Friday Squid Blogging: Giant Squid as an Omen

An omen of what?

An increase in the number of giant squid being caught along the Sea of Japan coast is leading puzzled fishermen to fear their presence may be some kind of 'omen' -- although experts think the invertebrate are simply a bit cold.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Posted on March 21, 2014 at 4:31 PM • 148 Comments

Comments

R ForemanMarch 21, 2014 6:41 PM

It's an omen that Goldman Sachs is spawning too many illegitimate chillden.

FigureitoutMarch 21, 2014 10:30 PM

Brian L
--Good talks, Snowden in a robot was kind of freaky lol. Wasn't really swayed w/ Ledgett's arguments. I noticed one bit, where he mentions protecting American's communications, and he only mentioned the president, the military, and "allies" (those ones we spy on too and infiltrate their companies); but not the American people. He wasn't able to specify an instance where agents were brought into harm's way from leaks. And I don't know what he was on about Dallas Cowboys and his work lanyard...wtf? Another one: "We eat our own dogfood."--Ledgett.

Snowden said there's even bigger stories on the way...

DBMarch 22, 2014 1:49 AM

@ kashmarek the US government is of the opinion that as long as they can somehow claim it's not "intentionally" done to Americans, literally ANYTHING is legal, since no laws apply overseas. You want to steal, murder, kidnap, plunder and pillage? Just do it to "someone else" and everything's ok... We are the master race apparently, see, and nobody else is of consequence or even considered human.

DBMarch 22, 2014 4:18 AM

@ herman Our government is not "bound" by those... they're more like suggestions than real laws, according to our government. We're the most powerful, everyone else should bow and kiss our feet and do what we want. Those lower life forms called "foreigners" only exist to serve us, right?

If I'm sounding a bit over the top, I'm making a point, not saying this is how it should be. The point is, maybe we shouldn't "just trust" the most powerful, it's too easy for it to go to their heads? ...and that's why there exists a constitution and a bill of rights, and if we won't apply basic morals and rights to foreigners, then who are we? nazis?

Sancho_PMarch 22, 2014 7:00 AM

@DB:
“Nazi” is history. Today it is “Naci” (nationalcapitalism).

TesfalemMarch 22, 2014 8:17 AM

ChipWhisperer: An Open-Source Platform for Hardware Embedded Security Research

- Document (PDF): http://cryptome.org/2014/03/chip-whisperer.pdf
- View PDF online: http://view.samurajdata.se/

Partial quote from 1st page (1/18):

"This paper introduces a complete side channel analysis toolbox inclusive of the analog capture hardware, target device, capture software, and analysis software. The highly modular design allows use of the hardware and software with a variety of existing systems. The hardware uses a synchronous capture method which greatly reduces the required sample rate, while also reducing the data storage requirement and improving synchronization of traces. The synchronous nature of the hardware lends itself to fault injection, and a module to generate glitches of programmable width is also provided. The entire design (hardware and software) is open-source, and maintained in a publicly available repository. Several long example capture traces are provided for researchers looking to evaluate standard cryptographic implementations."

Keywords: side-channel analysis, acquisition, synchronization, FPGA

2398nfMarch 22, 2014 11:12 AM

@DB and @Sancho_P: “Nazi” is history. Today it is “Naci” (nationalcapitalism).

Today it is fascism, a form of statism where the means of production are nominally owned by the citizens, but actually controlled by the government through regulations and licenses.

According to statist ideology, individuals are a means to the end of the state rather than being ends in themselves. In this way, people are regarded as cells in a larger organism, the state.

That is why the government's position on individual rights is so important. If the legal system protects individual rights, then there is no fascism. But if the government violates individual rights to serve some other end, then the character of society changes to statism of one form or another.

In the present context, the NSA has subverted the constitution which was instituted to protect individual rights. They have violated the highest law of the land, which puts us in the position of having no rule of law.

The default law is the law of the jungle.

kashmarekMarch 22, 2014 11:16 AM

Well, if this doesn't take the cake...

Mute witness: forensic sketche from nothing but DNA

http://science.slashdot.org/story/14/03/22/088232/mute-witness-forensic-sketches-from-nothing-but-dna

I think this is really stretching the FUD factor for identification. DNA sample? We have already seen that such "samples" can be so incomplete as to fail to identify who they came from (similar to the flaws of fingerprints). It seems one would need a full DNA sequence to even imagine this is possible.

BenniMarch 22, 2014 12:21 PM

There was this relative silence from DER SPIEGEL recently. Now we know why.

It typically happens before their next story:

http://www.spiegel.de/netzwelt/netzpolitik/spiegel-nsa-spioniert-chinesische-staatsfuehrung-und-huawei-aus-a-960151.html

NSA spied on Hu Jintao, the chinese ministry for trade, various chinese banks, and chinese telecommunication firms.

With most emphasis of the spying being put on Huawei, where nsa infiltrated Huaweis network at 100 places, spying not only on emails of Huawei employees (including Huawei boss Ren Zhengfei ), but getting the source code of Huawei products.

"We have so many data, that we do not know what to do with them, says an nsa spy. Reason for targetting Huawei was that many nsa targets use products from them"

Thats a typical SPIEGEL relevation. It can be assumed, that soon, nsa will have a similar relationship to these journalists, as the BND, where every month or so, a secret operation is made public.


BenniMarch 22, 2014 2:33 PM

The english article says "Editor's note: A longer version of this story will appear in German in the issue of SPIEGEL to be published on Monday."

This is usually the case, however, i believe after a month or so, they are making their more detailed print articles available with their search engine. In order to get all spiegel articles on spies, it apparently does not suffice to put only the names of the agencies into the search machine. Spies are usually called "Schlapphüte" or "Schlapphut" by the journalists. The search term below will catch most articles, I think

http://goo.gl/6nLSOs

Clive RobinsonMarch 22, 2014 2:38 PM

OFF Topic :

A little while ago the subject of a "basic income" or stipend / pension was discussed on the squid pages.

Well it appears others think the subject is worthy of discussion in a multipart look,

http://hawkins.ventures/post/80304090196/it-is-time-for-basic-income

Importantly they point out why it is neither communism or socialism, and also point out that the current wealth redistribution is "by political favour" and is usually costly to administer.

As many who read this blog know "by political favour" is a polite way of saying "by corupt political favour as a result of lobying" and thus even if "basic income" was cost nutural it would still significantly benifit society by putting a limitation on politicians and reducing the oportunity for them to be corrupt.

SkepticalMarch 22, 2014 3:04 PM


A story about the NSA spying on China, including details of what it compromised and when.

Does Der Spiegel realize, or care, that it may have done a huge amount of damage to US and Allied operations in the PRC?

This is a story that provides zero benefit to the free world in terms of security, that reveals no wrongdoing of any sort, and that is quite likely to harm current intelligence operations.

And of course it is published just before President Obama and President Xi Jinping are scheduled to meet next week.

Let me put this bluntly: WTF was Snowden thinking when he took this and gave it to journalists and activists around the world? WTF was Der Spiegel thinking when it decided to publish?

BuckMarch 22, 2014 3:32 PM

Perhaps he was thinking something along the lines of... "Wow! It's just too easy to obtain unfettered access to these millions of classified documents... Surely all militaries of any significance would already have moles embedded amongst the tens or hundreds of thousands of government contractors with authorized access to this information. By releasing these docs to the public, I can possibly help to mitigate the existential crisis caused by the ever widening gap between the need-to-knowers & the no-need-to-knowers!"

Though I'm still confused by the failure to release all the dox... :-\
By now, certainly enough time has passed to remove all documented agents from harm's way!
Having journalists as the solely known gatekeepers of this public information is even more dangerous... In addition to foreign intelligence services probably already having access to the database, now even common criminals have a better opportunity to obtain this information before the rest of us! (No offense intended towards those involved in the publication process, but you have to admit that your OpSec is obviously not defense-quality, and you're just as susceptible to HumInt and implants as everyone else is)...

FigureitoutMarch 22, 2014 3:40 PM

Skeptical
--I think it would be wrong-doing if a foreign intel agency hacked into a US company, getting all source code, designs, and eavesdrops on internal networks; to copy the product and steal that profit or to seek ways to maliciously exploit it. Not acceptable behavior.

Maybe Snowden was thinking, in a proclaimed democracy, the people need to know how tax-money is being spent, what are the benefits (or costs on top of costs) of the spending. More stories are coming so get your popcorn; we can't have privacy neither can you. And now all the agents have an excuse for being bad at their jobs and they'll still find a way to waste money chasing people that make them jealous; so win-win in worthlessness.

BenniMarch 22, 2014 3:48 PM

@Skep: Don't you know the history of DER SPIEGEL?
Here is something on english on that

http://en.wikipedia.org/wiki/Spiegel_scandal

Once there was a lawsuit in germany,

http://www.berliner-zeitung.de/archiv/enthuellungsjournalismus-unter-chefredakteur-stefan-aust---spiegel--redakteure-sind-verunsichert-freund-und-feind,10810590,9799564.html

during which it was revealed, that SPIEGEL would pay around 100.000 Deutsche Mark for informations, with the offer to pay additional 150.000 Deutsche Mark, if the informations would lead to the resignation of a chief-minister of a german state, and to the resignation of the german president.

This magazine is after heads.

Often, the tactics is, to reveal something, then to wait, until some politician says something stupid, and then to publish a second article only to reveal that the politician was completely wrong.


This was also noted by the intercept:

https://firstlook.org/theintercept/article/2014/03/13/nsa-elected-officials-foreign-countries-unaware-countries-cooperation-us/

"In Germany, when Der Spiegel first reported last June that the NSA was engaged in mass spying aimed at the German population, "

Then, the german head of the chancellery, Ronald Pofalla made a press conference, saying that this nsa data is fed up to the nsa by the german BND from Bad Aibling, and that the data would merely concern Afghanistan. Pofalla also said that the nsa affair would be on its ending.

Accordingly, DER SPIEGEL revealed documents showing extensive cooperation between the NSA and the German spy agency BND. And, sometiles later, DER SPIEGEL finally revealed, the TAO catalogue.

And Pofalla never got a chair for a ministry in germany again. Pofalla then planned to take a job offer from the german railway. SPIEGEL published this plans too, and Pofalla soon faced protests that his plans would conflict with his independence as a member of parliament.


The former german chancellor Helmut Kohl officially said that he does not read DER SPIEGEL.

Because Kohl feared that magazine, and because, Kohl knew, if he would comment on an article in this magazine, he could not be sure that SPIEGEL then later would reveal a second article only to show that any one of the comments from Kohl were wrong.

Well, this sounds very negatively, but this magazine actually has a very good side.

German politicians must be extremely careful in all their decisions, since they can be sure, all what they are doing is checked for errors by these journalists. Thats what the press should to: correct the politicians.

Usually, each month, BND operations get published in DER SPIEGEL. This has certainly shaped the german secret service somehow.

Perhaps the nsa will ultimately become a different organization after it got thoroughly checked by SPIEGEL.

After all, only revelations like this are able to enforce a true reform of this agency. In order to get rid of the nsa's bulk collections, articles like these are necessary.

Certainly, the chinese government will now kindly support an ending of nsa surveillance.


.

Sancho_PMarch 22, 2014 4:58 PM

@Skeptical:
Please see my comment @Sam:
https://www.schneier.com/blog/archives/2014/03/mystic_the_nsas.html#c5034645”

The damage was done by:

a) Thinking to be exceptional, hypocritical, as a nation.
b) Proudly documenting that and collecting these documents.
c) Thinking to keep this wrongdoing secret, despite of thousands of participants.
d) Not securing that mess so that it can be stolen in clear, not only by Snowden.

Mankind is on the brink (personally I think beyond), but they play “spooks for the nation’s sake”, wasting our time.

"… Publication may not be enough - but it is the only means without all other attempts will fail.”
(Joseph Pulitzer 1847-1911)

yesmeMarch 22, 2014 5:04 PM

@skeptical,

Let me put this bluntly: WTF was Snowden thinking when he took this and gave it to journalists and activists around the world?

Troll alert went off.

But hey, if you believe all that crap you should better listen to guys like Bush, Cheyney, Rumsfeld and even Obama. They know what's best. O btw, they caused two wars and bankrupt the USA. (small details) Oh and they also created lots of enemies with their polarisation. Sorry I also forgot the Patriot Act (a beauty), gitmo, some nasty drone strikes and countless of lies.

You as an American patriot should be prowd of that.

