What Would It Take for the Government to Obtain Google’s Counter-Terror Ads Algos?

Some weeks ago, the government went to Silicon Valley to ask for new ways to counter ISIS’ propaganda. We’re now seeing the response to that request, with the report that Google will show positive ads when people search for extremist content.

In a new development, Google said it’s testing ways to counter extremist propaganda with positive messages on YouTube and in Google search results.

Google executive Anthony House told MPs that taking extremist videos down from YouTube isn’t enough, and people searching for that content should be presented with competing narratives:

We should get the bad stuff down, but it’s also extremely important that people are able to find good information, that when people are feeling isolated, that when they go online, they find a community of hope, not a community of harm.

There are two programs being tested by Google to make sure the positive messages are seen by people seeking out extremist content: one to make sure the “good” kind of videos are easily found on YouTube; and another to display positive messages when people search for extremist-related terms.

The second program involves giving grants to nonprofit organizations to use Google AdWords to display competing ads alongside the search results for those extremist-related terms.

If Google wants to do this, that’s fine.

But I’m wondering about the legal standard here. It’s unclear whether Google will only show these “positive” (whoever and however that gets defined) when people search for “extremist” content, or whether they’ll show Google ads to those whose email content reflects an interest in “extremist” material.

In both cases, however, Google will use material that counts as “content” to decide to show these ads.

And then what happens? That is, what happens to Google’s records determining that these users should get that content? Do the records, stripped of the content itself, count as a third party record that can be obtained with a subpoena? Or do they count as content?

Congress hasn’t passed legislation requiring tech companies to report their terrorist users. But does having Google use its algorithms to determine who is an extremist give the government a way to find out who Google thinks is an extremist?

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

Friday Morning: Nasty Habits

I got nasty habits; I take tea at three.
— Mick Jagger

Hah. Just be careful what water you use to make that tea, Mick. Could be an entirely different realm of nasty.

Late start here, too much to read this morning. I’ll keep updating this as I write. Start your day off, though, by reading Marcy’s post from last night. The claws are coming out, the life boats are getting punctured.

Many WordPress-powered sites infected with ransomware
Your next assignment this morning: check and update applications as out-of-date versions of Adobe Flash Player, Adobe Reader, Microsoft Silverlight, or Internet Explorer are most prone to this new wave of ransomware affecting WordPress sites. Back up all your data files to offline media in case you are hit with ransomware, and make it a habit to back up data files more frequently.

Planes inbound to the UK from regions with Zika virus may be sprayed
Take one tightly-closed oversized can, spray interior with insecticide, then insert humans before sealing for several hours. This sounds like a spectacularly bad idea to me. What about you? Yet this is what the UK is poised to do with planes flying in from areas with frequent Zika infections.

Comcast a possible smartphone service provider
NO. I don’t even have Comcast, yet I think this company is one of the worst suited to offering smartphones and service to their users. The company has expressed interest in bidding on spectrum for wireless, however. Comcast has struggled for years with one of — if not THE — worst reps for customer service. How do they think they will manage to expand their service offering without pissing off more customers?

AT&T obstructing muni broadband
No surprise here that AT&T is lobbying hard against more broadband, especially that offered by communities. The public knows there’s a problem with marketplace competition when they don’t have multiple choices for broadband, and they want solutions even if they have to build it themselves. When AT&T annoys a Republican lawmaker while squelching competition, they’ve gone too far. Keep an eye on this one as it may shape muni broadband everywhere.

Volkswagen roundup
VW delayed both its earnings report scheduled March 10th and its annual meeting scheduled April 21. The car maker says it needs more time to assess impact of the emissions control scandal on its books. New dates for the report and meeting have not been announced.

Volkswagen Financial Services, the banking arm of VW’s holding company structure which finances auto sales and leases, suffers from the ongoing scandal. Ratings firms have downgraded both the bank and parent firm. Not mentioned in the article: potential negative impact of emissions control scandal on VW’s captive reinsurer, Volkswagen Insurance Company Ltd (VICO).

Both the Justice Department and the Environmental Protection Agency filed a civil suit against VW in Detroit this week. Separate criminal charges are still possible.

That’s a wrap, I’m all caught up on my usual read-feed. Get nasty as you want come 5:00 p.m. because it’s Friday!

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

DEQ Employees Seem Unwilling to Take the Fall for Flint

During yesterday’s Congressional hearing — and really, since the Governor’s hand-picked Task Force first gave him an interim report in December — employees from Michigan’s Department of Environmental Quality have come in for most of the blame for poisoning Flint.

