his rank reduced to E-1, had all pay & allowances forfeited, and been ordered dishonorably discharged. This post will describe the parole, appeal and incarceration implications of the sentence just imposed.

Initially, as previously stated, Pvt. Manning was credited with the 112 days of compensatory time awarded due to the finding that he was subjected to inappropriate pre-trial detention conditions while at Quantico. Pvt. Manning was credited with a total 1294 days of pre-trial incarceration credit for the compensatory time and time he has already served since the date of his arrest.

Most importantly at this point, Manning was sentenced today to a prison term of 35 years and the issue of what that sentence means – above and beyond the credit he was given both for compensatory time and time served – is what is critical going forward. The following is a look at the process, step by step, Bradley Manning will face.

The first thing that will happen now that Judge Lind has gaveled her proceedings to a close is the court will start assembling the record, in terms of complete transcript, exhibits and full docket, for transmission to the convening authority for review. It is not an understatement to say that this a huge task, as the Manning record may well be the largest ever produced in a military court martial. It will be a massive undertaking and transmission.

At the same time, the defense will start preparing their path forward in terms of issues they wish to argue. It is my understanding that Pvt. Manning has determined to continue with David Coombs as lead counsel for review and appeal, which makes sense as Coombs is fully up to speed and, at least in my opinion, has done a fantastic job. For both skill and continuity, this is a smart move.

The next step will be designation of issues to raise for review by the “convening authority”. In this case, the convening authority is Major General Jeffrey Buchanan, who heads, as Commanding General, the US Army’s Military District of Washington. This step is quite different than civilian courts, where a defendant proceeds directly to an appellate court.

The accused first has the opportunity to submit matters to the convening authority before the convening authority takes action – it’s not characterized as an “appeal,” but it’s an accused’s first opportunity to seek relief on the findings and/or the sentence. According to the Manual for Courts-Martial, Rule for Court-Martial 1105:

(a) In general. After a sentence is adjudged in any court-martial, the accused may submit matters to the convening authority in accordance with this rule.

(b) Matters which may be submitted.
(1) The accused may submit to the convening au­ thority any matters that may reasonably tend to af­ fect the convening authority’s decision whether to disapprove any findings of guilty or to approve the sentence. The convening authority is only required to consider written submissions.
(2) Submissions are not subject to the Military Rules of Evidence and may include:
(A) Allegations of errors affecting the legality of the findings or sentence;
(B) Portions or summaries of the record and copies of documentary evidence offered or intro­ duced at trial;
(C) Matters in mitigation which were not avail­ able for consideration at the court-martial; and
(D) Clemency recommendations by any mem­ber, the military judge, or any other person. The defense may ask any person for such a recommendation.

Once the convening authority has the full record and the defense has designated its matters for review, Buchanan will perform his review and determine whether any adjustments to the sentence are appropriate, and that will be considered the final sentence. At this point, the only further review is by a traditional appeal process.

Generally, the level of appellate review a case receives depends on the sentence as approved by the Read more

Both These Things Cannot Be True

/18 Comments/in , , /by

Last Friday, NSA’s Compliance Director John DeLong assured journalists the violations NSA reported in 2012 were “miniscule.” (I noted that the report showed some of the most sensitive violations primarily get found through audits and therefore their discovery depend in part on how many people are auditing.)

Today, as part of a story describing that NSA still doesn’t know what Edward Snowden took from NSA, MSNBC quotes a source saying NSA has stinky audit capabilities.

Another said that the NSA has a poor audit capability, which is frustrating efforts to complete a damage assessment.

(We’ve long known this about NSA’s financial auditing function, and there have long been signs they couldn’t audit data either, but apparently MSNBC’s source agree.)

For the past several months, various Intelligence officials have assured Congress and the public that it keeps US person data very carefully guarded, so only authorized people can access it.

Today, MSNBC reports NSA had (has?) poor data compartmentalization.

NSA had poor data compartmentalization, said the sources, allowing Snowden, who was a system administrator, to roam freely across wide areas.

Again, there have long been signs that non-analysts had untracked access to very sensitive data. Multiple sources agree — and possibly not just non-analysts.

While I’m really sympathetic for the people who are reportedly “overwhelmed” trying to figure out what Snowden took, we’re seeing precisely the same thing we saw with Bradley Manning: that it takes a giant black eye for intelligence agencies to even admit to gaping holes in their security and oversight.