DBMarch 22, 2014 5:06 PM

@ Skeptical WTF are you thinking, that it's perfectly ok to steal from any innocent company anywhere in the world. You are literally worse than Hitler. If it's not perfectly ok for everyone to steal from you personally, then it should not be ok to steal from anyone else. Stop treating foreigners worse than dogs. Stop being the worst scourge on the planet.

DBMarch 22, 2014 5:34 PM

@ Benni this whole "make a more general release, wait for top politician to insert foot into mouth, then make a much more specific followup release detailing what a stupid liar they are" cycle is how the Snowden material release process has been working since the beginning, by several media outlets. This particular release is not only by Spiegel, but also in conjunction with NYT.

BenniMarch 22, 2014 5:36 PM

The funny thing is:

The second largest deptee of the US is:

The people republic of china:

http://translate.google.de/translate?sl=de&tl=en&js=n&prev=_t&hl=de&ie=UTF-8&u=http%3A%2F%2Fwww.spiegel.de%2Fwirtschaft%2Fsoziales%2Fus-haushaltsstreit-die-groessten-glaeubiger-der-usa-im-ueberblick-a-928124.html&act=url

So these TAO operations were the US way to say "thank you" to china for lending their own money.

Well and with this money, China is now able to put some pressure on certain points in the US. Perhaps with China's help, the nsa gets a decent reform.

This BND official has, after months and months of revelations from SPIEGEL just one last wish:

http://www.spiegel.de/spiegel/print/d-9278001.html

He wishes the magazine may stop to always calling BND agents spooks.

It is this level to which the NSA should be grounded. It is very good that the NSA now has its SPIEGEL affair.

Probably, many persons in the US government are seing now an "abyss of treason in the country". Like Konrad Adenauer in the germany of 1950s

For Germany, this lead to an important development of the civil society.

SkepticalMarch 22, 2014 6:20 PM

@Figureitout: I think it would be wrong-doing if a foreign intel agency hacked into a US company, getting all source code, designs, and eavesdrops on internal networks; to copy the product and steal that profit or to seek ways to maliciously exploit it. Not acceptable behavior.

There's nothing unethical about an intelligence agency (whether American, Chinese, Russian, Israeli, Spanish, or other) attempting to penetrate another government's communications. That is what these agencies are created to do.

If a government is going to buy something, whether it be a F-22 or a router, from a private company, then it's perfectly ethical for a foreign intelligence agency to attempt to gain information from that company.

If this story were about the NSA giving confidential intellectual property of Huawei to US companies so that US companies could profit, then I'd agree that the story would be revealing of an enormous scandal.

But that's not what the story is about. The story is: NSA penetrates some parts of Huawei in effort to collect intelligence on the PRC government, and possibly other governments as well. That's what a signals intelligence agency does. Unless you think all espionage is unethical, there is zero unethical conduct in the report.

How do you envision the discussion happening at the NSA if they adhere to your rules?

"So, any progress on China?"

"We were thinking about trying to get a look at some of the source code of software used in their government communication systems."

"Good idea! We might spot something they missed, and then we'll have more of a window into what they're doing."

"Yeah, but turns out that they're using a private company to write the software."

"Darn. Are we sure they're a private company? Large companies in China and the government are sometimes SOEs in all but name."

"We don't really know, but better not to risk intruding into a foreign company's privacy."

"So true. Remember when that CIA officer admitted to the IG that he trespassed into a PRC defense contractor's HQ? Everyone was really upset when he did that. Trespassing is a serious crime in China, and we have to respect their laws when we conduct espionage against them."

Maybe Snowden was thinking, in a proclaimed democracy, the people need to know how tax-money is being spent, what are the benefits (or costs on top of costs) of the spending.

As a democracy we have established, by law, intelligence agencies, the function of which is to gather intelligence of national security interest to the United States. As a democracy we expect a fair amount of what those agencies do to be classified, because there's no way to tell 314 million people about something and expect other governments not to hear about it.

And I assure you that if we held referendum tomorrow on whether the NSA should collect intelligence on the PRC, the result wouldn't be in doubt.

BenniMarch 22, 2014 7:02 PM

@Skeptical:

Now what are you thinking is the "advocacy centre" for, where the us companies get first hand information from the nsa for the purpose of "levelling the playing field" and "winning in the bidding arena"? Please look at the documents below:

http://www.heise.de/tp/artikel/7/7743/1.html
http://www.heise.de/tp/artikel/7/7744/1.html
http://www.heise.de/tp/artikel/7/7749/1.html
http://www.heise.de/tp/artikel/7/7747/1.html
http://www.heise.de/tp/artikel/7/7752/1.html
http://www.heise.de/tp/artikel/7/7796/1.html

Once the nsa breaks into Huawei, it is certain that the us companies know what Huawei is doing. Of do you think the nsa stole Huawei sourcecode just for their own curiosity?
If you think the nsa does not give its information to us companies, what do you think is this advocacy centre for?

Do you think this centre is just for talking about the weather during lunch, or what?

DBMarch 22, 2014 7:05 PM

@Skeptical, apparently you are just fine then with the Chinese breaking into your personal computers at home, or even literally breaking down your physical home front door, to steal your papers, right? You shouldn't complain, it's perfectly legal for them, it's what they're supposed to be doing... After all, you might be a sysadmin and have a password written down somewhere that they need, so it's all ok... RIGHT???

@Benni, thanks for your reference to Konrad Adenauer... I did some reading on that... very interesting.
http://www.newyorker.com/online/blogs/closeread/2013/10/when-journalists-are-called-traitors-from-the-spiegel-affair-to-snowden.html
http://www.theguardian.com/commentisfree/2013/oct/10/spies-journalism-security-daily-mail-editorial
http://www.theguardian.com/world/2013/oct/10/guardian-democracy-editors

FigureitoutMarch 22, 2014 7:07 PM

Skeptical
As a democracy we have established
--No we have not at all. Do not lie goddamit; be true to yourself. The political system in this country is an absolute failure, that's why I switched to engineering, it's heading to 100% trainwreck. NSA was created secretly, undemocratically in 1952 (allegedly) and had much earlier origins. The end of that paragraph alludes to "we need to lie b/c foreign agents will get that info". That is the behavior I'm targeting in ALL nations, it is all immoral and wasting resources on sh*t we can't afford now. And you know what? We wouldn't even have to worry about China being an economic threat if the financial leaders in this country didn't SELL OUT this country by outsourcing and moving factories to nations for cheap labor, leading to cheap products that now potentially have sophisticated backdoors. What a total mess. Our world cannot afford all this stupid espionage wasting resources.

We didn't buy any Huawei routers, the gov't bucked up the free market and restricted another product being used in the US. Maybe if they actually encouraged actual secure product develop in the US this wouldn't even be a problem (I cue Nick P as he has covered this issue extensively). And how do we know info wasn't passed along, more investigations need to happen to determine if that's true.

BuckMarch 22, 2014 7:36 PM

@Clive Robinson re: "basic income"

I see the authors have conveniently circumvented my concerns regarding so-called 'resource capture' issues and the scheme's acceptability being really only meant for the "already privileged" (Posted March 14, 2014: https://www.schneier.com/blog/archives/2014/03/friday_squid_bl_417.html#c4970300 ), with one simply & perfectly worded prerequisite:

For the purposes of this series of blog posts, we will be discussing the issue from a US centric lens, but practically speaking much of the world could move this direction shortly.
Although, I'm still highly interested in seeing what else they have to say in the rest of the series!

EleventackleMarch 22, 2014 8:07 PM

On topic: maybe it's Jormungandr starting to wake up for ragnarok :P

BenniMarch 22, 2014 8:24 PM

@DB:

About the SPIEGEL affair, which made the magazine DER SPIEGEL famous, the english wikipedia article has something:

http://en.wikipedia.org/wiki/Spiegel_scandal although

The german wikipeida article has more info and links

http://de.wikipedia.org/wiki/Spiegel-Aff%C3%A4re

All began with this document from SPIEGEL in 1962:

http://www.spiegel.de/spiegel/print/d-25673830.html

which published that the german armies were not capable to defend against the russians.

This is an english spiegel article on the affaire that then begun:

http://www.spiegel.de/international/germany/50th-anniversary-of-the-spiegel-affair-a-857030.html

where journalists were accused of terrorism, a chancellor saw an abyss of treason in the country, and at the end, several ministers had to resign.

For some time, the government put the editors of Spiegel into jail and searched through the rooms of the journal. Not only that. Historically interesting is this newer spiegel article on the affair, where Spiegel uncovered secret files in 2012 that showed how the government wanted to silence the journalists in 1962:

http://www.spiegel.de/spiegel/print/d-88656050.html

The government simply wanted to destroy the newspaper entirely. For this, the BND was asked to send spooks for infiltrating the magazine.

This article

http://www.spiegel.de/spiegel/print/d-88656052.html

describes, how BND spooks unsuccessfully tried to infiltrate and manipulate DER SPIEGEL

In the files, it can be read that the spooks counted it as a success, if they found that SPIEGEL wanted to translate an article into english. A state secretary always got very angry because the BND never succeeded to even get the content of DER SPIEGEL just one day before it was published.

Spiegel goes after these early BND spooks until this day. In 2013,

http://www.spiegel.de/spiegel/print/d-91675497.html

Spiegel found a new document, that shows how the ministry of defense and the ministry of the chancellor made the BND to write a negative report that the court asked for during the trial where the spiegel editors were in jail in 1962.

By giving his material to SPIEGEL, Snowden gave it actually to the one magazine that has perhaps the worlds most intense experience on how to successfully cope with spooks.

It just about time, that the nsa gets its well deserved workout from this magazine.

Nick PMarch 22, 2014 8:38 PM

@ Clive Robinson

Thanks for the link. It builds on previous discussions here about the law being so broad that most (or all) innocent people are law breakers. I didn't previously focus on prosecutor's discretion, though. That's important to think about. Increasing their accountability is the only solution. That the essay focuses on both immunity and incentives is smart. That the author tries to rig the incentives to also cause less prosecutions is a nice bonus.

SkepticalMarch 22, 2014 8:39 PM


@DB: If I were a person with foreign intelligence of interest to the PRC (which, to be clear, I'm not; if I were I wouldn't be leaving comments on the subject), I would fully expect their foreign intelligence agencies to attempt to access that information. Would I think it immoral that they're attempting to do so? No. Would I try to stop them? Of course.

@Benni: Once the nsa breaks into Huawei, it is certain that the us companies know what Huawei is doing.

There is no evidence at all that this is true. To date, not a single item of information reported from the Snowden documents shows any commercial espionage being conducted by the NSA. Sorry. The best information we have indicates that the US Government does not conduct commercial espionage (which occurs when information from one company is stolen and given to another company in order to benefit the latter commercially).

More relevantly, there is not any evidence of commercial espionage in the Der Spiegel story, or in the NYT.

Of do you think the nsa stole Huawei sourcecode just for their own curiosity?

Read the slides that were published with the story.

@Figureitout: NSA was created secretly, undemocratically in 1952 (allegedly) and had much earlier origins.

The NSA was created by President Truman in 1952 (he was elected), who acted within his constitutional powers to reorganize the collection of foreign communications intelligence by establishing the National Security Agency. Here is the declassified directive doing so.

Prior to this, of course, the National Security Act of 1947 established the CIA; so let's not pretend that intelligence collection and analysis is somehow outside the purview of the executive branch or is an activity carried on in contravention of the democratic will of the people.

The end of that paragraph alludes to "we need to lie b/c foreign agents will get that info". That is the behavior I'm targeting in ALL nations, it is all immoral and wasting resources on sh*t we can't afford now.

No, I said that we expect the government to keep certain intelligence operations confidential. That's not the same as "lie to us."

We wouldn't even have to worry about China being an economic threat if the financial leaders in this country didn't SELL OUT this country by outsourcing and moving factories to nations for cheap labor, leading to cheap products that now potentially have sophisticated backdoors.

No, the concern is not that China is an economic threat. The policy of the US government has been, for some years now, to encourage free trade. This policy does enable things like outsourcing, but it also means that China is not viewed by the government as an "economic threat."

The concern about China from a foreign policy perspective is that as it continues to build militarily it will use its power aggressively in East Asia with respect to various disputes it has with other nations in that region and especially in connection with Taiwan.

This type of expansion has the potential, at some point, to cause a serious conflict.

Because China is not a democratic country, and because authority in their government, particularly with respect to the connections between the military, the Chinese Communist Party, and the government, is opaque, and because China publishes very little accurate budgetary information concerning their military spending, the US, and every nation in that region, is concerned about the potential for miscalculation and conflict in the future.