But today, Progress Michigan published some emails that suggest DEQ’s employees are unwilling to take the fall, at least not by themselves. They show that in March of last year, a supervisor in Gennesee County’s health department wrote people in Flint and at DEQ asking for help with data on water quality after getting no response to a FOIA in January 2015.

Screen Shot 2016-02-04 at 6.55.25 PM

In the email, the supervisor noted that a spike in Legionnaires coincided with the switch to Flint’s water. Jerry Ambrose was then the Emergency Manager of Flint; it’s unclear why he was using a GMail address as EM.

In the next few days, officials at DEQ exchanged some panicked emails, pretty much blaming Flint for the non-response, noting that DEQ “became peripherally aware” of the spike in Legionnaires, but also bitching about the Genesee County supervisor suggesting that it might be tied to the switch to Flint river water.

Screen Shot 2016-02-04 at 7.02.07 PM

It appears that panicked email was printed out by then DEQ Director Dan Wyant’s assistant, Mary Beth Thelen, then initialed by Wyant, presumably indicating he had read it.

Also included on that email, though, was Harvey Hollins.

As I noted here, in December, in response to a recommendation from Governor Snyder’s hand-picked Flint Task Force, the governor picked Hollins to be the single “independent” person overseeing response to the Flint crisis. It was absurd to pick him in the first place, because (as this shows) Hollins had been personally involved all along. But he is, at least on paper, in charge of response.

In other words, the email chain shows that both Snyder’s hand-picked EM and the guy in charge of liaising with Flint knew, over a year ago, that Legionnaires (which has since killed at least 9 people) might be tied to the water switchover.

Progress Michigan doesn’t note how they came by this email. But it’s pretty clear it was Wyant’s personal copy of it. In December — in response to another suggestion by the Task Force — Snyder had Wyant resign. Since then, Attorney General Bill Schuette pointed to Wyant’s resignation (which he originally expressed sadness about) to justify opening up his own investigation into the crisis.

All of which suggests to me that Wyant is unwilling to be the sole scapegoat for this crisis.

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

Data Mining Research Problem Book, Working Thread

Yesterday, Boing Boing liberated a fascinating 2011 GCHQ document from the Snowden collection on GCHQ’s partnership with Heilbronn Institute for Mathematical Research on datamining. It’s a fascinating overview of collection and usage. This will be a working thread with rolling updates.

In addition to BoingBoing’s article, I’ll update with links to other interesting analysis.

[1] The distribution list is interesting for the prioritization, with 4 NSA research divisions preceding GCHQ’s Information and Communications Technology Research unit. Note, too, the presence of Livermore Labs on the distribution list, along with an entirely redacted entry that could either be Sandia (mentioned in the body), a US university, or some corporation. Also note that originally only 18 copies of this were circulated, which raises real questions about how Snowden got to it.

[9] At this point, GCHQ was collecting primarily from three locations: Cheltenham, Bude, and Leckwith.

[9-10] Because of intake restrictions (which I believe other Snowden documents show were greatly expanded in the years after 2011), GCHQ can only have 200 “bearers” (intake points) on “sustained cover” (being tapped) at one time. Each collected at 10G a second. GCHQ cyclically turns on all bearers for 15 minutes at a time to see what traffic is passing that point (which is how they hack someone, among other things). Footnote 2 notes that analysts aren’t allowed to write up reports on this feed, which suggests research, like the US side, is a place where more dangerous access to raw data happens.

[10] Here’s the discussion of metadata and content; keep in mind that this was written within weeks of NSA shutting down its Internet dragnet, probably in part because it was getting some content.

Roughly, metadata comes from the part of the signal needed to set up the communication, and content is everything else. For telephony, this is simple: the originating and destination phone numbers are the metadata, and the voice cut is the content. Internet communications are more complicated, and we lean on legal and policy interpretations that are not always intuitive. For example, in an HTTP request, the destination server name is metadata (because it, or rather its IP address, is needed to transmit the packet), whereas the path-name part of the destination URI is considered content, as it is included inside the packet payload (usually after the string GET or POST). For an email, the to, from, cc and bcc headers are metadata (all used to address the communication), but other headers (in particular, the subject line) are content; of course, the body of the email is also content.

[10] This makes it clear how closely coming up as a selector ties to content collection. Remember, NSA was already relying on SPCMA at this point to collect US person Internet comms, which means their incidental communications would come up easily.

GCHQ’s targeting database is called BROAD OAK, and it provides selectors that the front-end processing systems can look for to decide when to process content. Examples of selectors might be telephone numbers, email addresses or IP ranges.