And in NSA’s case, it proves most of their reassurances to be false.

The Bradley Manning Sentencing Dynamics

/25 Comments/in , , , , , , /by

U.S. Army Private First Class Bradley Manning stands convicted of crimes under the Uniform Code of Military Justice (UCMJ). The convictions result from two events. The first was a voluntary plea of guilty by Pvt. Manning to ten lesser included charges in February, and the remainder from a verdict of guilty after trial entered by Judge Denise Lind on July 30.

The maximum possible combined sentence originally stood at 136 years for the guilty counts, but that was reduced to a maximum possible sentence of 90 years after the court entered findings of merger for several of the offenses on August 6. The “merger” resulted from the partial granting of a motion by Mr. Manning’s attorney arguing some of the offenses were effectively the same conduct and were therefore multiplicitous. The original verdict status, as well as the revised verdict status after the partial merger of offenses by the court, is contained in a very useful spreadsheet created by Alexa O’Brien (whose tireless coverage of the Manning trial has been nothing short of incredible).

Since the verdict and merger ruling, there have been two weeks of sentencing witnesses, testimony and evidence presented by both the government and defense to the court. It is not the purpose of this post to detail the testimony and evidence per se, but rather the mechanics of the sentencing process and how it will likely be carried out. For detailed coverage of the testimony and evidence, in addition to Alexa O’Brien, the reportage of Kevin Gosztola at FDL Dissenter, Julie Tate at Washington Post, Charlie Savage at New York Times and Nathan Fuller at the Bradley Manning Support Network has been outstanding.

All that is left are closing arguments and deliberation by Judge Lind on the final sentence she will hand down. So, what exactly does that portend for Bradley Manning, and how will it play out? Only Judge Lind can say what the actual sentence will be, but there is much guidance and procedural framework that is known and codified in rules, practice and procedure under the UCMJ.

Initially, the obvious should be stated, Bradley Manning is in front of an Army court martial process under the UCMJ, and while there is Read more

The Known Details on the Lavabit Demand

/12 Comments/in , , /by

Ladar Levison’s interview with Amy Goodman yesterday was his most extensive statement about the demand he got that led him to shut down his company. I want to pull the important tidbits from that interview and this one, with Forbes’ Kashmir Hill, to collect what we know about the demand so far.

Levison told DN the entire service was insecure:

I felt that in the end I had to pick between the lesser of two evils and that shutting down the service, if it was no longer secure, was the better option. It was, in effect, the lesser of the two evils.

He told Hill that he shut down to protect all his users.

“This is about protecting all of our users, not just one in particular. It’s not my place to decide whether an investigation is just, but the government has the legal authority to force you to do things you’re uncomfortable with,” said Levison in a phone call on Friday.

The demand affected his paid users and involved him being forced to have access to the private information the system was designed to ensure he didn’t have.

And at least for our paid users, not for our free accounts—I think that’s an important distinction—we offered secure storage, where incoming emails were stored in such a way that they could only be accessed with the user’s password, so that, you know, even myself couldn’t retrieve those emails.

[snip]

in our case it was encrypted in secure storage, because, as a third party, you know, I didn’t want to be put in a situation where I had to turn over private information. I just didn’t have it. I didn’t have access to it. And that was sort of—may have been the situation that I was facing.

Levison told Hill he has complied with legal requests where the requested information was not encrypted (suggesting it involved his free users).

“I’m not trying to protect people from law enforcement,” he said. “If information is unencrypted and law enforcement has a court order, I hand it over.”

Snowden was a registered user of Lavabit, apparently under his own name.

Ladar, you were the service provider for Edward Snowden?

LADAR LEVISON: I believe that’s correct. Obviously, I didn’t know him personally, but it’s been widely reported, and there was an email account bearing his name on my system, as I’ve been made well aware of recently.

The government has prevented Levison from sharing some of the demand with his lawyer. And Levison thinks that’s because the government would be ashamed of the nature of the demand.

I mean, there’s information that I can’t even share with my lawyer, let alone with the American public. So if we’re talking about secrecy, you know, it’s really been taken to the extreme. And I think it’s really being used by the current administration to cover up tactics that they may be ashamed of.

