February 27th, 2015
New Snowden Revelations Prove the Obvious: NSA Breaks Codes, Spies on Terrorists
A blitz of new articles were posted on Thurday based upon the thumbdrive goodie bag filled with top secret documents stolen from the government by former NSA systems administrator Edward Snowden, who defected to Russia back in June. The articles covered two separate stories.
First, the new alliance of The Guardian, The New York Times and ProPublica published articles about an NSA operation code named BULLRUN, and its GCHQ counterpart EDGEHILL. (We’ll nickname this publishing alliance “Team Guardian” for brevity’s sake.) The ProPublica and The Times articles were essentially the same, while The Guardian‘s version of the story, co-authored by Snowden’s media flack Glenn Greenwald, was unique (more on its uniqueness presently). Simultaneously, The Washington Post‘s Barton Gellman covered a top secret NSA document titled “Threats to Unmanned Aerial Vehicles,” how NSA is surveilling al-Qaeda engineers who are attempting to disable unmanned aerial vehicles (UAVs or “predator drones”).
There are so many problems with these posts, some worse than others, so rather than cover everything narrative-style, here are the bullet points.
The Team Guardian Articles
Corporate Tracker Tally via Ghostery:
The Guardian: 47
The New York Times: 15-21 per page (four pages total)
(Trackers are web bugs secretly downloaded onto your computer to track and collect your clicks and demographics.)
1) The upshot: NSA breaks into encrypted files using various methods.
Surprise! NSA cracks codes! Anyone who understands the overarching mandate of NSA since it was formed in 1952 understands that NSA is tasked with cracking codes and interpreting what the encrypted data means via the detection of activity patterns, spikes in chatter and so forth. The fact that these reporters, as well as the ill-informed outrage addicts who retweeted this stuff, are treating this as alarming news shows a disturbingly limited understanding of NSA’s mission.
While The Times and ProPublica mentioned how NSA has “specialized in code-breaking” since its inception, The Guardian doesn’t. But in case anyone missed the “specialized” line and isn’t aware of NSA’s back story, there are volumes of information that have been published over the years about the agency’s history, both benevolent and not-so-constitutional. There’s even a cryptological museum and library run by NSA near its campus in Ft. Meade, Maryland. I know it’s not very hip to visit actual brick-and-mortar libraries in the age of Wikipedia, but anyone can visit this facility and peruse declassifed documents and other reference materials to learn about the ways in which NSA has cracked codes throughout its 61 year history.
This raises an important question. If NSA isn’t allowed to crack codes, what is it supposed to do, exactly? Ask nicely? This would ostensibly leave us with something similar to Robin Williams’ army intelligence character in Good Morning, Vietnam: “We walk up to someone and say, ‘Are you the enemy?’ And, if they say yes, we shoot them.”
2) Team Guardian posted the article and several PowerPoint slides in spite of warnings from government officials who reportedly said that if the articles are published they would cause damage to counter-terrorism efforts.
Buried at the very end of The Guardian‘s article, this appeared:
Intelligence officials asked the Guardian, New York Times and ProPublica not to publish this article, saying that it might prompt foreign targets to switch to new forms of encryption or communications that would be harder to collect or read.
Of course the intelligence officials asked them not to publish the article. Why? Well, obviously, criminal targets will subsequently react by augmenting their encryption methods, making it even more difficult for NSA to decrypt the intercepted communications, thus requiring the development of more powerful methods for cracking the keys. It’s a crypto arms race. Yes, anyone paying attention knows that NSA cracks codes, but to blurt it out with this kind of hair-on-fire reporting, while including details about specifically how it’s being done is simply irresponsible.
So, I wonder who Snowden thinks ought to be “shot in the balls” for this one?
3) The Times and ProPublica versions of the story levied a serious and lede-worthy accusation at the government.
The tandem articles cited “independent cryptologists” who claimed that NSA “probably” hacked into tech company computers in order to steal encryption keys and to discover new back doors into encrypted files. First of all, the few “independent cryptologists” I’ve met were firmly planted in the Alex Jones wing of the cuckoo’s nest. That’s not to say The Times‘ sources are kooks, but it’s worth noting that it’s a subculture rife with paranoiacs. Nevertheless, if these sources are accurate in spite of the “probably” hedge, there could be serious consequences for NSA and the intelligence community. If it’s untrue, it could have serious consequences for the publications injecting it into the debate. One question: why not just ask Snowden if this kind of hacking occurs? If he were to confirm it, they’d at least have a named source.
4) Internet security expert Bruce Schneier wrote a pair of unhinged side-bar articles for The Guardian explaining how to beat NSA’s code cracking techniques.