While the US prefers that China continue to become a part of the international system, trading and co-existing peacefully with its neighbors, history teaches us that such an outcome sometimes fails to occur.

Therefore the US has walked a careful line with its allies in that region, seeking to engage China in productive relations while at the same time both deterring China from being too aggressive and preparing for various contingencies.

Intelligence collection is a hugely important part of the effort to successfully help China integrate into the international system while avoiding conflict (but while preparing for that contingency should it occur). Because China is still a very closed society politically, visibility into the political thinking of the various parts of its government is difficult. So good intelligence collection is necessary to avoid a misreading of PRC intentions or plans. Misperceptions by the US or the PRC in this area could have grievous consequences.

Let me put it more bluntly. Good intelligence collection in China is part of what will enable the US and China to avoid a war in the future (or, if it does occur, it's part of what will enable the US to win while limiting damage). So it's pretty damn important; and therefore it's outrageous that this was compromised by Snowden.

What a total mess. Our world cannot afford all this stupid espionage wasting resources.

Listen, you and I will never disagree that the US Government wastes a lot of money, and that a lot of politics is petty and slimy (that's not all it is of course, but a lot of it is). But neither the US, nor anyone else, can afford for the US to NOT collect intelligence on China. This is an incredibly dangerous place (for the US and allies, AND for China) for the US to lack visibility.

Do you know what a serious topic of discussion is right now among the foreign policy community? Whether the current period in East Asia is analogous to the 1920s in Europe (with some pretty big qualifications, since there are obviously a lot of differences) in the respect that you have a rising power without a democratic government, a lot of territorial disputes between that rising power and its neighbors, and a lot of old enmities between nations in that region.

In other words, whether things in East Asia transition to a new, good status quo, or whether they evolve into a much more tense situation fraught with the possibility of miscalculations and conflict, is an open question.

This isn't about Cisco vs Huawei. It's about something much, much bigger, and much more important. And that's why I'm especially disturbed by this leak.

Nick PMarch 22, 2014 9:10 PM

Secrecy or Disclosure? How about Snowden or Cheney?

The Guardian article another commenter linked had many interesting statements from the various editors publishing leaks. Looking at history as evidence, I think the head of Slate (Weisberg) grand slammed them with this statement:

"Both the Guardian and the New York Times redacted or held back WikiLeaks documents that could have placed lives in danger. The Washington Post has been cautious and selective in publishing the Snowden material. Contra the Daily Mail, our best journalists very much are security experts, often with a better ability to make balanced judgments about disclosure than their security-cleared counterparts. Editors must weigh the potential security harm of public revelation again the certain damage to democratic accountability that comes from a public kept in the dark. It bears noting that in historical terms, the downside of disclosure has been very small, while the cost of secrecy has been enormous." (my emphasis added)

A recent example to compare the Snowden/Wikileaks efforts to is the Iraq war. It was planned ahead of time and achieved with lies. Secrecy was instrumental in getting it started and keeping it going. Truth came out eventually despite govt fighting that. The total cost, present and future, is estimated at $1-6 trillion depending on who you ask. Hundreds of thousands of lives were needlessly lost, with thousands to tens of thousands on our side. Our international reputation, which had high backing right after 9/11, went swirling. The collateral damage of the war inspired even more fundamentalists to hate us, except now with very personal motivations (eg "killed my family").

This was what secrecy of military-intelligence organizations gave us. Snowden, considered the worst disclosure in their history, *might* cost our industry tens of billions of dollars, has killed somewhere from zero to few people, and only inspired anti-American attitudes in the people America was covertly attacking. The damage of the worst disclosure is only a tiny fraction of what US government's typical secrecy can cause. A pre-war disclosure with the strength of Snowden's would've saved my grandchildren trillions of debt and the lives of many American's.

Even from a purely pro-American perspective, I'll take the Snowden's over the Cheney's any day. Only one category repeatedly cost us money and blood measured by the truckload while earning high payoffs safely away from the warzones. That's not the kind of people wise Americans should support. It can only cost us more.

JacobMarch 22, 2014 9:40 PM

@Skeptical

Re commercial espionage, if the CIA is into it, rest assure that the NSA provides a helping hand.

Enlighting article "contemplating" about doing that, but signing with "Gees, that would be great but damn, we are not allowed" :
https://www.cia.gov/library/center-for-the-study-of-intelligence/kent-csi/vol37no2/html/v37i2a02p_0001.htm

However, here is the proof (source: motherjones.com 1994):
"... President Clinton made no mention of the CIA. But in interviews, three separate U.S. officials acknowledged that the CIA is already providing the government with information about Japanese auto technology. And since the formation of the Partnership for a New Generation of Vehicles, such information may be readily available to Chrysler, Ford, and GM.

Susan Tierney, assistant secretary of energy, coordinates the Department of Energy's role in the car project, including the work of the DOE's high-tech laboratories. She says that U.S. officials "get economic intelligence reports frequently about what areas of research other governments are sponsoring." Asked whether the CIA provides data on foreign automakers, she replies, "We've been analyzing what they're doing. It should be no surprise to anybody."

Ellen Seidman, an official at the White House's National Economic Council, says that the White House is concerned that Japanese auto companies may have already taken the lead in some technologies. "There's a lot going on in Japan, and we think the CIA knows something about what [Japanese automakers] are doing," she says.

"We hear rumors on that. I really don't know what [the CIA] knows, but I do have a pretty good idea that they're paying attention to it," Seidman says. "Every once in a while people tell me that there's a report from the CIA that you've just got to read, and when that happens you're just seeing the tip of the iceberg."

Asked whether she has read some of the CIA reports on Japan's auto technology, Seidman replies, "Yeah." But she declines to comment further.

Discussing Japanese auto technology, Cary Gravatt, a special assistant to Undersecretary of Commerce for Technology Mary Good, whose office is coordinating the auto project, confirms that the CIA "is a good source of information about the current state of technology in a foreign country." ...

DBMarch 22, 2014 9:48 PM

@Skeptical

"If I were a person with foreign intelligence of interest to the PRC (which, to be clear, I'm not; if I were I wouldn't be leaving comments on the subject), I would fully expect their foreign intelligence agencies to attempt to access that information. Would I think it immoral that they're attempting to do so? No. Would I try to stop them? Of course."

Just to be clear, you are basically saying you are without morals. Remember that since "collect it all" is the directive of modern intelligence agencies that you promote, all people everywhere have "foreign intelligence of interest to the PRC" (as well as of interest to the NSA, BND, and everyone else)... RIGHT??? You are a legitimate target, I'm a legitimate target, every single individual worldwide is. And you are directly promoting this with your constant defense of the NSA. You are promoting a future world with no morals, just the law of whoever controls the biggest baddest military gets to be dictator over everyone else. Why do you like this kind of world? What's in it for you personally?

Chris AbbottMarch 22, 2014 11:11 PM

Perfect for Friday Squid Blogging:

Bruce, you have to write something about this:

A drone that spoofs WiFi hotspots and pwns your smartphone. Perfect surveillance tool!

SkepticalMarch 22, 2014 11:27 PM

@Jacob: The article you link to actually states that current US policy at the time of publication was NOT to conduct commercial espionage, and the author himself concludes that it isn't worth it.

The Mother Jones article is a mess of innuendo. It consists of a number of people who have heard that the CIA conducts "economic intelligence" gathering (they do), and have heard "rumors" that the CIA collects information from Japanese automakers and shares the secrets with US automakers (they don't, and good luck finding any corroboration at all for those claims).

Here's a better article from the same period: http://www.nytimes.com/1995/10/15/world/emerging-role-for-the-cia-economic-spy.html

This is also a subject that was investigated by Congress in the late 90s, Jacob. It confirmed that the US Government does not engage in commercial espionage.

Keep in mind that while these things were debated in the early 90s, they were also settled. Today, we live in a world of multinational corporations, a post 9/11 security atmosphere, and rising threats to stability across the globe. I think anyone who tried to suggest that the Intelligence Community conduct commercial espionage today would be literally kicked out the door.

As I also said, if evidence emerges showing otherwise, it would be a huge scandal of true importance. But for reasons you've undoubtedly encountered in your own reading, it doesn't appear that the US has conducted commercial espionage.

@DB: Earlier you said I was "literally worse than Hitler" and now, remarkably, you've managed to read a comment as indicating I have no morals. Take a breath and read more carefully, or people will start to believe that you're just as intelligent as such responses indicate. I do not think an intelligence officer is acting unethically when he or she attempts to acquire foreign intelligence by trespassing. Neither do I think it unethical for a foreign military officer to attempt to observe the capabilities of a weapons platform at a demonstration in order to help his own country better defeat that platform.

Both of those individuals are acting in legitimate roles which allow governments to look after their own security.

This isn't an "amoral" view. It's an understanding that we're all born in different countries, with different governments, and in consequence frequently have different loyalties. The Norwegian Government, for example, acts as the agent of the Norwegian populace, keeps order, administers the law, protects rights, etc. I would expect a Norwegian to have a sense of loyalty and duty to his country, and I don't think it unethical in the least for a Norwegian to serve in his country's military, or in his country's intelligence services, both of which are essential to his nation's security.

That doesn't justify any possible action by an intelligence service. But if a government chooses to use a company's equipment for its communications, then certainly acquiring information about that company's equipment (whether by CNE or otherwise) is legitimate and expected.

As to the particular importance of intelligence collection against the PRC, I described the justification above. If you think it's somehow amoral to understand the importance of avoiding war, or, if necessary, the importance of a democratic nation winning a war, then you've either misunderstood the meaning of the word "amoral" or you've misunderstood reality.

@Nick P: We can always cherry-pick examples where secrecy or not would be best. UK ability to break certain German codes? Atomic weapon design? Location/time of Normandy invasion? Suspicion that Bin Laden was in a house in Abbottabad? Bay of Pigs operation? INR doubts about Iraqi WMD?

You have to examine them case by case. There is no one-size-fits-all rule. And it's extremely difficult for the public to know what the costs of exposing some particular bit of information might be, especially when the cost might be measured in terms of what we don't learn, which is tricky at best to figure out.

The two times that the US and the USSR came closest to actual war occurred when poor intelligence and misperception allowed one side, or the other, or both, to come close to triggering the opposite party's red lines.

And if there is going to be a major war between great powers in the next 50-100 years, it will likely be fought in East Asia, with China and the US on opposite sides. If we're going to avoid that possibility, or, should it occur, if we're going to at least ensure it comes out as best such things can, intelligence will be vital.

So, for me at least, it's close to the worst kind of irresponsibility to expose intelligence collection efforts directed against the PRC. The TAO catalog was bad; this is potentially worse.

DBMarch 23, 2014 2:05 AM

@Skeptical

Some things I say may be a bit "over the top" at times, I admit. On other sites full of nothing but trolls, I generally troll them back for a bit, then settle down for a real conversation when someone seems more serious... Some other people go the other way and troll serious people even more when they find them. I see trolling generally as a valid tactic in a public information war (a war for people's hearts, really)... but I try to limit my trolling on Schneier.com though because this generally seems to be a more elevated group (though it can still be an attention getter when not overdone too much).

Now that said... your constant staunch defense of the NSA looks more to me like you do justify any possible action by them... Since you say you don't, can you list anything the NSA has done that you don't think is justified?

The problem I see is that the whole "collect it all" mentality that comes out of trying to "prevent crime" (terrorism just being a vague term for crime) literally means that everyone is a valid target. Doesn't matter if there's any suspicion of any such "terrorism" (crime) at all. If you're a systems administrator, you're not only a valid target, for example, but you're actually being actively targeted by the world's APT's, apparently "legitimately" according to you. Not just by the PRC, but every intelligence agency, including our own. And this is just because you have a job? It's lawful to break into your personal property and steal your passwords (and everyone's really), because you take care of a few computers? This is wrong. And you are wrong for believing that this is just fine everywhere. This is where I start saying the only logical conclusion is that you are amoral. You don't believe in right and wrong, just "what suits you, and your agenda of gaining power at all costs." I'm not just trying to troll here, I'm trying to appeal to you, and show you where your mentality is leading... how is this not as bad as Hitler? It's the same mentality: me and my kind are superior, others be damned. It mocks why we bothered to fight him, since we just become him given opportunity.