[11] At the Query-Focused Dataset level (a reference we’ve talked about in the past), they’re dealing with: “the 5-tuple (timestamp, source IP, source port, destination IP, destination port) plus some information on session length and size.”

[11] It’s clear when they say “federated” query they’re talking global collection (note that by this point, NSA would have a second party (5 Eyes) screen for metadata analysis, which would include the data discussed here.

[11] Note the reference to increased analysis on serious crime. In the UK there’s not the split between intel and crime that we have (which is anyway dissolving at FBI). But this was also a time when the Obama Admin’s focus on Transnational Crime Orgs increased our own intel focus on “crime.”

[12] This is why Marco Rubio and others were whining about losing bulk w/USAF: the claim that we are really finding that many unknown targets.

The main driver in target discovery has been to look for known modus operandi (MOs): if we have seen a group of targets behave in a deliberate and unusual way, we might want to look for other people doing the same thing.

Continue reading

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

Thursday Morning: Better than a Week

You know the joke: 4:30 p.m. is better than an hour away from 5:00 p.m., right? Thursday is better than a week away from the weekend. For folks traveling home for the Lunar New Year holiday in China, there are four days left to get home, and the train stations are crazy-full. But today is better than five days away from family and friends.

Goldman Sachs questions capitalism
YEAH. I KNOW. I did a double-take when I read the hed on this piece. In a GS analysts’ note they wrote, “There are broader questions to be asked about the efficacy of capitalism.” They’re freaking out because the market isn’t acting the way it’s supposed to, where new entrants respond to fat margins generated by first-to-market or mature producers.

I wonder how much longer it will take them to realize they killed the golden goose with their plutocratic rewards for oligopolies? How long before they realize this isn’t capitalism at all?

Whistleblower tells Swiss (and banks) to get over themselves on whistleblowing
Interviewed last week, former UBS banker Bradley Birkenfeld said, “We have to make some changes in Switzerland — it’s long overdue … The environment there is hostile toward people exposing corruption.” Birkenfeld’s remarks prod Swiss lawmakers currently at work on whistleblowing legislation. When passed, the law is not expected to offer protections employees have in the U.S. and the UK (and we know those are thin and constantly under attack). But perhaps the law will prevent cases like Nestle SA’s suit against a former executive who disclosed food safety risks. That suit and another alleging a former UBS employee libeled the bank may be affected assuming the EU adopts the same approach toward whistleblowing and corruption reduction.

“Computer failure” at IRS halts acceptance of tax return e-filings
No details about the nature of the “computer failure” apart from a “hardware problem” or “hardware failure” appeared in any reports yesterday afternoon and overnight. The IRS expects to have repairs completed today to allow e-filings once again; filings already submitted are not affected.

FBI agent on new car purchases: entering ‘wild, wild west’
Four cybersecurity experts spoke at a meeting of the Automotive Press Association in Detroit yesterday, one of whom was an FBI cyber squad agent. The feedback from the speakers wasn’t reassuring, apart from the observation by a specialist from a start-up automotive cyber security firm that they did not know of a “real world incident where someone’s vehicle was attacked and taken over remotely by someone hacking into the vehicle.” A lawyer whose firm handles automotive industry cyber threats undercut any feeling of relief with an observation that judges aren’t savvy about cyber crime on vehicles. I think I’ll stick with my old school car for a while longer.

The Repair Coalition formed to protect the ‘Right to Repair’
Speaking of old school car, I hope I can continue to get it repaired in the future without worrying about lawsuits for copyright violations. We’ve already seen tractor owners in conflict with John Deere over repairs, and exemptions to copyright for repair have been granted only after tedious and costly effort, and then to the farmer only, not to their mechanic. Hence the emergence of The Repair Coalition, which takes aim at repealing the DMCA’s Section 1201 — terms in it make it illegal to “circumvent a technological measure that effectively controls access to a work protected under [the DMCA].”

It’s long been an American ethic to “Use it up, wear it out, make do, or do without,” an ethic we need to restore to primacy if we are to reduce our CO2 footprint. Repairing rather than tossing goods is essential to our environmental health, let alone a necessity when wages for lower income workers remain stagnant.

That’s a wrap — I could go on but now we’re better than a day away from Friday. Whew.

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

The Government’s Classified Briefing to HJC: A New Certificate?

As I noted, after years of legislating Section 702 of the FISA Amendments Act in public, yesterday the House Judiciary Committee had a closed hearing on it, which raises all sorts of questions about what has changed.

