Crypto's Dance

[Alert Reader pointed out the correct name for the Google Maps program as developed by the US government is "Keyhole", not "Keystone".  Herewith corrected.  Thank you, AR.]

On the rational left, Edward Snowden is close to losing the support of Kevin Drum because the most recent revelation—that the government has all sorts of ways and means to break ordinary encryption—alerted the bad guys to start being more careful with their crypto.

And if you’ve lost Kevin Drum, there’s little left on the left but China Matters and the rest of the fringe!

But…

Earlier today, in a post about the latest Edward Snowden leak, I wrote that "I'm a lot less certain that this one should have seen the light of day." After some further thought and conversation, I'm now a lot less certain I should have said that.

Here's the problem. The Guardian and New York Times stories basically revealed two things:

• The NSA has been working to deliberately weaken commercial crypto standards and insert back doors that only they have privileged access to. This is horrific public policy for at least a couple of reasons. First, the NSA tried to do this publicly in the mid-90s with the Clipper chip and export restrictions on crypto technology, and they lost. Now they're covertly doing what Congress refused to let them do overtly. Second, deliberately weakening commercial crypto exposes everyone who uses it to possible interception from bad actors who manage to discover the NSA's handiwork. There's no way the NSA can guarantee that other groups won't learn the weaknesses it's introduced (indeed, it's already happened in some cases) or somehow get access to its back doors. I have no problem at all with the Times and the Guardian disclosing this, and I'd very much like Congress to put a stop to it. 
• In addition, the NSA has been working to to improve its decryption capabilities in ways that don't degrade commercial crypto for anyone else. The details are unclear. It might involve new mathematical techniques. It might involve new computational techniques or improved computational power. It might involve old school hacking. It might involve stealing encryption keys or getting companies to give them up. It might involve the discovery of weaknesses that already exist. This is all stuff that NSA is chartered to do, and it does nothing to harm general use of commercial cryptography. However, revealing the extent of NSA's success in this area might indeed warn terrorists and others away from commercial crypto that they thought was safe, and thus degrade NSA's ability to track them. I have a hard time believing that the public interest in this outweighs the damage done to U.S. intelligence efforts.

As a practical matter, I’m not convinced that Snowden crossed the line.

The US interest in reading encrypted messages is well-known, as are its efforts to crack crypto.

The government has a publicly announced obsession with cracking crypto, which includes all sorts of projects to leverage the capabilities of networked computers, better software, and various cheats to brute force current weak cryptography.

US efforts to diddle with crypto, for instance by corrupting the open source algorithm used to generate random numbers for the keys to make encryption easier to crack, had already been reported.

If and when we get a quantum computer, it will be because the US government will spend a gazillion dollars developing the technology as the magic bullet for cracking 256 bit strong crypto.

Absent quantum computing, the government’s priority is to universalize chickenshit crypto—the kind of crypto that is breakable with a variety of tricks.  Industry is government’s willing handmaiden in this matter, as Glenn Greenwald’s piece in the Guardian reveals:

The document also shows that the NSA's Commercial Solutions Center, ostensibly the body through which technology companies can have their security products assessed and presented to prospective government buyers, has another, more clandestine role. 

It is used by the NSA to "to leverage sensitive, co-operative relationships with specific industry partners" to insert vulnerabilities into security products. Operatives were warned that this information must be kept top secret "at a minimum".

A more general NSA classification guide reveals more detail on the agency's deep partnerships with industry, and its ability to modify products. It cautions analysts that two facts must remain top secret: that NSA makes modifications to commercial encryption software and devices "to make them exploitable", and that NSA "obtains cryptographic details of commercial cryptographic information security systems through industry relationships".

Certainly, with B2B and consumer cloud computing via encrypted links on top of every tech company’s wet dream agenda, nobody wants to get tarred with the decryption brush, as a related British GCHQ guideline conveys:

A 2009 GCHQ document spells out the significant potential consequences of any leaks, including "damage to industry relationships".

"Loss of confidence in our ability to adhere to confidentiality agreements would lead to loss of access to proprietary information that can save time when developing new capability," intelligence workers were told.

Excuse me, please step aside as Google—a key member of President Obama’s brain trust, supplier of Andrew McLaughlin to serve as the White House’s Deputy Chief Technology Officer, and the people who 1) bought Keyhole global imaging technology from the CIA 2) renamed it Google Maps and 2) sells the data back to the US government—runs squealing to the front of the line to announce its existential commitment to customer security and privacy:

Google is racing to encrypt the torrents of information that flow among its data centers around the world in a bid to thwart snooping by the NSA and the intelligence agencies of foreign governments, company officials said Friday.

