I’ve come up with a new coinage FUSMAL, “Fucked Up on So Many
Levels” to describe the NSA follies.
I took note of the recent Washington Post poll which found
that 60% of respondents believe that Edward Snowden’s revelations had “harmed
U.S. security.”
This represented an 11% jump over July, when 49% thought his
revelations had harmed U.S. security.
I suppose this increase, which came about equally from the
minority who thought he didn’t harm U.S. security (37% in July; 32% now) and
the undecided (down to 8% now, from 13%), can be attributed to the shift of the
focus of releases from domestic privacy violations to espionage on foreign
governments.
37% think he did “the right thing” and 55% think he did “the
wrong thing”.
It is of course interesting that, as of now, Edward Snowden
is doing “the nothing”. He gave up his
documents before he entered Russia and all the revelations, shocking and
otherwise, are the responsibility of Glenn Greenwald, the Guardian, and, yes
the Washington Post, which is perhaps anxiously waiting for some other pollster
to ask the question, “Do you think the Washington Post is doing the ‘right
thing’?”
I don’t believe that Edward Snowden “harmed U.S. security”
in a practical sense.
Snowden and his media collaborators have been sedulous in suppressing
information that would be directly helpful to America’s
enemies/competitors/China. The
revelations have, of course, created a political uproar in places like Brazil
and Germany, which have some pretenses to independent foreign policies and now
have to deal with domestic calls to decouple their internet communications from
the U.S.
However, I have a feeling that Germany, which served as home
base for a clutch of the 9/11 perpetrators and is anxious host of a lot of
Muslim immigrants and guest workers, is going to find a way to maintain its surveillance
and intelligence sharing regime with the United States even if it takes
measures to get the NSA out of Andrea Merkel’s cell phone.
So I think that Mr. Snowden, as he tucks into his bowl of
borscht with sour cream and watches his first Russian winter descend like a
great icy hammer outside his window, can console himself with the confidence
that he has not materially degraded the security of the citizens of the United
States.
IMHO the NSA, on the other hand, has done a pretty good job
of screwing up the Western world’s intelligence regime.
The root of the NSA’s problem is that it is committed to
hegemony in the global information space.
Hegemony is an understandable ambition since U.S. technology, equipment,
and infrastructure still dominate the global transmission of information.
I refer doubters about this objective to the homepage of
IARPA.
Readers may be familiar with DARPA—the Defense Advanced
Research Project Agency. It’s a
government incubator that reaches out to the academic and private sector to
develop technologies that the DoD find useful, like robotic trucks that can drive
unmanned through war zones—and an idea to link computers on opposite sides of
the country in order to efficiently utilize computing resources. You may know this successful initiative as “the
Internet”.
IARPA—the “Intelligence Advanced Research Project Activity”,
pronounced “yarpa”—is DARPA for spooks.
It’s a research agency under the Director of National Intelligence and
it pours a lot of money into things like quantum computing (the holy grail for
cracking strong encryption) because…
…well, here’s the first sentence from the statement “About [IARPA]” on the IARPA website:
The Intelligence
Advanced Research Projects Activity (IARPA) invests in high-risk, high-payoff
research programs that have the potential to provide the United States with an
overwhelming intelligence advantage over future adversaries.
The NSA’s data greed, the desire to “have it all”, is not
just a matter of organizational hubris and mission creep. It’s built into US security policy strategy. Leveraging US capabilities to dominate the
information space is seen as the key U.S. advantage in 21st century
strategic competition.
Domestically, the US government has bent and probably broken
US laws and the will of the FISA court and colluded with service providers in
order to collect US communications data.
And it has subverted the fundamental security and safety of the Internet
in order to facilitate NSA access.
Bad news is, the quest for “an overwhelming intelligence
advantage” can’t stop at America’s borders.
Since even our closest allies shrink from openly surrendering their data
sovereignty to US surveillance, the NSA has been forced to improvise a covert
network of alliances and intrusions in order to get “it all”.
The most recent report on the NSA,
by the NRC Handelsblad (a newspaper in the Netherlands) provided an interesting
graphic showing the overseas data network penetration by the NSA. It reported that the NSA had successfully
infected 50,000 computers in non-ally jurisdictions with Computer Network
Exploitation a.k.a. malware.
On the map, CNE hot spots are shown with yellow dots. China, Russia, Central Asia, Middle East, India,
Brazil, Venezuela (and Colombia!), Peru, Ecuador…lotsa dots.
I would also draw the inference that countries without
yellow dots are jurisdictions that are probably knowingly cooperating with the
NSA and therefore don’t need to be penetrated with malware.
There don’t seem to be any yellow dots in
the Five Eyes countries, for instance.
But there are also don’t seem to be any yellow dots in France, Germany,
Spain, Italy, the Scandanavian countries, Central America, Japan, Indonesia, Argentina,
or Chile.
But even our closest and most enthusiastic ally, Great
Britain, was probably subjected to covert espionage in violation of the “Five
Eyes” agreement that the telecommunications of the U.S., U.K., New Zealand,
Australia, and Canada would be mutually respected.
No doubt the metastasizing network of yellow, red, and blue
dots across the globe was regarded with joy by the NSA bigwigs. But one could also look at the network and
see each dot as an added security risk for an over-extended, undermanaged, and
insecure intelligence initiative (note that this graphic was distributed to all of the "Five Eyes").
There were tens of thousands of potential Edward Snowdens
with the necessary clearances inside the NSA and its subcontractor
agencies. There are probably thousands,
if not tens of thousands more, in intelligence agencies and IT corporations and
installations within the Five Eyes and our allies around the world.
A major breach is something not just the NSA is worrying
about. That’s undoubtedly what GCHQ and
every other allied security service is worrying about. And the risk becomes bigger as more and more
dots pop up on the board and more foreign data is shoveled into the maw of the
NSA.
And I expect foreign governments are asking themselves whether the omnivorous
U.S. demand for sigint is a matter of achieving joint security, or U.S.
unilateral information hegemony.
So we have a covert, improvised unilateral intelligence
gathering regime executed by to a significant extent by partners whose loyalty
is less than absolute and whose actions we are unable to control.
On one level, the Snowden revelations were a remarkable
one-off.
At a certain level US priorities will diverge from those of
our willing and unwilling intelligence partners.
It’s a dismal situation.
It’s FUSMAL.
Graphic from the NRC Handelsblad website http://www.nrc.nl/nieuws/2013/11/23/nsa-infected-50000-computer-networks-with-malicious-software/
Graphic from the NRC Handelsblad website http://www.nrc.nl/nieuws/2013/11/23/nsa-infected-50000-computer-networks-with-malicious-software/
The given name of the German chancellor is Angela (Angela Dorothea to be more precise), not Andrea.
ReplyDelete