From Estonia with ...March 23, 2014 4:39 AM

OPERATION WINDIGO

http://blog.eset.ie/2014/03/18/operation-windigo-malware-used-to-attack-over-500000-computers-daily-after-25000-unix-servers-hijacked-by-backdoor-trojan/

Full paper - http://www.welivesecurity.com/wp-content/uploads/2014/03/operation_windigo.pdf

Basically they compromise SSH servers to send spam, for click fraud and to steal SSH credentials. They have in memory, with minimal disk usage exploits, I mean implants, for sshd, apache, ngnx, lighthttpd, bind, windows.

On page 8 operators for Windingo compromised kernel.org. It reminds me of the "Security Incident on FreeBSD Infrastructure" http://www.freebsd.org/news/2012-compromise.html

They use HTTPS. But reacherers managed to decrypt the traffic. How? MiTM? Reacherers wont tell.

What a technological leap from DNS Changer. All this to send spam?

anonymousMarch 23, 2014 6:48 AM

OF COURSE the NSA is involved in industrial espionage! Sheesh, short attention span, everybody? Remember Echelon?
I really am too lazy to find all the relevant, officially documented proof of what happened back in the nineties. Just one, feel free to find many more examples yourself.

www.fas.org/irp/program/process/rapport_echelon_en.pdf
Page 103 ff.

In the case of Enercon (wind turbine manufacturer) they blatantly stole documents which Enercon's US competitor (Kenetech) then used to file for patents in the US, without editing out numbers and data that pointed to the origin of these drawings. The result: Enercon, which was one of the largest, most innovative wind energy manufacturers at that time (and still is) with wind turbines located on every continent including antarctica was successfully kept out of the US market causing billions of losses for them.

BenniMarch 23, 2014 7:21 AM

@Skeptical:
"There is no evidence at all that this is true. To date, not a single item of information reported from the Snowden documents shows any commercial espionage being conducted by the NSA. "


I told you before that the nsa monitors the german company sap who makes office software:

http://www.mmnews.de/index.php/politik/17160-nsa-ueberwacht-320-personen-in-deutschland

Of course you ignore this deliberately......

Here is Snowden, telling to the tv the us would be doing industrial espionage:
http://www.reuters.com/article/2014/01/26/us-security-snowden-germany-idUSBREA0P0DE20140126

Snowden tells the european parliament:
http://www.europarl.europa.eu/document/activities/cont/201403/20140307ATT80674/20140307ATT80674EN.pdf

To directly answer your question, yes, global surveillance capabilities are being used on a daily basis for the purpose of economic espionage. That a major goal of the US Intelligence
Community is to produce economic intelligence is the worst kept secret in Washington. In August, we learned the NSA had targeted Petrobras, an energy company It would be the first of a long list of US energy targets....

But now, certainly sceptical will answer that spying on energy targets is done for hunting terrorists....

Spying on energy targets makes only sense if you give data to your own companies.

For giving nsa information to the companies, the us have this centre here:
http://export.gov/faq/eg_main_017486.asp

Here are some success stories listed by the US Advocacy centre: http://www.heise.de/tp/artikel/7/7796/1.html each succsess, where they "defeated" a european country with this information is apparently worth several million dollar contracts

You want to hear what CIA officials say on this to the congress? Well read this. I copy excerpts:

http://www.heise.de/tp/artikel/7/7752/1.html

During 1991, future CIA Director James Woolsey chaired a special panel examining future intelligence priorities.[20] By December 1991, a draft National Security Directive, NSD-67, had been prepared on "Intelligence Capabilities - 1992-2005". It was circulated to 20 agencies and departments for comment, and then formally approved by the U.S. National Security Council and issued from the White House on 20 March 1992.[21] The then Director of Central Intelligence Robert Gates, called it "the most far-reaching directive to assess future intelligence priorities and needs since 1947." The directive asked. "What kinds of economic intelligence do we need?"[22]


Gates was questioned about the new order at a Congressional hearing on 29 April 1992, and stated:
"The intelligence community has been engaged in collection on economic intelligence issues for some years, but this national security directive really expanded and made more specific policymaker direction and priorities in terms of what the policy community up to, and including, the President wants us to collect against [...]

About 40 percent of the requirements that were approved by the President are economic, either in part or in whole. They deal with questions in the whole arena of information needed to level the playing field, what foreign governments are doing to disadvantage the United States, not play by the rules, not abide by agreements and so forth. Questions about predatory and subversive foreign targeting of US industry, as well as these questions we've been discussing today about foreign counter-intelligence. So, for the first time, I think really this national security directive codifies and prioritizes the economic requirements being placed on the intelligence community"[23] (emphasis added).


Both the Presidential Assistant for Economic Affairs and the Secretary of the Treasury were given daily CIA briefings on economic intelligence. According to a recent report:
"Economic intelligence gathering became policy. The CIA designed a new daily intelligence digest, called the 'Daily Economic Intelligence Briefing'. Highly classified with a limited run of 100 copies, it's distributed to officials at the White House and cabinet-level departments throughout the government's economic bureaucracy".[28]

Two weeks later, Clinton's nominee for the post of CIA Director, James Woolsey, said at confirmation hearings before the Senate Intelligence Committee that U.S. intelligence agencies' role in economic spying was "the hottest current topic in intelligence policy issues".[29]

The chairman of the intelligence committee, Senator Dennis DeConcini, also held two secret hearings on the issue of providing intelligence to US business. His panel examined suggestions that "the Commerce Department, after improving its own collection of economic information, could be used to disseminate economic intelligence".

He recommended that the administration should adopt a policy for handling "economic intelligence collected by spy agencies that is not vital to national security [...] my own feeling is we ought to give it to our industry".

While he did not advocate running agents against the Airbus consortium and giving the product to Boeing or McDonnel Douglas, he explained "if we find something not to share it with our people seems to me not to be smart".

Although no full statements were made about the outcome of the intelligence policy reviews conducted in the first year of the Clinton administration, subsequent developments show that the "levelling the playing field" policy on economic intelligence, first proposed in 1991, was fully implemented by Clinton and Woolsey.

The heart of this was the Trade Promotion Co-ordinating Committee (TPCC), which had been founded in 1992 at Congressional request.

The operating arm of the new, co-ordinated trade campaign was an "Advocacy Center" established inside the Department of Commerce. According to its web site, the Centre provides "coordinated action by U.S. government agencies to provide maximum assistance in a case [...]

The Advocacy Center is at the core of the President's National Export Strategy, and its goal is to ensure opportunities for American companies".[33] The Centre says of itself:


Since it's creation in 1993, the Advocacy Center has advocated on behalf of U.S. companies in the aerospace, infrastructure, energy and power, environment and other industries. We have a variety of success stories as a result of our advocacy efforts, showing the various ways the federal government supports U.S. companies in their efforts to secure contracts overseas.


Its methods were and are wide ranging:
Assistance can include a visit to a key foreign official by a high-ranking U.S. government official; direct support by U.S. officials (including Commerce and State Department officers) stationed at U.S. embassies; and coordinated action by U.S. government agencies to provide maximum assistance [...][34]


The creation of the Center was also "to assist U.S. Government (USG) personnel in determining whether and to what extent USG support is appropriate in connection with a transaction involving U.S. interests". The test was whether a particular bid would involve more than 50% U.S. content. Applicants for support were asked to complete a questionnaire, which could be filled in on the Intenet.[35] The form sought information to let the government decide "whether and to what extent a given bid is considered to be in the U.S. national interest".

The new arrangements soon paid off. In April 1994, the U.S. Congress was told that in 1993 alone, as a result of intelligence work, American businesses had obtained contracts worth some $6.5 billion out of a total of 51 contracts worth $28 billion.[36]


By July 1994, CIA director Woolsey was asserting that "several billion dollars a year in contracts are saved for American business by our conducting that type of intelligence collection.

We intend to continue to do it. It is relatively new. We are very - frankly - very good at it, and we have had some very positive effects on contracts for American businesses."[37]


[20] "The New Presidency: Journey of the CIA nominee", Washington Post, 11 January 1993,
[21]"U.S. Demands for Economic Intelligence Up Sharply, Gates says", Washington Post, 14 April 1992.
[22]"U.S. review focus of security data", New York Times, 22 December 1991.
[23]Testimony of Robert M. Gates, Director of Central Intelligence, contained in U.S. House of Representatives, The Threat of Foreign Economic Espionage to U.S. Corporations, Hearings before the Subcommittee on Economic and Commercial Law, Committee on the Judiciary, 29 April 1992, Washington, DC: USGPO, 1992, page 88.
[24]National Security Review 29 (NSR-29), 1991
[25]Speech to the Economic Club of Detroit, 13 April 1993, reported in the Washington Post, ibid (note 00)
[26]Private communication from James Bamford, author of the Puzsle Palace. Mr Bamford, then a producer for ABC TV, attended the meeting and took notes.
[27]Note on NSC, Office of the Historian, U.S. Department of State, August 1997, published at www.fas.org/irp/offdocs/nsd67.htm
[28]See note 18
[29]"CIA nominee tells senators economic spying is 'hot topic' ", Washington Times, 3 February 1993
[30]"Senator suggests CIA give business trade secrets", Washington Times, 13 March 1993
[31]"CIA's Hottest Question," Washington Post, 14 March 1993.
[32]Leonard Doyle, "French spies shop for trade secrets", Independent (London), 11 May 1993
[33]See www.ita.doc.gov/td/advocacy
[34]See background documents on the U.S. government Advocacy Center provided to the Echelon committee; (1) Function statement by Department of Commerce Trade Promotion Co-ordinating Committee (TPCC)
[35]At www.ita.doc.gov/td/advocacy/question.htm and Annexe 2-2 Questionnaire
[36]Letter from Colin Jellush, Intelligence Community Issues Division, to Don Mitchell, Select Committee on Intelligence, U.S. Senate, April 8, 1994, published in "Current and Projected National Security Threats to the United States and Its Interests Abroad," Hearing before the Select Committee on Intelligence, U.S. Senate, January 24, 1994
[37]"The Future Direction of Intelligence", address by James Woolsey to the Center for Strategic and Internatioal Studies, July 18, 1994, in Washington, D.C., 18 July 994. Quoted in Windrem, op cit (note 000)

Clive RobinsonMarch 23, 2014 7:29 AM

@ Nick P,

In what might be described as "New wine in old Bottles" somebody has been developing a python script as a bit of middleware such that new HTML standards can be used in old browsers,

http://virtuallyfun.superglobalmegacorp.com/?p=3866

Which is a fun thing to do...

But it also has some security implications that might be advantageous if thought about in the right way.

JacobMarch 23, 2014 7:43 AM

Re industrial espionage - from the horse's mouth (my comments bellow the extract):
-------------------------
"Although NSA has made clear that it has not and is not now doing the activities listed below, the US Government should make it clear that:

NSA will not engineer vulnerabilities into the encryption algorithms that guard global commerce;

The United States will not provide competitive advantage to US firms by the provision to those corporations of industrial espionage;

NSA will not demand changes in any product by any vendor for the purpose of undermining the security or integrity of the product, or to
ease NSA’s clandestine collection of information by users of the product; and

NSA will not hold encrypted communication as a way to avoid retention limits.

Although NSA is authorized to retain encrypted data indefinitely for cryptanalysis purposes...."
------------------------
http://www.whitehouse.gov/sites/default/files/docs/2013-12-12_rg_final_report.pdf p.218

The power of playing with words:

-- subverting encryption standards - the Dual_EC_DRBG has not "guard global commerce", so we were OK on this.

-- Commerial advantage: not by the provision of industrial espioange, but probably as a collateral collection while going after terrorist suspects we happen to locate in research labs of some large foreign corporations.

-- demand changes in any product: we don't "demand" - we offer payment and a "friendly" talk about the future of doing business with the US gov if refused. RSA Corp. agreed to that.

-- keeping encrypted material: as the committee has said: " not to subvert retention standards, but only for cryptanalysis purposes...

One additional note:
It appears that the committee itself does not believe that the NSA is not engaged in industrial espionage, and recommends on p.221 to "not to steal industry secrets" and, and this is a doozy, "Governments should not use their offensive cyber capabilities to change the amounts held in financial accounts or otherwise manipulate the financial systems"

Nick PMarch 23, 2014 9:02 AM

@ Skeptical

There's no cherry picking. I simply showed the worst of all leaks can't compare to what unchecked secrecy costs us. Unlike some idealists here, I'm all for intelligence gathering and state secrets. I'm also for a much stronger type of accountability that involves an organization similar to GSA, a rework of our classification system, zero loopholes like USAPs, and prison time for violators at any level. If prison isn't a possibility, the accountability isn't good enough.