Thank you, Google.  Let us continue.

More to the point, when somebody’s communications are targeted by the government, there are other tools available—like putting a keylogger on the computer—to find out what’s getting typed.

Add to that my personal suspicion that, if you encrypt your e-mail, you attract the special attention of the government on general principles and the investigatory gears start grinding, whether or not your encryption is broken.

So I would say if you are tippy-tappying at your computer with the expectation that encryption is keeping your communications—and you-- perfectly safe, you haven’t been paying attention.

So Edward Snowden’s most recent revelation serves only to give clues to the clueless.

What interested me is how quickly the “Internet freedom to connect” theme was submerged by the “national security” narrative.

Even though it is open to question who’s doing a sloppy job with the nation’s secrets: according to the Guardian, Edward Snowden was one of …850,000…individuals with top security clearance and he got a gander at this secret info.

850,000.

Just in the United States.

It could also have been argued that Snowden did dissidents and activists a public service by alerting them that encrypted communications may not be secure.

As Kevin Drum pointed out, “bad guys” might be able to exploit the backdoors the government is slotting into systems in order to read encrypted communications.

As for the free world’s ability to manage and control these tools, does anybody remember the Google furor over hacked Chinese dissident e-mail accounts (which, as you undoubtedly recall, was the justification for Sergei Brin’s retreat in high dudgeon from the Chinese search engine market)?  I do:

Bruce Schneier, a well-known US cyber security expert, made waves in the IT community with an op-ed on CNN on January 23 asserting that the e-mail hacker had obtained the e-mail information by accessing Google's own internal intercept system - a program designed to enable Google to collect user information in response to US government demands.

If this is the case, the e-mail hack is more of an embarrassment for Google than anything else: an indication that Google had not only created the application to enable governments to spy on e-mail accounts, it had done such a poor job of protecting it that it could be hijacked by malicious parties.

If this is the case, the e-mail hack is more of an embarrassment for Google than anything else: an indication that Google had not only created the application to enable governments to spy on e-mail accounts, it had done such a poor job of protecting it that it could be hijacked by malicious parties.

This passage—from January 2010!—should evoke feelings of intense nostalgia for those halcyon days—of August 2013—when Snowden’s first revelations were pooh-poohed as “it’s just metadata”, just the “address on the outside of the envelope” a.k.a. no big deal.

Now it’s the whole fricking encrypted enchilada.

Therefore, ineluctably, the framing slides from “It’s no big deal, don’t pay attention” to “It’s a big frickin’ deal, it must be suppressed.”

But the idea that Chinese dissidents might be grateful for the heads up that encryption might not be secure (and, in fact, the FBI has infiltrated and subverted the precious TOR network for anonymizing communications), and be more careful as a result hasn’t gained any traction yet.

And how about the security of VPNs?

Documents show that [UK GCHQ’s] Edgehill's initial aim was to decode the encrypted traffic certified by three major (unnamed) internet companies and 30 types of Virtual Private Network (VPN) – used by businesses to provide secure remote access to their systems. By 2015, GCHQ hoped to have cracked the codes used by 15 major internet companies, and 300 VPNs.

While we’re at it, given Snowden’s *ahem* impressive knowledge of the NSA’s decryption capabilities, would anybody care to walk back those “narcissistic naif who unwittingly had his hard drives drained by Russian and Chinese intelligence” memes that were spread in the early Snowden-bashing days?

Edward Snowden and China

[Edited this post lightly for clarity/typos after I sent out the e-mail notice.  Be warned!]

First, why Hong Kong?

My answer: Because he’s a spook.

There has been no end of sniggering from the liberal Colonel Blimps that Snowden chose to reveal his identity in Hong Kong.

As in (from the Twitter feed of a journalist who relentlessly works the "unfree China" side of the street):

“Seeking refuge in Hong Kong out of devotion to free speech is a bit like seeking refuge in Tibet out of devotion to Buddhism.”

Here’s what I think:

Snowden, in addition to his career as an IT grunt, had worked on the covert operations side in Geneva.

When he thinks about what happens to him, he assumes his identity is going to be revealed.  He looks at the situations of Bradley Manning and Julian Assange.  Definitely doesn’t want to stay in the United States (Manning).  Definitely doesn’t want to take up residence in a liberal democracy which happens to be a US security partner (Assange).

He wants to control the circumstances of his exposure and obtain maximum press exposure to shape international perceptions of him and rally support before the legal hammer comes down.