The agencies presenting to the committee did provide an unclassified statement for the record that is mostly stuff we know (one of the most interesting details is that it considers upstream telephony collection to be a different kind of collection than upstream Internet collection). But it does provide 3 examples of things that it would explain to the committee in classified session. One is utterly predictable: examples of counterterrorism intelligence obtained under Section 702.

Section 702 collection is a major contributor to NSA’s counterterrorism reporting and on other topics as well. Since its enactment in 2008, the number of signals intelligence reports issued by NSA based at least in part on Section 702 collection has grown exponentially. CIA and FBI state that they have acquired highly valuable and often unique intelligence through Section 702 collection. Numerous real-life examples that demonstrate the broad range of important information that the Intelligence Community has obtained can be provided to the Committee in a classified setting. While these examples which identify specific targets and operations must remain classified, the following declassified example provides just one instance of the many contributions Section 702 has made to our national security.

Of course, the IC shouldn’t be permitted to present such things in secret, as so many of their cases have been shown to be bogus (or not provided 702 notice) in the past. It is now down to one unclassified case — Najibullah Zazi — where they used 702, and that wasn’t even all that central (which may be why they never did get 702 notice).

The other two are more interesting. They include:

  • What certificates the government has approved: “The Government will describe in a classified setting the certification or certifications under which the Government is currently acquiring foreign intelligence information.”
  • The contributions of Section 702 data to other kinds of foreign intelligence collection: “The Board further acknowledged the Section 702 program’s value in acquiring other foreign intelligence information, examples of which can be provided in a classified setting.”

Recall, as late as 2011, the IC was known to have 3 certificates a counterterrorism certificate, a counterproliferation one, and a foreign government one, which serves as a grab bag. Because it was so obvious the IC was using Section 702 for cybersecurity, I mistakenly claimed they had a cyber certificate, but as late as 2012, they had not yet obtained one. Perhaps the IC needed classified session to explain all this.

But how weird would it be to brief HJC on a Section 702 cyber certificate while DHS and DOJ are implementing OmniCISA, which will enable upstream searches for cyber signatures within the US? Perhaps that’s what they were doing, but it would be interesting timing.

Which makes me wonder, again, about whether there’s another kind of certificate, perhaps one targeted at Tor?

In any case, there is something significant about the set of certificates the IC has or is asking for (probably the former, given that it makes a big show here of releasing the documents tied to the 2014 certification process, but not those tied to the 2015 certification process).

I’m sure that’s not the only thing the IC wanted to brief HJC on in secret. But it does appear to be one thing they did brief in secret. (Side note: I have reason to believe the IC did not tell the truth, even within the IC, about what certificates they got at the beginning of the PRISM process, so at least this would suggest they’re now being more forthcoming.)

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

Wednesday Morning: Full of Whoa

CapagnoloFrontBrakes_BillGracey-FlickrWhoa. Halt. Stop. The brakes need firm application, even mid-week.

Zika virus infects media with crappy reporting
I can’t tell you how many times in the last 24 hours I yelled at my computer, “Are you f****** kidding me with this crap?” With so many news outlets focused on hot takes rather than getting the story right, stupidity reached pandemic levels faster than mosquito-borne viruses. And all because Dallas County health officials and the Center for Disease Control used the words “sexually transmitted” in reference to a new Zika case in the U.S.

The following sampling of heds, tweets, and reports? WRONG.

  • US reports first case of sexually transmitted Zika in Texas (Gizmodo, io9)
    [Not the first sexually transmitted case in the U.S., just the first in Texas]
  • First US case of the Zika virus infection was sexually transmitted, officials say (Verge)
    [Not the first U.S. case of Zika virus]
  • The first known case of the #ZikaVirus contracted within the US confirmed in Dallas (Newsweek)
    [Not the first known case of Zika contracted within the U.S.]
  • The first case of the #ZikaVirus contacted within the US was through sexual transmission (Newsweek)
    [Neither the first sexually transmitted case in the U.S. or the first contracted within the U.S.]
  • The First Sexually Transmitted Case of the Zika Virus Is Confirmed in Texas (Slate)
    [Not the first sexually transmitted case in the U.S.]

The first case in which Zika virus was contracted inside the continental U.S. occurred in 2008. This was the first sexual transmission of the virus in the continental U.S. as well. Scientist Brian Foy had been studying Zika in Senegal during an outbreak; he had been infected by the virus, became ill, and was still carrying the virus when he came home to Colorado. His wife became infected though she had not traveled abroad, had not been bitten by a mosquito, and children residing in their home did not contract the virus. More details on the case can be found here.