@ Clive Robinson

That's pretty neat. The guy has a ridiculous number of browsers and OS's. He's even got the page rendering on Mosaic. Lol.

The technique he uses reminds me of how I got "future" web standards to work on then-current machines back in the day. I also used a proxy method. Most recent use of that in a design is to safely use critical applications on untrusted computers equipped with only a browser. That design is limited at the moment. There's both commercial and academic work in the area, though.

Just popped into my head that these kind of tricks might also be good for the security-oriented OS's projects. Most are microkernels with applications, while at least one is solely a browser OS. The problem with such systems is there's an incredible amount of code to write to support legacy functionality. I've always externalized features to reduce code in TCB. This browser trick might be a way to get a simplified browser on the system. Attacks can still happen upstream, but attacks within the system could be limited.

BenniMarch 23, 2014 9:04 AM

@ Jacob, they are not doing industrial espionage, at least "not wittingly".

So these nsa statements you list are "the least untruthful answer they can give in a public hearing"..

(They just collect all and everything. And if they find something, they give this to U.S. companies. Na, they even don't collect anything, at least "not wittingly".)

By the way, given that the nsa now has huaweis sourcecode, huawei really should step up and make the source of their producs open. As they are a hardware company, it would not hurt them much.

We just would then get routers in the process, that do not have deliberately planted nsa backdoors.


A new spiegel article mentions first reactions of the chinese:

http://www.spiegel.de/netzwelt/netzpolitik/nsa-spionage-in-china-huawei-empoert-nach-snowden-enthuellung-a-960259.html

I, hope the chinese start their financial pressure on the nsa soon.

In this article here:
http://www.nytimes.com/2014/03/23/world/asia/nsa-breached-chinese-servers-seen-as-spy-peril.html

it is written that "A White House spokeswoman, Caitlin M. Hayden, said: “We do not give intelligence we collect to U.S. companies to enhance their international competitiveness or increase their bottom line. Many countries cannot say the same.”"

The first question is whom he means with "we"? Congress, the president in person, or whom? Also, this is said by some congress man. Perhaps the economic espionage of the nsa is just not at his "income level" and he has no clearance on that.

This intercept article argues, that often officials are deliberately left into dark by the agencies:

https://firstlook.org/theintercept/article/2014/03/13/nsa-elected-officials-foreign-countries-unaware-countries-cooperation-us/

Intercept also has a new article:
https://firstlook.org/theintercept/2014/03/23/facts-nsa-stories-reported/

on the abyss of treason in the country.

And here is the spiegel article from 1963 with the original adenauer quote:

http://www.spiegel.de/spiegel/print/d-45142334.html


Nick PMarch 23, 2014 9:47 AM

@ Bruce

Intercept link was an interesting read. The takeaway is that they need structure and predictability for the automated targeting. Obfuscation techniques I've long advocated just got a boost. It wouldn't stop one of these guys so much as keep them from writing a simple SIGINT script to get everyone. That they can do stuff like that should be a wakeup call to defenders.

Also, it's interesting to see how much reuse and integration exists in their toolset. This goes from systems like QUANTUM all the way to the implant catalog. You could say they've been doing the offensive version of what I've advocated for defenders to do: get each layer to work right and integrate well. Most defenders can barely understand how the code in their system ever works, much less how to maintain its security.

Clive RobinsonMarch 23, 2014 10:36 AM

@ Nick P,

    Just popped into my head that these kind of tricks might also be good for the security-oriented OS's projects.

I thought it might or something similar any way ;-)

The point I was looking at it was the latest HTML etc can be viewed as a way of encoding and compressing information and function, both of which are as we know from previous attacks fruitfull sources for ways to bypass security choke points and get into the more "code bloat" heart of the browser where the attack surface is going to be larger.

In effect the middleware decodes and decompresses down to more basic and more easily checked format in what is a less code bloat and constrained environment giving both page by page issolation and control (depending on how the middleware forks etc).

In effect it's a complexity reduction process where each function can be issolated by strongly mandated interfaces, which is generaly a good thing for security.

Clive RobinsonMarch 23, 2014 11:30 AM

@ Benni,

    By the way, given that the nsa now has huaweis sourcecode, huawei really should step up and make the source of their producs open. As they are a hardware company, it would not hurt them much

Actually it could hurt them a great deal.

Not only would it give US competitors an advantage to "steal IP" it would also open them up to expensive litigation attacks used by US competitors to keep their products out of the US and EU markets.

To see why go have a look at the way Apple attacked Android platforms.

As it turns out Huawei have gone quite a long way in trying to show their systems are not "backdoored by design" by setting up a joint operation --"Tthe Banbury Cell"-- with GCHQ. However one or two people with significant interest from the US spread stories and inuendo about those working in the Cell and the way the Cell functions without actually bothering to find out how it is run. Apparently the argument about "Huawei locking out GCHQ" is that Huawei won't give direct and unfettered access to all of it's source code and design documents to GCHQ staff, though it does make it fully available to Cell staff who have to be Full UK Citizens and are security vetted to the highest UK standards. Further and ignored/unknown to the critics is that it is the companies who use the Huawei equipment who also get guidance from GCHQ staff who decide what gets investigated by the Cell staff not Huawei.

As the NSA would have informed GCHQ of all these vulnerabilities in Huawei equipment the question that should now be asked is "Why has GCHQ not informed either the users of the Huawei equipment or the Cell staff of these vulnerabilities?"...

Which I suspect if you think about it makes Huawei's control of their source and design documents now appear to be a sensible choice.

Also there is another question that maybe someone should ask "As Huawei purchase over 2.5Billion USD of US supplied components, how many of these have infact been compromised by NSA Implants?".

Which naturally gives rise to the possability that the compromise of Huawei's equipment unlike that of various US companies equipment is unknown to Huawei and is not down to any deliberate design choices...

http://www.independent.co.uk/news/uk/home-news/are-huawei-the-enemy-within-gchq-is-tightening-its-supervision-of-the-giant-chinese-technology-companys-uk-testing-centre-9013869.html

BenniMarch 23, 2014 12:54 PM

@Clive,

There is now widespread distrust in the tech szene. Costs for litigation attacks are neglible to the profit you can make with a proven backdoor free router.

In a new article,

http://www.spiegel.de/netzwelt/netzpolitik/nsa-us-geheimdienst-spaehte-chinas-netzwerkkonzern-huawei-aus-a-960176.html

der Spiegel writes that out of operation shotgiant came our well known "Headwater" TAO exploit.

The only way to prevent a security breach like this is open source.

Huawei must figure that they can not counter this attack by themselves.


Ah, and by the way, we have the first spook saying sorry to der Spiegel:

http://www.spiegel.de/netzwelt/netzpolitik/nsa-ex-chef-hayden-entschuldigt-sich-bei-deutschland-a-960231.html

As usual, the nsa spook says not sorry for attacking, but hes only sorry for the secrets to get revealed. Naa that does not suffice

Seems it will be a long way until they are there, where BND came down long ago.

This monday, Obama will visit the chinese premier:

http://www.spiegel.de/politik/ausland/nsa-affaere-und-krim-krise-obama-besucht-europa-a-960280.html

Of course Der Spiegel placed this revelation just on exactly this date. So the chinese premier can buy a spiegel and show it to Obama.

Perhaps soon, NSA agents will try to infiltrate Spiegel, with state secretarys being angry why the NSA is not able to ever get a Spiegel copy just one day before it is published, as in 1962 with the BND.

@Bruce,

regarding this attack on sys admins:

I find this slides for this article important:

https://firstlook.org/theintercept/document/2014/03/20/hunt-sys-admins/

especially where an nsa operator talks about finding admins that log into telnet,

And what he writes on exploiting routers.

We do not know whether these router backdoors

https://github.com/elvanderb/TCP-32764

of six different us vendors were deliberately planted.

We do not know whether this security problem of routers from Arcadyan, was deliberate:

http://www.heise.de/security/meldung/O2-Router-verwundbar-jetzt-WLAN-Passwort-aendern-2149103.html

or whether these severe problems in dlink routers and modems are deliberate:

http://www.heise.de/security/meldung/D-Link-flickt-Business-Router-der-DSR-Serie-2068138.html

http://www.heise.de/security/meldung/Grossangriff-auf-Router-DNS-Einstellungen-manipuliert-2132674.html

http://www.heise.de/security/meldung/Akute-Angriffsserie-auf-D-Link-Modems-2135158.html

But we must assume, that these security holes are known by some tao operator,

And we must assume that there is an nsa guy somewhere who specialises in hacking exactly your router model.


yesmeMarch 23, 2014 1:37 PM

@Benni

The only way to prevent a security breach like this is open source.

Altough I agree with you that Open Source is the only answer, it's a lot more.

I think a political answer is the only answer to be honest. Open Source is only a small part of it. What I would like to see is that all products that have code and are sold to business / the public needs to be Open Source and audited. But that's a legal matter. And the legal matter involves a lot more, such as patents, warranty against data being stolen and so on.

And also a secure internet. Not a bunch of protocols that are hardened. No a secure internet.

It can be possible. It's only the mindsetting. But it requires people that have actual vision and the balls to carry it through. And I think this can only be done politically. And right now, even after all the Snowden leaks, the politicians are still in defence / offence modus. There is still no vision. And they are certainly not cooperating.

SnazzyMarch 23, 2014 1:50 PM

John Tierney: At Airports, a Misplaced Faith in Body Language
www.nytimes.com/2014/03/25/science/in-airport-screening-body-language-is-faulted-as-behavior-sleuth.html

Like the rest of us, airport security screeners like to think they can read body language. The Transportation Security Administration has spent some $1 billion training thousands of “behavior detection officers” to look for facial expressions and other nonverbal clues that would identify terrorists.

But critics say there’s no evidence that these efforts have stopped a single terrorist or accomplished much beyond inconveniencing tens of thousands of passengers a year. The T.S.A. seems to have fallen for a classic form of self-deception: the belief that you can read liars’ minds by watching their bodies.

Nick PMarch 23, 2014 1:58 PM

@ benni

Re profit of backdoor free router

That's essentially a high assurance system with extra controls on subversion. Historical data shows the kernel or hardware would cost $30-50 mil if it was *simple*. Most enterprise networking boards arent. After that, the entire networking and control stack must be redone in a way immune to code injection. If it's unsafe code, it might cost up to $10,000 per line.

And all this will be extremely difficult to add features to while costing 5-10 times more than competition. Guards are a fraction of that plus have many features. Yet, market ignores them in favor of risky COTS. What does that mean for even higher priced products? Well, current trend been going strong for decades now so Im not holding my breath.

BenniMarch 23, 2014 3:32 PM

By the way, there were revelations that the nsa would intercept 1000% of all phone calls, from "Washington Post" I think.


Well, the problem with this amateurs from american press is that they always get it late.

Of course it was published already by DER SPIEGEL months ago, on which country the nsa gets most signals. This picture can be found from the journals search machine:

http://wissen.spiegel.de/wissen/image/show.html?did=104673958&aref=imageArchive/2013/07/27/CO-SP-2013-031-0022-01-GR.JPG&thumb=false

Yep that list includes all signals that the nsa gets......

Interesting is the voyeuristic interest of the nsa on china. Could be some form of racism.

And their apparent disinterest in russia. Perhaps the russians are nowadays, with their heavy problems with islamic terrorists, just sharing most of their things with their american partners.

Here is an old spiegel article where CIA is revealed to team up with russians in North Korea, published of course, when the operation was done:

http://www.spiegel.de/politik/ausland/nordkorea-wie-die-russen-den-amerikanern-beim-spionieren-halfen-a-231490.html


Clive RobinsonMarch 23, 2014 4:20 PM

@ Benni,

    Costs for litigation attacks are neglible to the profit you can make with a proven backdoor free router

I guess you are not familier with the Apple legal aproach, which is why I suggested you look into it.

You need to realise that,

    You can only make a profit if you have product customers can buy.

If a US company can stop you importing your goods it matters not one jot if you have the best product at the best price you don't have product to sell so no profit. Likewise if they can stop you exporting your prosuct to any other market like the EU.

Apple became good at waiting untill a competitor's product was manufactured and had started to be shipped, when the first one hit the docks they went to court and claimed it infringed patent or copyright and got a 90 or more day embargo. They then played the court system whilst still selling their own product into a time sensitive market where a product life could be only 40weeks. Apple cared not one jot if they could make the case stick or not because to them the litigation cost was minimal just stoping a compeating product sell for 90 or more days ment the profit on 90 days or more uncontested sales as well as knowing the loss they were inflicting on the competition who had sunk major investment into production. If they could make the import embargo stick then not only would they get the goods landed destroyed they could also persue for damages etc.