He doesn’t want to take the risk of getting quickly jacked up by the legal system of a nation allied to the United States on any charge, trumped up, plausible, or genuine.

Iceland?  Pretty, snowy, let-Internet-freedom-ring-a-ding-ding Iceland?

One more problem.

He doesn’t want the local authorities and local spooks working enthusiastically with the US spooks to surveil him, harass him, help make a case against him, and button him up.  He doesn’t want to get rendered.  He would like not to get bumped off.

What countries would a CIA analyst believe to have the lowest level of cooperation with the CIA and the most pervasive counterintelligence capabilities?  Russia maybe.  China maybe. 

So he looks at a jurisdiction that a) has a liberal legal system with good protections and process and b) keeps its US spooks on a short leash.

In other words, Hong Kong.

Second, were his revelations timed to coincide with the Sunnylands summit?

I guess so, for maximum hypocrisy exposure (Snowden) and media heat (Greenwald).  My personal feeling is that it is not going to affect US-China cyberbitchslapping too much.  Both sides already have a pretty good idea of each other’s capabilities.  In fact, I would think it would be better for Xi Jinping not to take the Snowden embarrassment as an excuse to take lightly President Obama’s demands.  This is just the sort of situation in which the United States drops the hammer in order to demonstrate that it’s still the biggest bully on the block.

Third, will the PRC arrange for Snowden to be extradited to the United States?

Probably, though I think their inclination will be to let the Hong Kong legal system grind ahead with all deliberate speed, perhaps with a few discrete shoves from behind the scenes, in order to preserve Hong Kong’s reputation for judicial independence.  If President Obama can bring himself to ask really, really nicely, the PRC might resort to some sort of extraordinary intervention.

But I think Snowden knows he’s coming home, sooner or later.

Fourth, why are Snowden, Greenwald, and the Washington Post receiving anything other than the thanks of a grateful nation for revealing, not the details of individual covert operations, but information on US surveillance capabilities which are known or suspected by most insiders but unknown only to the public at large?

I have no answer for that. 

It is a rather disturbing fact that the evolution of 21st century society is driving us into a deeper awareness and appreciation of the work of that famous and famously difficult to understand French philosopher, Michel Foucault.

I will outsource this observation to the excellent Bernard over at Moon of Alabama:

Edward Snowden points to a different danger of such secret data accumulation:

[Snowden] said the [analysts and governments] labored under a false premise that “if a surveillance program produces information of value, it legitimizes it. . . . In one step, we’ve managed to justify the operation of the Panopticon.”

The Panopticon is a architectural concept for a prison where the guards can watch, unseen by the inmates, from a tower in the middle into all cells build in a circle around the tower. It leaves the inmates in a perceived state of permanent surveillance. The French philosopher Michel Foucault described the effect:

Hence the major effect of the Panopticon: to induce in the inmate a state of conscious and permanent visibility that assures the automatic functioning of power. So to arrange things that the surveillance is permanent in its effects, even if it is discontinuous in its action; that the perfection of power should tend to render its actual exercise unnecessary; that this architectural apparatus should be a machine for creating and sustaining a power relation independent of the person who exercises it; in short, that the inmates should be caught up in a power situation of which they are themselves the bearers.

The original Panopticon, like the digital version the NSA is building, takes away all feeling of privacy. Even when one is not watched, knowing that the possibility of being watched is always there, creates uncertainty and leads to self disciplining and self censorship. It is certainly a state the powers that be would like everyone, except themselves, to be in.

Well, I'll add this.  For those of you unfamiliar with concepts of penal architecture, the Panopticon was a proposal by the 18th century philosopher Jeremy Bentham.  No true Panopticons were ever constructed for reasons of technical difficulty.  The nearest thing to a true Panopticon was built in Cuba in the 1920s:

Here is the requisite ironic postscript from Wikipedia:

[T]he essential elements of Bentham's design were not only that the custodians should be able to view the prisoners at all times (including times when they were in their cells), but also that the prisoners should be unable to see the custodians, and so could never be sure whether they were under surveillance or not.

This objective was extremely difficult to achieve within the constraints of the available technology, which is why Bentham spent so many years reworking his plans. Subsequent 19th-century prison designs enabled the custodians to keep the doors of cells and the outsides of buildings under observation, but not to see the prisoners in their cells. Something close to a realization of Bentham's vision only became possible through 20th-century technological developments – notably closed-circuit television (CCTV) – but these eliminated the need for a specific architectural framework.