He told Hill, too, the method they were demanding is what bothered him.

In this case, it is the government’s method that bothers him. “The methods being used to conduct those investigations should not be secret,” he said.

Update: In an interview w/MoJo, he suggests the demand pertains to bulk collection on an entire user base of people.

While Levison of Lavabit could not discuss the specifics of his case, he suggested that the government was trying to compel him to give access to vast quantities of user data. He explained that he was not opposed to fulfilling law enforcement requests that were “specific in nature” and “approved by a judge after showing probable cause,” and noted that he had responded to some two dozen subpoenas during his decade in business. “What I’m against, at least on a philosophical level,” he added, “is the bulk collection of information, or the violation of the privacy of an entire user base just to conduct the investigation into a handful of individuals.”

And suggested if they could intercept communications between the servers and the user, they could decrypt the communications.

if someone could intercept the communication between the Lavabit’s Dallas-based servers and a user, they could get the user’s password and then use that to decrypt their data.

What distinguishes this from previous subpoenas is what is so secret.

AARON MATÉ: And, Ladar, during this time, you’ve complied with other government subpoenas. Is that correct?

LADAR LEVISON: Yeah, we’ve probably had at least two dozen subpoenas over the last 10 years, from local sheriffs’ offices all the way up to federal courts. And obviously I can’t speak to any particular one, but we’ve always complied with them. I think it’s important to note that, you know, I’ve always complied with the law. It’s just in this particular case I felt that complying with the law—

JESSE BINNALL: And we do have to be careful at this point.

LADAR LEVISON: Yeah, I—

Levison questions whether it is possible to run cloud service in this country without being forced to spy on your customers.

I still hope that it’s possible to run a private service, private cloud data service, here in the United States without necessarily being forced to conduct surveillance on your users by the American government.

Levison suggests both his and Silent Circle’s unannounced shut-down served to avoid government efforts to capture data beforehand.

Mike Janke, Silent Circle’s CEO and co-founder, said, quote, “There was no 12-hour heads up. If we announced it, it would have given authorities time to file a national security letter. We decided to destroy it before we were asked to turn (information) over. We had to do scorched earth.” Ladar, your response?

LADAR LEVISON: I can certainly understand his position. If the government had learned that I was shutting my service down—can I say that?

JESSE BINNALL: Well, I think it’s best to kind of avoid that topic, unfortunately. But I think it is fair to say that Silent Circle was probably in a very different situation than Lavabit was, and which is probably why they took the steps that they did, which I think were admirable.

LADAR LEVISON: Yeah. But I will say that I don’t think I had a choice but to shut it down without notice. I felt that was my only option. And I’ll have to leave it to your listeners to understand why.

Everything is being monitored.

LADAR LEVISON: I think you should assume any communication that is electronic is being monitored.

This echoes something Levison told Forbes’ Kashmir Hill:

“I’m taking a break from email,” said Levison. “If you knew what I know about email, you might not use it either.”

Levison also told Hill his location in Texas made it harder to respond to a demand in VA.

“As a Dallas company, we weren’t really equipped to respond to this inquiry. The government knew that,” said Levison, who drew parallels with the prosecutorial bullying of Aaron Swartz. “The same kinds of things have happened to me. The government tried to bully me, and [my lawyer] has been instrumental in protecting me, but it’s amazing the lengths they’ve gone to to accomplish their goals.”

His statement shuttering the company mentioned an appeal to the Fourth Circuit, which includes VA, and the complaint against Edward Snowden was issued in EDVA.

Update: I hadn’t watched the continuation of the DN interview, where Nicholas Merrill, who challenged a National Security Letter back in 2004, came on. But as CDT’s Joseph Lorenzo Hall notes on Twitter, Levison strongly suggests his order came from the FISA Court.

LADAR LEVISON: I think it’s important to note that, you know, it’s possible to receive one of these orders and have it signed off on by a court. You know, we have the FISA court, which is effectively a secret court, sometimes called a kangaroo court because there’s no opposition, and they can effectively issue what we used to consider to be an NSL. And it has the same restrictions that your last speaker, your last guest, just talked about.

Hall also has an interesting piece on Lavabit and CALEA II that addresses issues I’ve been thinking about, in which he includes this discussion.