The first cases of Zika virus in the U.S. in this outbreak were not locally transmitted inside the U.S., but contracted outside the continental 48 states and diagnosed on return here. States in which cases have been reported include Hawaii, New York, Virginia, Arkansas, Florida, and now Texas — in the case of the traveler who brought the disease home and infected their partner through sex.

It’s incredible how very little effort many news outlets put into researching the virus’ history or the case in Texas. Bonus points to Newsweek for trying to get it wrong in multiple tweets for the same story.

Best reporting I’ve read so far has been WaPo’s piece on the new Dallas cases, and WIRED’s collection of Zika reports. The CDC’s site on the Zika virus can be found here.

Gonna’ be a massive Patch Day for F-35 sometime soon
Whether or not Monday’s earthshaking sonic booms over New Jersey were generated by F-35 test flights, there’s still a long and scary list of bugs to be fixed on the fighter jet before it is ready for primetime. Just read this; any pilot testing these now is either a stone-cold hero, or a crazed numbnuts, and they’d better weigh between 136 and 165 pounds to improve their odds of survival.

Oral Roberts University mandates students wear FitBits for tracking
Guess the old “Mark of the Beast” is interpreted loosely at ORU in Oklahoma. Fitness is measured on campus by more than theological benchmarks. Begs the question: who would Jesus monitor?

The last straw: Fisher Price Wi-Fi-enabled toys leave kids’ info out in the open
Fisher Price is the fourth known manufacturer of products aimed at children and their families in which the privacy and safety of children were compromised by poor information security. In this case, Smart Toy Bears are leaking information about their young owners. Maybe it’s about time that either the FCC or FTC or Congress looks into this trend and the possibility toy makers are not at all concerned with keeping their youngest customers safe.

EDIT: #FlintWaterCrisis
Forgot to note the House Oversight and Government Reform Committee will hold a hearing on lead contaminated drinking water in Flint, Michigan at 9:00 a.m. EST. C-SPAN3 will carry the hearing live.

Tap the brakes a few more times before you take off, eh? It’s all downhill from here.

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

Why Is the Postal Inspection Service Investigating the Flint Water Crisis?

I hope to have a further update about the ongoing effort to bury the Flint water crisis before the Oversight and Government Reform hearing on Wednesday morning.

But in the meantime I wanted to point to this passage, helpfully dropped out of the US Attorney’s investigation in Detroit:

The Federal Bureau of Investigation said on Tuesday it was joining a criminal investigation of lead-contaminated drinking water in Flint, Michigan, exploring whether laws were broken in a crisis that has captured international attention.

Federal prosecutors in Michigan were working with an investigative team that included the FBI, the U.S. Postal Inspection Service, the U.S. Environmental Protection Agency’s Office of Inspector General and the EPA’s Criminal Investigation Division, a spokeswoman for the U.S. Attorney’s Office in Detroit said.

An FBI spokeswoman said the agency was determining whether federal laws were broken, but declined further comment.

I’m actually not at all surprised FBI is involved in this investigation. That sort of comes with the territory of a US Attorney investigation, it seems.

But the US Postal Inspection Service? Here’s the kind of crime they investigate:

Report these issues to the U.S. Postal Inspection Service online:

  • Mail fraud May include scams or deceptive ads via the mail, or postage fraud.
  • Mail theft Under Inquiry Type, select Problem. Under Customer Service, select Support, and Mail Theft. Under Additional Information, explain why your complaint is mail theft-related.
  • Identity theft
  • Unsolicited Sexually Oriented Advertising

If you believe you’re a victim of fraud related to the U.S. Mail, including mailed sweepstakes, lotteries, on-line auctions, work-at-home scams or chain letters, report your concern to the U.S. Postal Inspection Service as mail fraud.

They often get brought in as an investigative partner if the government needs to track what has been mailed, and mail fraud charges can serve as hand add-on charges in cases where someone used the mail to help commit a crime.

I can imagine a lot of things the FBI might be investigating. But I know of no facts, thus far, that involve mail-related crimes.

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

The Origins of Totalitarianism Part 5: Artistic and Intellectual Elites and the Rise of Fascism

Previous posts in this series:

The Origins of Totalitarianism Part 1: Introduction.