You might recall our previous brush with Schneier. He wrote an article for The Atlantic in which he claimed the government had “commandeered” the internet — odd considering that the government indeed created, regulates and finances infrastructure for the internet. This time, in addition to providing a handy-dandy guide (55 corporate trackers, by the way) to encrypting your Wonka memes, he wrote a second article in which he insists the government and corporations have “betrayed” the internet (ironically, 52 corporate trackers on this page). Again, like his post for The Atlantic, it’s wild hyperbole that draws casual readers to infer that the government controls and surveils everything. It doesn’t.
Jogging back to Schneier’s encryption guide by way of a warning: not for nothing but if you’re installing Tor and TrueCrypt to shield your iTunes library or your Game of Thrones fan-fiction from NSA, your cheese is precipitously sliding off your cracker.
5) ProPublica wrote a sidebar article about why it posted the BULLRUN article, which included the line: “U.S. wartime code-breaking was confined to military communications. It did not involve eavesdropping on civilians.”
Quoting a tweet by NSA analyst and U.S. Naval War College professor John Schindler on Thursday: “Wrong!” Until the Church Committee and subsequent regulations imposed on the intelligence community, surveillance had been conducted on civilians, Americans and otherwise, since World War I, during World War II and beyond by the various precursors to NSA, and with zero oversight or warrants. To repeat, there are libraries filled with this information. At the very minimum, Google it.
6) Greenwald made a special point of bragging about how the article proves that the U.S. and, specifically, the U.K. governments are incapable of silencing him.
Sniping from Twitter, Greenwald wrote: “It looks as though the UK Government’s efforts to bully everyone out of reporting on their surveillance behavior weren’t very fruitful #GCHQ”
He’s still tethered to his original and thoroughly debunked story about how his husband, David Miranda, was detained at Heathrow Airport simply to bully and intimidate Greenwald when, in fact, Miranda was detained because he was transporting stolen Snowden documents to and from Germany on The Guardian‘s dime. By the way, it’s always smart to taunt a government that’s conducting a criminal investigation against your spouse because you’ve irresponsibly looped him into your affairs.
7) And finally, what about warrants?
Usually, The Guardian waits ten or twelve paragraphs before sneaking into its articles a passing mention that U.S. persons can’t be targeted for surveillance without a warrant. This time, both The Times and ProPublica noted that Americans can’t be targeted without a warrant. However, The Guardian didn’t mention it at all. To be clear: your communications can’t be targeted and decrypted without a warrant.
By the way, the argument about secret courts and unchallenged warrants has to stop. No court at any level in America has a public advocate to argue against a surveillance warrant. Likewise, the issuance of such warrants are always kept secret so as to not tip off the criminal suspect who’s being surveilled. Yes, FISA is in need of some basic reforms, but this argument doesn’t hold water.
The Washington Post‘s “Threats to Unmanned Aerial Vehicles” Article
Corporate Tracker Tally: 31-52 per page (four pages)
Once again, among the various reporters and polemicists covering this beat, reporter Barton Gellman is proving to be the closest thing to an adult in the room. Even though he’s been prone to some Greenwald-style lapses in judgement, at least he’s, 1) consulted with government officials about the Snowden materials he’s published, and 2) accordingly and appropriately self-censored the areas that could seriously damage U.S. interests.
In this case, Gellman refused to publish information from the Snowden-purloined item that would allow al-Qaeda operatives to learn about various weaknesses in drone technology that would invariably be exploited. And for his prudence I’m sure he’s catching hell on social media from radical transparency purists who feel entitled to know everything about everything irrespective of consequences. Even Greenwald had to beat back a few of those yahoos yesterday.
But this inevitably leads back to Snowden. To repeat: this is an NSA report that goes into exhaustive detail about NSA surveillance of known terrorist targets who are trying to destroy U.S. predator drones. Why on earth would he abscond with a document like this? What does it possibly say about trespasses against the Fourth Amendment? Worse yet, if such a document, not unlike the Black Budget document, were to escape the grasp of various reporters who have a copy, including Wikileaks and clown sieve Julian Assange, Snowden’s theft would provide valuable information to a veritable rogues gallery of enemies. Once again, I tend to shy away from exaggerating the terrorist threat, but terrorists do indeed exist and it’s wise not to, you know, help them.
So the clock has started on the 24 Hour Rule. I wonder what bits of mitigating information will we learn about over the next day or so. Time will tell. But I suspect the lack of “there, there,” as well as outrage fatigue will slowly suffocate the impact of these stories.
CORRECTION: This article originally referenced the GCHQ program with the code name “MANASSAS.” It was actually called “EDGEHILL.” MANASSAS is the NSA predecessor to BULLRUN.
February 27th, 2015
February 27th, 2015