What did the government demand and under what authority prompted Lavabit’s shutdown? We don’t know, and that’s part of the problem. The Wiretap Act, which authorizes the government to intercept communications content prospectively in criminal investigations, indicates that a provider of wire or electronic communication service (such as Lavabit) can be compelled to furnish law enforcement with “all information, facilities and technical assistance necessary to accomplish the interception unobtrusively… .” 18 USC 2518(4). The Foreign Intelligence Surveillance Act (FISA), which regulates surveillance in intelligence investigations, likewise requires any person specified in a surveillance order to provide the same assistance (50 USC 1805(2)(B)) and so does the FISA Amendments Act with respect to directives for surveillance targeting people and entities reasonably believed to be abroad (50 USC 1881a(h)(1)). The “assistance” the government demands may include the disclosure of the password information necessary to decrypt the communications it seeks, if the service provider has that information, but modern encryption services can be designed so that the service provider does not hold the keys or passwords. Was the “assistance” that the government demanded of Lavabit a change in the very architecture of its secure email service? Was the “assistance” the installation of the government’s own malware to accomplish the same thing? Lavabit has not answered these questions outright, but it did make it clear that its concern extended to the privacy of the communications of all of its users, not just those of one user under one court order.

The Two OLC Still-Secret Memos Behind the Cross-Border Keyword Searches?

/1 Comment/in , , /by

Last week, Charlie Savage explained what this paragraph from the NSA’s targeting document means.

In addition, in those cases where NSA seeks to acquire communications about the target that are not to or from the target, SNA will either employ an Internet Protocol filter to ensure that the person from whom it seeks to obtain foreign intelligence information is located overseas, or it will target Internet links that terminate in a foreign country. In either event, NSA will direct surveillance at a party to the communication reasonably believed to be outside the United States.

Savage explained that it refers to the way the US snoops through almost all cross-border traffic for certain keywords.

To conduct the surveillance, the N.S.A. is temporarily copying and then sifting through the contents of what is apparently most e-mails and other text-based communications that cross the border. The senior intelligence official, who, like other former and current government officials, spoke on condition of anonymity because of the sensitivity of the topic, said the N.S.A. makes a “clone of selected communication links” to gather the communications, but declined to specify details, like the volume of the data that passes through them.

[snip]

The official said that a computer searches the data for the identifying keywords or other “selectors” and stores those that match so that human analysts could later examine them. The remaining communications, the official said, are deleted; the entire process takes “a small number of seconds,” and the system has no ability to perform “retrospective searching.”

The official said the keyword and other terms were “very precise” to minimize the number of innocent American communications that were flagged by the program. At the same time, the official acknowledged that there had been times when changes by telecommunications providers or in the technology had led to inadvertent overcollection. The N.S.A. monitors for these problems, fixes them and reports such incidents to its overseers in the government, the official said.

In his post on Savage’s story (which I think misreads what Savage describes), Ben Wittes focused closely on the last paragraphs of the story.

But that leaves a big oddity with respect to the story. The end of Savage’s story reads as follows:

There has been no public disclosure of any ruling by the Foreign Intelligence Surveillance Court explaining its legal analysis of the 2008 FISA law and the Fourth Amendment as allowing “about the target” searches of Americans’ cross-border communications. But in 2009, the Justice Department’s Office of Legal Counsel signed off on a similar process for searching federal employees’ communications without a warrant to make sure none contain malicious computer code.

That opinion, by Steven G. Bradbury, who led the office in the Bush administration, may echo the still-secret legal analysis. He wrote that because that system, called EINSTEIN 2.0, scanned communications traffic “only for particular malicious computer code” and there was no authorization to acquire the content for unrelated purposes, it “imposes, at worst, a minimal burden upon legitimate privacy rights.”

The Bradbury opinion was echoed by a later Obama-era opinion by David Barron, and Bradbury later wrote an article about the issue. But here’s the thing: If my read is right and the rule Savage cites permits only acquisition of communications “about” potential targets only from folks reasonably believed themselves to be overseas, these opinions are of questionable relevance. Indeed, if my reading is correct, why is there a Fourth Amendment issue here at all? The Fourth Amendment, after all, does not generally have extraterritorial application. This may be a reason to suspect that the issue is more complicated than I’m suggesting here. It may also merely suggest that someone cited to Savage a memo that is of questionable relevance to the issue at hand.