The Origins of Totalitarianism Part 2: Antisemitism

The Origins of Totalitarianism: Interlude on the Tea Party

The Origins of Totalitarianism Part 3: Superfluous Capital and Superfluous People

The Origins of Totalitarianism: Interlude on The Commons

Capitalism Versus The Social Commons (published at Naked Capitalism; discusses privatization using Rosa Luxemburg theory)

The Origins of Totalitarianism Part 4: Humanity under Totalitarianism

The Origins of Totalitarianism: Interlude on Right-Wing Authoritarianism

Arendt uses the term “elites” to mean the highly trained and educated intellectuals in Germany and Austria, and artists and composers and writers who together make up the intelligentsia. She begins by describing the breakdown of the class structure in those countries, “…when the smugness of spurious respectability gave way to anarchic despair….” The elites hated the pretensions of the bourgeoisie, hated the class structures they imposed to support their positions and oppress the rest of the people, and hated the bogus morality they proclaimed in public and ignored in private. For decades, they assaulted the bourgeoisie, sometimes with satire, sometimes more directly, with attacks against their conventional religion and philosophy. They welcomed the First World War, hoping that it would wipe out the existing culture. After the war they hrejected restoration of the prior structures.

Arendt attributes two desires to individual members of the post-war elites: the desire for anonymity, for losing themselves in the midst of the people; and a yearning for violence to wipe out any remaining influences of the old bourgeoisie morality and respectability.

These people felt attracted to the pronounced activism of totalitarian movements, to their curious and only seemingly contradictory insistence on both the primacy of sheer action and the overwhelming force of sheer necessity. This mixture corresponded precisely to the war experience of the “front generation,” to the experience of constant activity within the framework of overwhelming fatality. P. 331.

The violence of the totalitarian movements was attractive to these elites precisely because it seemed to be a “ …kind of philosophy through which to express frustration, resentment, and blind hatred, a kind of political expressionism which used bombs to express oneself, which watched delightedly the publicity given to resounding deeds and was absolutely willing to pay the price of life for having succeeded in forcing the recognition of one’s existence on the normal strata of society.” P. 332 Arendt refers to this as a temporary alliance between the mob and the elites. In Part 3, we saw the distinction between the mob and the masses. The former are the unemployable, who at least shared some of the morality and attitudes of the class to which they once belonged or aspired to. The elites were thrilled to see the mob attack respectability, for example, when the steel barons were forced to accept the housepainter Hitler.

Arendt claims that the elites believed that all of the theories they were raised to accept had failed utterly and spectacularly and had caused enormous damage. Even the bourgeoisie had only the public appearance of morality. In private their morals were those of the mob. It thrilled the elites to see the academic theories that had nurtured them, theories like dialectical materialism, replaced with crackpot ideas and conspiracy theories. In this atmosphere it was wonderful to shove the faces of the bourgeoisie in their hypocrisy, and to express the anger and cruelty hidden behind their public faces. There were no limits to this decadent idea, as the French writer Celine showed in his Notes for a Massacre, in which he proposed to kill all the Jews.

Andre Gide was publicly delighted in the pages of the Nouvelle Revue Frangaise, not of course because he wanted to kill the Jews of France, but because he rejoiced in the blunt admission of such a desire and in the fascinating contradiction between Celine’s bluntness and the hypocritical politeness which surrounded the Jewish question in all respectable quarters. How irresistible the desire for the unmasking of hypocrisy was among the elite can be gauged by the fact that such delight could not even be spoiled by Hitler’s very real persecution of the Jews, which at the time of Celine’s writing was already in full swing. P. 335.

The current form of this idiocy is the ranting from the Republicans about political correctness. We don’t have time for political correctness, says Trump, merely speaking more frankly than his dog-whistle competition, and handing out a license to his followers to express their misogynist, homophobic, racist and other irrational hatreds.

Arendt also tells us that the elites recognized that the bourgeoisie were deeply cynical about the government. They operated it for their benefit in secret, and publicly claimed that all of their policies would benefit the rest of society. This blatant hypocrisy added to the hatred of the elites for the rich. Once they were content with the teachings of Karl Marx, who thought that the state would wither away. After WWI, that wasn’t radical enough for the elites. They wanted action at the price of anarchy and violence. But when the leftists tried to overthrow the bourgeoisie and the post-WWI government, the Social Democrats sicced the right-wing Freikorps on them and killed them and their intellectual leaders, including Rosa Luxemburg.

Of course the project of dismantling the 19th Century morality and certainty of the middle classes continues today among some of our elites. Just look at the ideas about truth espoused by Richard Rorty (a follower of John Dewey), or the attacks on fundamentalist religion from Sam Harris and others, or this from the New York Times Magazine:

In person, [Rachel] Bloom comes across as someone who takes honesty to its natural conclusion. “I like deconstructing things, ….. I like cutting the legs out from under something that feels secret. Something that’s like — ‘Oh, breasts are sexy.’ They’re floppy, Jell-O-filled sacks! In high school, I was once watching the surgery channel and ended up watching a breast reduction. The inside of a breast is disgusting. It looks like the inside of a couch.”