It's fairly well known that Apple knew which courts to aproach because atleast one circuit had the reputation of taking any case by a US company as "gospel" and atleast one district had the reputation of turning into "paid for" favourable outcome service because major litigants would come ans spend lots of money in the district whilst the litigation was in progress and the town/district effectivly lived off the litigation...

I won't say that the US courts service is corrupt because I'm sure if I look sufficiently hard enough I will find parts that are not. But I've seen suficient to know that as a non US citizen my chance of getting either a fair hearing or justice in US courts is very unlikely. And befor people get upset and claim I'm singling out the US, I will point out as I have in the past that some UK courts are just as bad.

Further even some US judges are so appaled by "IP cases" that they are taking action against the likes of what they regard as frivolous use of the courts by the likes of Apple, who let's face it have a pretty poor reputation when it comes to honesty in things like taxation.

robkMarch 23, 2014 5:38 PM

In German CT 24/3, dormant trojan mouse that is activated by tiny "mouse matrix codes" on give away mouse pads that also contain matrix codes with URL's to (Windows) malware. (Im Auge der Maus, Daniel Bachfield)

SkepticalMarch 23, 2014 6:05 PM

Too much to respond to really (and some interesting technical comments that I'd be out of my depth even venturing a question).

Let me start with DB's remarks on trolling and other things (and DB, thanks for taking it down a notch):

@DB: Some things I say may be a bit "over the top" at times, I admit. On other sites full of nothing but trolls, I generally troll them back for a bit, then settle down for a real conversation when someone seems more serious... Some other people go the other way and troll serious people even more when they find them. I see trolling generally as a valid tactic in a public information war (a war for people's hearts, really)... but I try to limit my trolling on Schneier.com though because this generally seems to be a more elevated group (though it can still be an attention getter when not overdone too much).

My view on personal or academic discussions (excluding contexts such as negotiations, litigation, etc) is that each person ought be treated as an end in himself. I'm twisting what Kant means somewhat, but I mean here essentially that each person ought be treated as an individual whose autonomy to decide for himself on the merit or meaning of arguments, stories, expression, etc., presented must be fully respected. Respecting that autonomy, in my own view, means presenting relevant facts as honestly and objectively as one can, and avoiding a dishonest and deliberately biased accounting of relevant facts, analyses, etc.

No one is perfect, and all of us suffer from the usual biases of memory and intuition that can cause our analysis and words to be biased in a way that is hidden (temporarily, at least) from us. So the above is more a goal than a standard.

I understand that in some contexts "flame wars" might be considered fun, but as a means of persuading people it strikes me as manipulative. In doing so one has stopped treating other readers as individuals in themselves, and has begun treating them as objects to be manipulated.

I don't mean to imply that you think differently, by the way. I just wanted to state my own views, and my personal standards, here.

The upshot of all that is that I hardly ever take disagreements personally, I'm almost always happy to hear a different viewpoint, and I take my own fallibility pretty seriously (although that means I take the fallibility of everyone else seriously as well). I'll also be straightforward when I disagree with something, and anything critical in my comments will, I hope, always be directed at an issue and not a person.

Now that said... your constant staunch defense of the NSA looks more to me like you do justify any possible action by them... Since you say you don't, can you list anything the NSA has done that you don't think is justified?

One quick qualification to your question. Though the NSA does have significant operational autonomy, the NSA executes directives and policies given to it (it's certainly highly influential with respect to what those directives and policies are, of course).

So when we talk about whether the NSA was justified in doing something, I think we sometimes have to be careful.

For example, after 9/11 the NSA received a Presidential directive to begin what was called the Presidential Surveillance Program (later renamed the Terrorist Surveillance Program), also known as the warrantless wiretapping program.

I think that the PSP was probably lawful immediately after 9/11, as an emergency measure, but that efforts should have begun earlier to either place the PSP on a legal basis that included an act of Congress or to alter the program.

So I have an issue with the Bush administration's handling of that. Was the NSA justified in following the directive? Certainly immediately after 9/11, but as time progressed the directive became less clearly lawful. At a certain point, the NSA would become unjustified in following that directive. Whether they reached that point is a difficult question, which I could not answer without a fair amount of additional research to refresh my memories of the legal questions at issue.

I also think, of course, that much of what was done during the 1960s with respect to the wiretapping of certain domestic dissidents was unjustified.

And certainly I have no trouble envisioning possible NSA actions, or Presidential policies, that would be unjustified. As I've stressed in this thread, I think revelations of commercial espionage by the US would be extremely scandalous.

If you're a systems administrator, you're not only a valid target, for example, but you're actually being actively targeted by the world's APT's, apparently "legitimately" according to you. Not just by the PRC, but every intelligence agency, including our own. And this is just because you have a job? It's lawful to break into your personal property and steal your passwords (and everyone's really), because you take care of a few computers? This is wrong. And you are wrong for believing that this is just fine everywhere. This is where I start saying the only logical conclusion is that you are amoral. You don't believe in right and wrong, just "what suits you, and your agenda of gaining power at all costs."

The document revealed in The Intercept story contains the description and justification of what the author is talking about. He's not simply hacking into any sysad he can find.

In his words, Up front, sys admins are generally not my end target. My end target is the extremist/terrorist or government official that happens to be using the network some admin takes care of on a foreign network....

So, let's put this in the context of espionage from an earlier time (or is it?).

Extremist E or Goverment Official O happens to use an office in a particular building for work. He keeps all kinds of things in that office. Records of mails and notes from telephone calls, official plans and policies, thoughts about the future, ongoing operations, etc. Okay. And you find that you really can't get access to that office unless you penetrate the building's security system. To do that, you might have to break into the building manager's files and obtain some information about that system.

There is no intelligence agency in the world that would hesitate to do this, provided that the intelligence they're after is worth the risks they'd be taking.

If an intelligence agency refused to trespass private property, it would simply be nearly impossible to collect intelligence. For any government that relies on intelligence to ensure its own security, that's not an acceptable outcome.

Is your objection to the idea that an intelligence agency would ever trespass private property, or are you saying that there should be some minimum level of need for intelligence before an intelligence agency does so?

It's the same mentality: me and my kind are superior, others be damned. It mocks why we bothered to fight him, since we just become him given opportunity.

I don't understand how you arrive at this conclusion at all.

I noted that in my view it is legitimate for other governments to have intelligence agencies for reasons of national security; so that's hardly "others be damned." It means that no, others have a right to take the steps we would expect a legitimate government to take in providing for its own security.

FigureitoutMarch 23, 2014 6:21 PM

Skeptical
--You won't get it until you become a target. This could happen b/c of a simple rift w/ a psycho agent. The agents targeting me have gone wayyy beyond reasonable w/ the continued intrusions when I'm not home, physical destruction of property, they even kicked my dog (that's how cold and evil they are). I have other theories that are a bit much to entertain right now, but given the sheer evilness of these people, I would not be surprised. I am not and never was a terrorist threat and if it took these agents that long to find that out then they are a waste of tax payer dollars or the citizens of the United States are going to continue funding pure criminal activity; and they need to know that.

BenniMarch 23, 2014 6:29 PM

@rebk:

the german magazine C't comes every 2 weeks. This article which you are talking about falls in a period where we have April fool's day. It is usual that the C't makes april fool's jokes in the issue that is current on April 1st.

@Skeptical:
"Too much to respond to really (and some interesting technical comments that I'd be out of my depth even venturing a question)."

Above I provided a link where they report from the snowden files that nsa attacked the german office software company sap.
Above, I provided documents, where structures are presented from the us government, that allows the nsa to give us companies first hand information. I also provided statements from a former CIA Boss, saying that

"The new arrangements soon paid off. In April 1994, the U.S. Congress was told that in 1993 alone, as a result of intelligence work, American businesses had obtained contracts worth some $6.5 billion out of a total of 51 contracts worth $28 billion.[36]

By July 1994, CIA director Woolsey was asserting that "several billion dollars a year in contracts are saved for American business by our conducting that type of intelligence collection.

We intend to continue to do it. It is relatively new. We are very - frankly - very good at it, and we have had some very positive effects on contracts for American businesses."[37]"

These are facts, and the americans are apparently stupid enough to have them published in the open. As snowden said, that the main use of the nsa collection is economical and industrial espionage is the worsk kept secret in washington.

You can not deny it any longer, that the us gives foreign company secrets to US Firms. If you do still deny that, please provide where the references, that I attached to my post, were wrongly interpreted.

You tried to defend the nsa's work.

Now please, either admit that

a) you were wrong,

or

b) that you did not know anything on this

or

c) that you can provide solid evidence, by this I mean raw documents, which you might link here, that show why my interpretation of these statements made by nsa and cia officials regarding industrial espionage were wrong

These are three choices.

Pherhaps we should add a third

d) say nothing on this, if you just do not want to admit that you have a lack of knowledge regarding the nsa, cia and industrial espionage.

I may take a step to interpret your sentences like "Too much to respond to really (and some interesting technical comments that I'd be out of my depth even venturing a question)."

in this direction.


@Clive, Yes I know how apple behaves when it hears the word "Copyright violation".

This gets now off topic but, In fact, german law is much more strict than the US law. And apple's behavior in the U.S. would be considered as "nice" by the standards we have in germanyy.

In germany there are strong copyright groups in germany, who all have their lawyers. Here,

http://www.spiegel.de/netzwelt/netzpolitik/handy-abgabe-deutsche-verwerter-wollen-bis-zu-36-euro-pro-smartphone-a-954526.html

the copyright groups figured that (after they do not get much money anymore by hunting piratebay users) smartphones could theoretically be used to copy music and films.

So they are now writing personally to Tim Cook, Larry Page, wrongly to Steve Ballmer instead of Satya Nadella, Kazuo Hirai, Kwon Oh Hyun, as well as to the bosses of Nokia, HTC, LG Electronics, Motorola und Huawei.

The copyright lawyers are in fact are asking all these company bosses personally for 35 euros for each sold smartphone since 2001, since you could use these phones to hear copyrighted musik and films.

Of course the letters say that they want to go to a german court this year, if the companies do not pay.

The 11 companies told Spiegel that they are embarrassed and they have never seen anything like this. But if they are embarrassed, they do know nothing on german copyright. The copyright groups finance this new lawsuit by their previous winning of similar lawsuits in germany, by the way.
One of these groups that asks the bosses personally for money, represents in fact an association of porn directors. Yes, in germany, the bosses of Apple, google, Samsung, Microsoft, Motorola, LG, Huawei, Sony, Nokia and HTC are being sued personally by porn directors, for selling devices that could theoretically be used to share copyrightet films. And the same copyright groups did this before on computer vendors, and they won.

You really must imagine, in such a trial, a lawyer of some adult film enterprise, to ask the court, for sending apple boss Tim Cook into the witness stand, because Tim Cook is ultimately responsible, for creating and selling a device that enables its user to theoretically view an unauthorized copy of some adult film, thereby reducing the marketshare of some adult film company. You must imagine, that they won lawsuit employing this tactics on computervendors. Everyone selling a computer in germany must pay them 13,19 Eur for each sold device.

SkepticalMarch 23, 2014 7:07 PM

@Jacob: One additional note:
It appears that the committee itself does not believe that the NSA is not engaged in industrial espionage, and recommends on p.221 to "not to steal industry secrets" and, and this is a doozy, "Governments should not use their offensive cyber capabilities to change the amounts held in financial accounts or otherwise manipulate the financial systems"

Some of the recommendations are simply to urge the US Government to set clear legal standards to address various lingering doubts about what the NSA does. The Committee stated elsewhere that the NSA does not conduct commercial espionage. This has been the stated policy of the US Government for quite some time. I've yet to find an example in contradiction (and before you ask, I've read the report to the European Parliament). The US Congress investigated the question thoroughly in the late 90s and also found that the US did not do so.

Occasionally you'll see persons misunderstand the reasons for conducting espionage against entities such as Petrobras (I address that below), or you'll see ridiculous claims from companies like Enercon (it claimed, as a defense when sued for patent infringement, that the NSA had stolen its plans and given them to the plaintiff; problematically the plaintiff had filed for the patent two years before Enercon claimed the plans were stolen; can't make this stuff up!).