In his letter to John Brennan in January asking for a slew of things, Ron Wyden mentioned two opinions that may be the still-secret legal analysis mentioned by Savage.

Third, over two years ago, Senator Feingold and I wrote to the Attorney General regarding two classified opinions from the Justice Department’s Office of Legal Counsel, including an opinion that interprets common commercial service agreements. We asked the Attorney General to declassify both of these opinions, and to revoke the opinion pertaining to commercial service agreements. Last summer, I repeated the request, and noted that the opinion regarding commercial service agreements has direct relevance to ongoing congressional debates regarding cybersecurity legislation. The Justice Department still has not responded to these letters.

The opinions would have to pre-date January 14, 2011, because Feingold and Wyden requested the opinions before that date.

The reason I think the service agreements one may be relevant is because the opinions Ben cites focus on whether government users have given consent for EINSTEIN surveillance; in his article on it Bradbury focuses on whether the government could accomplish something similar with critical infrastructure networks.

Remember, we do know of one OLC memo — dated January 8, 2010 — that pertains to the government obtaining international communications willingly from service providers. We learned about it in the context of the Exigent Letters IG Report, which first led observers to believe it pertained to phone records.

But we’ve subsequently learned this is the passage of ECPA the OLC interpreted creatively in secret.

(f) Nothing contained in this chapter or chapter 121 or 206 of this title, or section 705 of the Communications Act of 1934, shall be deemed to affect the acquisition by the United States Government of foreign intelligence information from international or foreign communications, or foreign intelligence activities conducted in accordance with otherwise applicable Federal law involving a foreign electronic communications system, utilizing a means other than electronic surveillance as defined in section 101 of the Foreign Intelligence Surveillance Act of 1978, and procedures in this chapter or chapter 121 and the Foreign Intelligence Surveillance Act of 1978 shall be the exclusive means by which electronic surveillance, as defined in section 101 of such Act, and the interception of domestic wire, oral, and electronic communications may be conducted.

Savage’s reference to the Bradbury opinion suggests all this happens at the packet stage, which may be one (arguably indefensible) way around the electronic communications dodge.

The FBI had not relied on the opinion as of 2010, when we first learned about it. But we also know that since then, the government stopped collecting Internet metadata using a Pen Regsiter/Trap and Trace order.

We know that Feingold and Wyden, with Dick Durbin, asked for a copy of the opinion themselves shortly after the IG Report revealed it. It’s possible that the former two asked for it to be declassified.

This is, frankly, all a wildarsed guess. But Wyden certainly thinks there are two problematic OLC memos out there pertaining to cybersecurity. And Savage seems to think this process parallels the means the government is using for cybersecurity. So it may be these are the opinions.

The Clapper Review: How to Fire 90% of SysAdmins?

/23 Comments/in , , , /by

Yesterday, I noted it took just 72 hours from Obama to turn an “independent” “outside” review of the government’s SIGINT programs into the James Clapper Review of James Clapper’s SIGINT Programs.

But many other commenters have focused on the changed description of the review’s mandate. In his speech on Friday, Obama said the review would study, “how we can maintain the trust of the people, how we can make sure that there absolutely is no abuse in terms of how these surveillance technologies are used, ask how surveillance impacts our foreign policy.”

On Monday, his instruction to James Clapper said the review would, “whether, in light of advancements in communications technologies, the United States employs its technical collection capabilities in a manner that optimally protects our national security and advances our foreign policy while appropriately accounting for other policy considerations, such as the risk of unauthorized disclosure and our need to maintain the public trust.”

Both addressed public trust. But Monday’s statement replaced a focus on “absolutely no abuse” with “risk of unauthorized disclosure.”

Now, I’m not certain, but I’m guessing we all totally misunderstood (by design) Obama’s promises on Friday.

The day before the President made those promises, after all, Keith Alexander made a different set of promises.

“What we’re in the process of doing – not fast enough – is reducing our system administrators by about 90 percent,” he said.

The remarks came as the agency is facing scrutiny after Snowden, who had been one of about 1,000 system administrators who help run the agency’s networks, leaked classified details about surveillance programs to the press.

Before the change, “what we’ve done is we’ve put people in the loop of transferring data, securing networks and doing things that machines are probably better at doing,” Alexander said.