Arendt’s elites have been playing this game of epater le bourgeoisie, shock the middle class, for decades, and there is no end in sight. It’s a fun game, with no physical violence, and no real effect on politics or public life. Today, it’s pretty much self-neutering. Elite discussions of performance art or post-structuralism are irrelevant to the lives of practically everyone.

There are many lessons in Arendt’s story for the Sanders wing of the Democratic Party and for Trump Republicans. Among them is the simple fact that the rich and powerful people will use every tool to preserve their power and wealth.

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

NSA Reorganizing in Manner that Directly Conflicts with President’s Review Group Recommendation

Back in 2013, the President’s Review Group recommended that NSA’s defensive function — the Information Assurance Directorate — be removed from NSA. I’ve put the entirety of that recommendation below, but PRG recommended the change to:

  • Eliminate the conflict of interest between NSA’s offensive and defense functions
  • Eliminate the asymmetry between the two functions, which can lead the defensive function to be less visible
  • Rebuild trust with outside cybersecurity stakeholders

Not only didn’t President Obama accept that recommendation, but he pre-empted it in several ways, before the PRG could publicly release their findings.

[O]n Thursday night, the Wall Street Journal and New York Times published leaked details from the recommendations from the review group on intelligence and communications technologies, a panelPresident Obama set up in August to review the NSA’s activities in response to theEdward Snowden leaks.

The stories described what they said were recommendations in the report as presented in draft form to White House advisors; the final report was due to the White House on Sunday. There were discrepancies in the reporting, which may have signaled the leaks were a public airing of disputes surrounding the review group (both articles noted the results were “still being finalized”). The biggest news item were reports about a recommendation that the director of the NSA(Dirnsa) and Cyber Command positions be split, with a civilian leading the former agency.

Before the final report was even delivered, the White House struck. On Friday, while insisting that the commission report was not yet final, national security council spokesperson Caitlin Hayden announced the White House had already decided the position would not be split. A dual-hatted general would continue to lead both.

By all appearances, the White House moved to pre-empt the results of its own review group to squelch any recommendation that the position be split.

Today, Ellen Nakashima reports that NSA will go further still, and completely merge its offensive and defensive missions.

In place of the Signals Intelligence and Information Assurance directorates, the organizations that historically have spied on foreign targets and defended classified networks against spying, the NSA is creating a Directorate of Operations that combines the operational elements of each.

[snip]

Some lawmakers who have been briefed on the broad parameters consider restructuring a smart thing to do because an increasing amount of intelligence and threat activity is coursing through global computer networks.

“When it comes to cyber in particular, the line between collection capabilities and our own vulnerabilities — between the acquisition of signals intelligence and the assurance of our own information — is virtually nonexistent,” said Rep. Adam B. Schiff (Calif.), the ranking Democrat on the House Intelligence Committee. “What is a vulnerability to be patched at home is often a potential collection opportunity abroad and vice versa.”

But there have been rumblings of discontent within the NSA, which is based at Fort Meade, Md., as some fear a loss of influence or stature.

Some advocates for the comparatively small Information Assurance Directorate, which has about 3,000 people, fear that its ability to work with industry on cybersecurity issues will be undermined if it is viewed as part of the much larger “sigint” collection arm, which has about eight times as many personnel. The latter spies on overseas targets by hacking into computer networks, collecting satellite signals and capturing radio waves.

While Nakashima presents some conflicting views on whether IAD will be able to cooperate with industry, none of the comments she includes addresses the larger bureaucratic issue: that defense is already being shortchanged in favor of the glitzier offensive function.

But Edward Snowden did weigh in, in response to a comment I made on this onTwitter.

When defense is an afterthought, it’s not a National Security Agency. It’s a National Spying Agency.

It strikes me this NSA reorganization commits the country to a particular approach to cybersecurity that will have significant ramifications for some time. It probably shouldn’t be made with the exclusive review of the Intelligence Committees mostly in secret.


We recommend that the Information Assurance Directorate—a large component of the National Security Agency that is not engaged in activities related to foreign intelligence—should become a separate agency within the Department of Defense, reporting to the cyber policy element within the Office of the Secretary of Defense.