@Benni: Economic intelligence, or economic espionage, and commercial espionage, are not the same thing. Commercial espionage involves the theft of trade secrets from one company in order to give them to another company and enable that company to profit. By contrast, economic intelligence includes information that enable a government to assess economic conditions in a given country.

NSA had targeted Petrobras, an energy company It would be the first of a long list of US energy targets.... But now, certainly sceptical will answer that spying on energy targets is done for hunting terrorists.... Spying on energy targets makes only sense if you give data to your own companies.

No. Petrobras is a state owned petroleum company. It is intricately intertwined with the Brazilian Government, and an analysis of Petrobras, and key figures within, can inform a broader analysis of the Brazilian Government and of the Brazilian economy. The current President of Brazil, for example, sat on Petrobras's administrative council during her prior position in the Brazilian Government as home secretary.

To give you an idea of what kinds of things can happen inside that company, in the past week prosecutors in Brazil opened a bribery case against Petrobras officials, a Brazilian newspaper exposed Brazilian President Rouseff's involvement (prior to becoming President) in a questionable oil refinery acquisition, and another Petrobras official was arrested for money laundering.

So if you're curious about where the Brazilian Government might be heading in the future, knowing about what's happening within Petrobras can be important.

See this recent Economist article for details.

You also cite James Woolsey:

By July 1994, CIA director Woolsey was asserting that "several billion dollars a year in contracts are saved for American business by our conducting that type of intelligence collection. We intend to continue to do it. It is relatively new. We are very - frankly - very good at it, and we have had some very positive effects on contracts for American businesses."

The quote here is extremely misleading. Woolsey is talking about intelligence agencies revealing payments of bribes to foreign officials, thereby ensuring that US companies (who are prohibited by law from bribing any government officials anywhere) and other companies a fair playing field. Woolsey has also been very adamant that the US does not conduct commercial espionage, and has argued forcefully the reasons that the US does not do so.

Here is the full quote from Woolsey:

A number of countries in other parts of the world, including some of our oldest friends, are very much into the business of bribing their way to contracts that they cannot win on the merits. . . . And when we find out about those . . . we go not to the American corporation that's competing, but the secretary of state, and he sends an American ambassador to see a president or a king, and he--that ambassador--says, "Mr. President," or "Your Majesty, your minister in charge of construction is on the take, and you have a lot going with the United States, and we don't really take kindly to your operating that way." And so rather frequently what happens--not always--is that the contract is rebid. . . . we calculate, really very conservatively, that several billion dollars a year in contracts are saved for American business by our conducting that type of intelligence collection.

The US is somewhat unusual in this regard, as many other countries make little secret that they use their intelligence services to support domestic companies. The explanation lies mostly in the economic structure of the US, and how businesses are seen by the government and population in the US, rather than in any particular virtue that the US relative to other countries.

SchneieronSecurityFanMarch 23, 2014 7:19 PM

Could Huawei complain to the World Trade Organization on this matter?

Huawei could say that the U.S. Government is engaged in inappropriate activity (pressuring potential buyers) in order to deny Huawei some form of market access. (An almost complete ban in the United States.)

BuckMarch 23, 2014 7:25 PM

You're not gonna find any evidence of commercial espionage in Edward Snowden's documents...
If one were to pour over all the data with many fine-toothed combs, it may be possible, for example, to discover correlations with certain specific security breaches that were also reported in the news...
But I don't think criminals tend to go around passing out PowerPoint presentations that document their prior successful exploits... :-P

SchneieronSecurityFanMarch 23, 2014 7:59 PM

This episode of the PBS documentary series Frontline examines international bribery. The U. S. government should try to get other countries to adopt laws similar to what the U. S. already has.

SkepticalMarch 23, 2014 8:03 PM

@Figureitout: If you think that you're being harassed by federal agents who are breaking into your home and abusing your pet, then you should file a complaint ASAP with the FBI field office nearest you, and with your local and state law enforcement. You should note any evidence you have of this harassment, and the names of the agents involved. Those are criminal actions, and any federal agents responsible should be expelled and prosecuted.

However, and I say this without any disrespect and only because it's always worth considering multiple possibilities, sometimes being very security conscious can cross over into paranoia, and we start "seeing signs" in the world around us that are not really there. It's akin to "medical student syndrome." The new medical student spends many of his hours becoming familiar with the signs and symptoms of various diseases and conditions. And, soon enough, he begins to see those signs and symptoms all around him, particularly in himself. In doing so, the medical student forgets the importance of base-line probability. In other words, yes, it's possible that his cough is a symptom of a rare lung condition, but the probability is that he has the beginnings of a cold.

Eventually the medical student remembers the adage "when you hear hoofbeats, think horses not zebras", and decides that perhaps he should just pick up some cold medicine.

DBMarch 23, 2014 9:02 PM

@Skeptical:

thanks for taking it down a notch

You're welcome.

FYI I'm not really trying to "twist" your words, I'm more trying to "extend them to the next level" so to speak... i.e. if x is true, then y must be too, and then z, and then.... Think of the world like a game of chess, look multiple moves ahead.

In his words, Up front, "sys admins are generally not my end target. My end target is the extremist/terrorist or government official that happens to be using the network some admin takes care of on a foreign network...."

So in other words, if I'm running a web site that serves the public interest (say, a small social networking site), and I'm the sys admin of said site.... It is therefore wholly legitimate and perfectly fine for every intelligence agency from every country in the world to hack into my personal machines and crack my passwords (or maybe physically break down the front door of my house and steal the sticky notes off my monitor where I've written them down too), to pursue anyone they please, for any so-called "national security" reason they please in their respective countries, right? I'm just a means to an end, and their ends justify any means, right? This is amoral. And it's wrong.

Of course I'm using a more extreme example than you are, I'm trying to show where your mentality leads to. Almost nobody who grabs absolute dictator-like authority to do whatever they want to pursue "terrorists that will kill your children" will voluntarily give it up that power later on when that immediate threat is over. You even kind of admit this in your own words:

efforts should have begun earlier to either place the PSP on a legal basis... or to alter the program... as time progressed the directive became less clearly lawful.

Though you still failed to give any specific example of where the NSA has clearly overreached in the present day. You mainly just prevaricated, like a good modern politician.

We have to protect against overreach right up front. We have to limit law enforcement's actions even under extreme circumstances or we will all just live in the worst dictatorship possible someday. It only goes one way. Downhill. We have to stop the downhill spiral of human rights violations, or the bottom of the hill is where we're all headed.

The very slinging of the word "terrorist" around by our leaders is itself designed to strike terror in the hearts of our countrymen, so that we will be more willing to let them have absolute power. Our own leaders are effectively committing acts of terrorism against us, through their words, therefore. I'm defining "terrorism" here to mean anything that is designed to strike fear and terror in others, not just blowing up buildings. So saying, "I've got to do this unlawful action (i.e. make it lawful by passing this terrible law that effectively repeals the constitution), or you're all going to die" is a form of terrorism itself then.

And thus is how those in power gain more power, and the downward spiral continues. Skeptical, you, by supporting this, are part of it. You are hurtling people down this hill, the end of which is totalitarianism.

Is your objection to the idea that an intelligence agency would ever trespass private property, or are you saying that there should be some minimum level of need for intelligence before an intelligence agency does so?

I'm saying that humans should be treated as actual human beings with the rights of humans, regardless of what country they live in. So just as our constitution and bill of rights is meant to limit government overreach within our country borders, something should limit it outside our borders too. I've heard there are some treaties and international human rights documents that are supposed to do this, but as far as I can tell they are all basically "toilet paper" to anyone who has the biggest military, and can therefore trample at will on anyone else's individual personal rights or any other country's sovereignty.

If you disagree with this, and think that might makes right, that's where I start thinking about that "H" word again... You still certainly seem to, by arguing that intelligence agencies should have no limits what means they can use to their ends (other than a simple cost/benefit calculation, that is).

Nick PMarch 23, 2014 9:39 PM

@ Clive Robinson

"In effect the middleware decodes and decompresses down to more basic and more easily checked format in what is a less code bloat and constrained environment giving both page by page issolation and control (depending on how the middleware forks etc)."

It's similar to how I handle data formats in a high assurance design. For instance, my old strategy might have an untrusted component convert a 3rd party XML configuration file into a subset of Tcl, LISP or ASN.1. These are easy to parse, with each so simple the whole thing can be in the mind of a single person.

"In effect it's a complexity reduction process where each function can be issolated by strongly mandated interfaces, which is generaly a good thing for security."

Truly. And a prerequisite for highly assured systems I'll add. Btw, check this link out:

http://www.ajwm.net/amayer/papers/B5000.html

I keep trying to find better resources on the better of the older architectures I'm studying for security. This is a pretty good one on B5000 that covers the subsequent releases' improvements. I knew the basic features before but this sheds new light on it. Specifically, the way the hardware, firmware, OS, and key software were all co-designed to work perfectly together is the key to the system's overall robustness. Wirth's Lilith was designed with similar principles. That strategy is something worth imitating.

There's a few things in the architecture itself I'd change but 50 years later the architecture still looks like an improvement on certain things. Is that impressive for them or sad for us? Not sure.

Tangent: any secure architecture will have to include the capability to treat everything off the main chip as untrusted. I've been running it over in my head repeatedly, trying to avoid those architectures. Their overhead for memory/IO protection via crypto will be added onto overhead for hardware-based protection of software (eg tags/segments). The main risk is that the TLA's can seize your equipment at any time, which might result in a backdoor or hardware level snooping. If you trust the components, you're toast. However, if your design doesn't & is made outside NSA's control, then you can use less trustworthy components with lower odds of compromise.

Still thinking on it but my uncertainty about it is bothering me. One of my current research questions is whether we can do a secure mainframe on a chip architecture with protected IO and memory without impacting usability. If the answer is yes, then it's the way to go being safe in both technical and legal senses. And it would complement a legal strategy I have for dealing with domestic TLA's. That part I'm not posting yet although I've previously posted an abstract version of it. Otherwise, it means a solution to software, hardware and physical risks might be too complicated to be trustworthy. That wouldn't be good.

@ Figureitout

"ever seen uClinux mentioned on schneier.com. I know Nick P won't like b/c its intended use is uC's w/ no beloved MMU lol. You have to manage it yourself (and not f*ck up)."

Great call on that one as I did mention a few tiny OS's here a long time ago and specifically griped about that. I also said that there's other small ones that *do* have MMU support. Better off using them as we can be very sure the MMU-less one doesn't come with bug-free kernel, libraries, etc. ;)

Of course, it was also me that had the wild idea to use a simple CPU to emulate a more complex, secure-by-design machine. I haven't recommended it for production for obvious reasons. However, I've seen formally verified versions of chips, virtual machines, etc. where nearly every state is analyzed and shown safe. Anything un-anticipated just causes a fail safe. So, the idea was that a safe high level machine could be implemented on a low-level machine. Then, as many things as possible in the system on top of hardware runs in high level machine.

The main risk there that ruins the thing is the firmware and I/O of devices onboard. Each could ruin the safety of the system. Unless... One made a simple board with the CPU [that emulates better one], memory, & a safe chip for restricted fast IO. The chip should work with safe virtual CPU in that it preserves its encodings or types for data in main memory. Storage, networking, etc could be implemented in other devices per my old strategy of externalizing untrusted stuff. You'd have to make the virtual machine, build the trustworthy IO system, and develop them side-by-side to ensure total compatibility (ie prevent leaks/bypasses). However, it *would* be easier than building a totally new system on a chip.

@ Buck

"But I don't think criminals tend to go around passing out PowerPoint presentations that document their prior successful exploits... :-P"

That's so funny. It's exactly what I told someone here. It's utterly ludicrous to think that evidence of major abuse of power would be included in PowerPoints discussing intelligence capabilities and which are widely distributed. If anything, the classification system makes that *incredibly easy* to hide via compartmentalization and/or something like a SAP/USAP. And you know they put in real security if their own skin is on the line.

@ SchneieronSecurity Fan

"The U. S. government should try to get other countries to adopt laws similar to what the U. S. already has."

I think we should change our law to only give protection for countries that have a similar law. Otherwise, we don't care who bribes who. *That* might inspire them to adopt some anti-bribery legislation. If not, we call them on their hypocrisy showing that bribery is part of business in their country and we won't let our companies be disadvantaged. Of course, then there's whether the law is actually enforced. (shrugs)

SkepticalMarch 23, 2014 10:13 PM

@DB: So in other words, if I'm running a web site that serves the public interest (say, a small social networking site), and I'm the sys admin of said site.... It is therefore wholly legitimate and perfectly fine for every intelligence agency from every country in the world to hack into my personal machines

No. Your example isn't relevant as there is no stated connection between your site and foreign intelligence information.