We already know that NSA’s plan to minimize the risk of unauthorized disclosure involves firing 900 SysAdmins (Bruce Schneier provides some necessary skepticism about the move). They probably believe that automating everything (including, presumably, the audit-free massaging of the metadata dragnet data before analysts get to it) will ensure there “absolutely is no abuse.”

And by turning the review intended to placate the civil libertarians into the review that will come up with the brilliant idea of putting HAL in charge of spying, the fired SysAdmins might just blame the civil libertarians.

So this review we all thought might improve privacy? Seems, instead, designed to find ways to fire more people faster.

Behind Legion of Doom: Breaking “Encrypted Electronic Communications between High Level Al Qaeda Leaders”

/10 Comments/in , , /by

[youtube]xY-wsEh6CZk[/youtube]

David Garteinstein-Ross, who did his own research into the Daily Beast Legion of Doom story, noted a couple of things via Twitter that I have been pointing to: the conference call behind the Legion of Doom scare wasn’t the first intercept, and Al Qaeda leaders on the conference call (which Eli Lake clarified wasn’t via telephone) assumed the call was secure.

3) There has been more than one intercept related to the plot. The report refers to a captured courier in addition to the conference call.

5) Many reactions to the report assume AQ completely broke OPSEC. The report states that AQ leaders assumed the call was secure.

And in the appearance above on MSNBC, he describes the conference call as,

Encrypted electronic communications between high level Al Qaeda leaders in which they were discussing this plot.

[snip]

This is encrypted communication. It’s hard to penetrate their communications. And if you make clear that we have, and which communications we’ve penetrated, then they’re simply going to adapt.

In general, that suggests that something the government got from the courier allowed them to break the encrypted conference call. And, if Gartenstein-Ross is accurately informed, that we did, in fact, break their encrypted communications.

While that doesn’t prove or disprove my outtamyarse guess that the Tor compromise had a connection to Legion of Doom, it does make it more likely.

It also means the leaks are that much more damaging, in that they would have ended the period when we had location data on operatives they didn’t realize had been exposed.

I Told You So, It’s about Cybersecurity Edition

/14 Comments/in , , , /by

When James “Least Untruthful” Clapper released the first version of PRISM success stories and the most impressive one involved thwarting specific cyberattacks, I noted that the NSA spying was about hackers as much as terrorists.

When  “Lying Keith” Alexander answered a question about hacking China from George Stephanopoulos by talking about terror, I warned that these programs were as much about cybersecurity as terror. “Packets in flight!”

When the Guardian noted that minimization procedures allowed the circulation of US person communications collected incidentally off foreign targets if they were “necessary to understand or assess a communications security vulnerability,” I suggested those procedures fit cybersecurity targets better than terror ones.

When Ron Wyden and Mark Udall caught Lying Keith (again) in a lie about minimization, I speculated that the big thing he was hiding was that encrypted communications are kept until they are decrypted.

When I compared minimization procedures with the letter of the law and discovered the NSA had secretly created for itself the ability to keep US person communications that pose a serious threat to property (rather than life or body), I suggested this better targeted cyber criminals than terrorists.

When Joel Brenner suggested Ron Wyden was being dishonorable for asking James Clapper a yes or no question in March 2013, I noted that Wyden’s question actually referred to lies Lying Alexander had told the previous year at DefCon that hid, in part, how hackers’ communications are treated.

When the Guardian happened to publish evidence the NSA considers encryption evidence of terrorism the same day that Keith Alexander spokes to a bunch of encrypters exclusively about terrorism, I suggested he might not want to talk to those people about how these programs are really used.

And when I showed how Lying Keith neglected his boss’ earlier emphasis on cyber in his speech to BlackHat in favor of terror times 27, I observed Lying Keith’s June exhortation that “we’ve got to have this debate with our country,” somehow didn’t extend to debating with hackers.

I told you it would come to this:

U.S. officials say NSA leaks may hamper cyber policy debate

Over two months after Edward Snowden’s first disclosures, the cyberwarriors are now admitting disclosures about how vast is NSA’s existing power — however hidden behind the impetus of terror terror terror — might lead Congress to question further empowering NSA to fight cyberwar.

I told you so. Read more

image_print