In keeping with the concept that NSA should be a foreign intelligence agency, the large and important Information Assurance Directorate (IAD) of NSA should be organizationally separate and have a different reporting structure. IAD’s primary mission is to ensure the security of the DOD’s communications systems. Over time, the importance has grown of its other missions and activities, such as providing support for the security of other US Government networks and making contributions to the overall field of cyber security, including for the vast bulk of US systems that are outside of the government. Those are not missions of a foreign intelligence agency. The historical mission of protecting the military’s communications is today a diminishing subset of overall cyber security efforts.

We are concerned that having IAD embedded in a foreign intelligence organization creates potential conflicts of interest. A chief goal of NSA is to access and decrypt SIGINT, an offensive capability. By contrast, IAD’s job is defense. When the offensive personnel find some way into a communications device, software system, or network, they may be reluctant to have a patch that blocks their own access. This conflict of interest has been a prominent feature of recent writings by technologists about surveillance issues.

A related concern about keeping IAD in NSA is that there can be an asymmetry within a bureaucracy between offense and defense—a successful offensive effort provides new intelligence that is visible to senior management, while the steady day-to-day efforts on defense offer fewer opportunities for dramatic success.

Another reason to separate IAD from NSA is to foster better relations with the private sector, academic experts, and other cyber security stakeholders. Precisely because so much of cyber security exists in the private sector, including for critical infrastructure, it is vital to maintain public trust. Our discussions with a range of experts have highlighted a current lack of trust that NSA is committed to the defensive mission. Creating a new organizational structure would help rebuild that trust going forward.

There are, of course, strong technical reasons for information-sharing between the offense and defense for cyber security. Individual experts learn by having experience both in penetrating systems and in seeking to  block penetration. Such collaboration could and must occur even if IAD is organizationally separate.

In an ideal world, IAD could form the core of the cyber capability of DHS. DHS has been designated as the lead cabinet department for cyber security defense. Any effort to transfer IAD out of the Defense Department budget, however, would likely meet with opposition in Congress. Thus, we suggest that IAD should become a Defense Agency, with status similar to that of the Defense Information Systems Agency (DISA) or the Defense Threat Reduction Agency (DTRA). Under this approach, the new and separate Defense Information Assurance Agency (DIAA) would no longer report through intelligence channels, but would be subject to oversight by the cyber security policy arm of the Office of the Secretary of Defense.

Tweet about this on TwitterShare on RedditShare on FacebookGoogle+Email to someone

Emptywheel Twitterverse

emptywheel @mariojrusso Over and over we've seen that when Feds allow themselves to rely on few providers (MIC, banks, KBR) bad things happen
2mreplyretweetfavorite
emptywheel @mariojrusso When we tried to make JPMC & Citi play by rules stopped making loans @charles_gaba @xpostfactoid1 @armandodkos @princessmom122
3mreplyretweetfavorite
emptywheel @mariojrusso Good point but I fear once you have private SP they'll start cheating @charles_gaba @xpostfactoid1 @armandodkos @princessmom122
3mreplyretweetfavorite
emptywheel @mariojrusso & what incentive to use leverage to make better medical decisions? @charles_gaba @xpostfactoid1 @armandodkos @princessmom122
5mreplyretweetfavorite
emptywheel @mariojrusso Sure. But what incentive would they have to pass on? @charles_gaba @xpostfactoid1 @armandodkos @princessmom122
5mreplyretweetfavorite
emptywheel @mariojrusso Right now (bc of consolidation) we're headed to private SP. Dangerous @charles_gaba @xpostfactoid1 @armandodkos @princessmom122
11mreplyretweetfavorite
emptywheel @ncardozo I got to read my uncle's files on Apollo program after he died. All paper, no security, in the basement! @PogoWasRight @mattblaze
12mreplyretweetfavorite
emptywheel @mariojrusso I'm concerned abt that, especially given mandate @charles_gaba @xpostfactoid1 @armandodkos @princessmom122
13mreplyretweetfavorite
bmaz RT @chrislhayes: effects that exacerbated mass incarceration on local level, and racist understandings of the issue. That said, it strikes …
16mreplyretweetfavorite
bmaz RT @chrislhayes: That is to his great credit, because as damaging as the policies of the 90s were, the rhetoric was just as damaging. It cr…
16mreplyretweetfavorite
bmaz RT @chrislhayes: into the reactionary tropes around "super predators" and tough on crime. See his prescient '94 floor speech https://t.co/G
17mreplyretweetfavorite
February 2016
S M T W T F S
« Jan    
 123456
78910111213
14151617181920
21222324252627
2829