Let me state the principle here more clearly:

If a state (a legitimate state) must trespass into private property (there are other means which I think would be illegitimate, except perhaps in the most dire circumstances) in order to effect the acquisition of valuable foreign intelligence information, then assuming that the trespass is minimal and focused on the purpose of intelligence acquisition (i.e. minimization of harm), the trespass is ethical for the intelligence officer.

Whether it's "perfectly fine" depends on where you sit. I don't think the PRC is acting unethically in attempting to gain access to US military systems. But I very much want that access to be prevented, because the US is an open society, with a lot of flaws, but is especially unlikely to become anti-democratic, repeal free expression, and so forth; the PRC is very different.

I certainly hope that the best arrangement for humanity emerges from the anarchic international system we currently have. Thus far, despite the many problems, an international system in which the US is pre-eminent, able to defend its allies in the Pacific, able to defend its allies in Europe, and elsewhere; and able to keep various simmering conflicts from boiling over, is probably the best hope for us all.

I assure you that in a system dominated by the PRC, or a system in which the US loses global influence, the very existence of international conversations like this one would be in doubt.

SchneieronSecurityFanMarch 23, 2014 10:14 PM

@ Nick P - Maybe, a multilateral treaty should be entered into that would be enforceable through the World Trade Organization.

SkepticalMarch 23, 2014 10:35 PM

@Nick P: It's utterly ludicrous to think that evidence of major abuse of power would be included in PowerPoints discussing intelligence capabilities and which are widely distributed. If anything, the classification system makes that *incredibly easy* to hide via compartmentalization and/or something like a SAP/USAP. And you know they put in real security if their own skin is on the line.

Some of the documents revealed by Snowden were not powerpoints meant for widespread distribution. BULLRUN, for example, is a heavily protected program, the existence and rough type of which were both compromised by a document that was limited to those read into the program (or parts of it).

Also, remember that if commercial espionage is a policy followed by the NSA, then it will almost certainly turn up here. While I agree that isolated instances of abuses won't be found in these documents (unless as the subject of an IG report), I would expect to find major policies here. If commercial espionage is lacking here, then that absence is evidence - not conclusive evidence, but of significant probative value - that the NSA is not conducting commercial espionage.

I think we should change our law to only give protection for countries that have a similar law. Otherwise, we don't care who bribes who. *That* might inspire them to adopt some anti-bribery legislation. If not, we call them on their hypocrisy showing that bribery is part of business in their country and we won't let our companies be disadvantaged. Of course, then there's whether the law is actually enforced. (shrugs)

It's an interesting idea, but the US view is that the development of rule of law is essential to the growth of a state into a stable democracy. So the US, when possible, does not want to encourage existing corruption; it wants to bring pressure to bear to reduce it.

And here's the thing: the US will go after any company registered in the United States who attempts to bribe government officials anywhere. Just for a taste here is the SEC listing many recent cases. Note that the targets range from Hungarian telecoms to Siemens AG to Total SA. And that's just the SEC listing; the big guns, the DOJ criminal investigations under the same law, can fire with even greater effect.

This actually ties into the US view on commercial espionage as well. The preferred global system in the US view is that of peaceful, trading democracies, in which companies compete on the merits and not on their ability to corrupt governments or be aided unfairly by governments.

FigureitoutMarch 24, 2014 12:01 AM

Skeptical
--Sorry no, not the FBI. I don't want my family to find out (someone may have) b/c this is the most f*cked up thing to ever happen in my life. They have enough to deal w/. The FBI is the primary agency responsible for this abuse. Local law enforcement has never caught any thieves that have hit my family in our neighborhood (I got the suspects myself, and even found a punk hiding in my bushes one night) even though there's drones flying over our neighborhood now. I know the agents but if I launch an attack then suddenly I'm the aggressor, I'm the terrorist; it would be so easy...

I don't blame you for questioning my sanity, I would too. I would want to at least physically talk to someone claiming abuse and do a quick "psyche" check. I would be willing to undergo all the medical testing necessary to determine my sanity (so long as I don't pay for it) to prove to you that no, I'm not having delusions. I have definitely been caused mental harm by these investigations and I just had another flashback (always to when I first detected agents and when I first saw the first physical tampering in my residence; which was around 4 years ago) and I was too angry to post, but was able to get myself under control. My experiments went too far and now these agents investigation has gone too far. The psychological terror they've inflicted on me, it needs to stop. I want the remaining agents to move away from me, and the others to halt their stupid investigation b/c it was an experiment and you won't find my methods and just be wasting your time; I guaran-f*cking-tee it. I don't want agents going around interrogating every aspect of my life either, no more talking to my teachers or coworkers; spreading falsehoods. It all needs to end now! I don't want to see the agents I know anymore!

Here's a weird story, just a taste of the psychological hell these agencies have put me thru. There's an individual that's a D-level tutor at the "MAC" at my school, let's denote him w/ letter "A". I don't know why but he seems to shave his arm hair, hopefully that doesn't signify some other mental condition. Why would someone working for $10/hour drive a black Infinity coupe? Also why would this black Infinity coupe drive around my neighborhood and park at an agent's house many times? As I said before, the underground intel network that is real, gave me prior intel to agent's locations; and I've just got more proof (they just give it to me, as if to tempt me to attack). And lastly, why would this same black Infinity coupe follow me 360 miles to my grandma's house and the occupant in the vehicle bob his head like an imbecile when I look at him on the freeway? As if he has no feelings for the sense of terror he inflicts in the individual he just followed 360 miles away to his "safe zone"; his f*cking grandma's (!) house and my grandma said someone has been going thru her stuff. Which is hilarious b/c it's an absolute mess anyway and there's lots of wasps, spiders, and rats creepy crawling everywhere and the basement looks like a scene straight out of a horror movie w/ axes so I bet that was fun lol.

So please, tell your buddies to call off this stupid investigation if you can. And to the agents reading this, first off f*ck you for being so evil (my experiments if they went far would give pleasure, not pain/torture), and please leave me alone once and for all.

Moderator/Bruce
--I won't bring up the "agents attacking me" topic anymore (at least not initially, if someone else finds out they're being attacked I'll see if the attacks are similar, or moral support). This was the most messed up thing to ever happen in my life, and I want people to know it's real and it could happen to you w/o even knowing it so it's really scary.

Nick P
--Wrong thread lol, but ok. I didn't know if you'd like that. I have questions but I need a few years still before they really mean anything to me. Like the kernel issue (what if no internet access?). Or how emulation of another CPU is more secure (complex coding, no?). It doesn't matter though I guess...I need to see one of these "secure systems" operating w/ my eyes and be able to explore them.

DBMarch 24, 2014 1:09 AM

@skeptical:

sys admins are generally not my end target. My end target is the extremist/terrorist or government official that happens to be using the network
So in other words, if I'm running a web site that serves the public interest (say, a small social networking site), and I'm the sys admin of said site.... It is therefore wholly legitimate and perfectly fine for every intelligence agency from every country in the world to hack into my personal machines
No. Your example isn't relevant as there is no stated connection between your site and foreign intelligence information.

How is that not relevant? If the NSA can rationalize breaking into Google's private fiberoptics between their servers because a "terrorist" MAY be using their service, why couldn't they just as lawfully/morally/etc break into ANY computer anywhere trying to find terrorists? And if breaking into computers is ok, why not front doors too? It is absolutely relevant. Anyone, ANYONE... you... me.. anyone could be a terrorist in their viewpoint, so they have reason to collect all our info and examine it, every single word that everyone says everywhere. Of course they haven't reached the technical ability to examine everything said (nor to read thoughts, sorry tin foil hat), but they're getting surprisingly close to the ability to ingest and algorithmically examine everything communicated via electronic means worldwide (that is in the clear or has poor crypto, and record the strong crypto forever until some future breakthrough or key theft)...

This is not moral. And this is what you are continually promoting, by defending the NSA. That's why I keep calling you amoral. You are promoting that the ends justifies using any means.

@Figureitout

Don't worry, just because you're crazy doesn't mean they're not watching you :)

FigureitoutMarch 24, 2014 2:01 AM

DB
--Ha, you f*cker. And just b/c you follow all laws and are a completely perfect citizen doesn't mean they aren't watching you too...listening to me *I mean* you bone your wife lol :p [Disclosure: I'm not boning your wife, chill out.]

DBMarch 24, 2014 2:15 AM

@Figureitout

just b/c you follow all laws and are a completely perfect citizen doesn't mean they aren't watching you too

Here, this will make you feel better especially his retraction, that makes it all ok :)

I saw the "angry checkout woman" at the grocery store again the other day, she didn't seem to want to argue with me this time, when I told her that I didn't want to use one of those tracking cards (discount "membership" things)... ;)

yesmeMarch 24, 2014 3:02 AM

@Nick P

You are gonna answer yourself a few questions, but the major one is: to POSIX or not to POSIX.

Another major one is: to Internet or not to Internet

Both have serious consequences. They require massive amounts of libraries. But if you don't non of todays software will work.

One more thing. You could look at inferno. They did some really good virtualisation and is based on plan9. If you want hardware abstraction you could use something like this.

@Skeptical

You are still cherrypicking your answers and wraps these up like a spinner. Benni, DB, Clive and others did have some really good arguments.

But all in all the guys in control (Bush, Cheyney, Rumsfeld and now Obama) did bankrupt the USA, made the top 1% a lot richer, made a lot of enemies and dozens of really harmful things more. That's unacceptable to me. No matter how you warp it up.

And if you think terrorism is a really bad thing: The Boston bombings are a farce. Two weeks later the West Fertilizer Company explosion killed lots of people more. And that's no news at all.

I agree with DB when he says this:

We have to protect against overreach right up front. We have to limit law enforcement's actions even under extreme circumstances or we will all just live in the worst dictatorship possible someday. It only goes one way. Downhill. We have to stop the downhill spiral of human rights violations, or the bottom of the hill is where we're all headed.

yesmeMarch 24, 2014 3:25 AM

@Nick P

Of course you are aware that developing an OS is a lifetime activity, with a large possibility of failure. Linus Torvalds only succeeded because at the time there was no good working kernel in the GNU OS. And he just liked it, he loves to argument with other people and he knew from the start what he was doing. He trademarked "Linux" from day one.

Also the license is an issue that needs to be solved (I would suggest to just pick simplified BSD, especially when you only use techniques of which the patents are expired). In Go they solve the license issue rather nice IMO. Of course you could also use the Beerware license (which is no joke btw).

SkepticalMarch 24, 2014 6:35 AM

@DB: How is that not relevant? If the NSA can rationalize breaking into Google's private fiberoptics between their servers because a "terrorist" MAY be using their service, why couldn't they just as lawfully/morally/etc break into ANY computer anywhere trying to find terrorists? And if breaking into computers is ok, why not front doors too? It is absolutely relevant. Anyone, ANYONE... you... me.. anyone could be a terrorist in their viewpoint, so they have reason to collect all our info and examine it, every single word that everyone says everywhere.

I am talking about the story in The Intercept, in which the NSA penetrated certain parts of Huawei in an effort to collect foreign intelligence information about the PRC.

Not terrorists. Not a blind collecting of all data.

If you want to discuss OTHER things that have been reported, such as what you've just mentioned, that's fine. In that case we'd need to talk about the value of the intelligence at stake in proportion to the invasion of privacy, or other harm, that occurs; sometimes the intelligence collection, in my view, may not be justified. But, again, to emphasize, I am talking about whether it is justified in this case.

THIS thing being reported is what I'm talking about. The justification for this particular intelligence collection is something I have already addressed, but which I requote below.

If you disagree with the intelligence operation in this case please state why.

@yesme: And if you think terrorism is a really bad thing: The Boston bombings are a farce. Two weeks later the West Fertilizer Company explosion killed lots of people more. And that's no news at all.

How can I make this really clear?

What I am talking about here has nothing to do with fears of terrorism. Let me requote what I said to Figureitout about the importance of collecting intelligence against the PRC above:

The concern about China from a foreign policy perspective is that as it continues to build militarily it will use its power aggressively in East Asia with respect to various disputes it has with other nations in that region and especially in connection with Taiwan.

This type of expansion has the potential, at some point, to cause a serious conflict.

Because China is not a democratic country, and because authority in their government, particularly with respect to the connections between the military, the Chinese Communist Party, and the government, is opaque, and because China publishes very little accurate budgetary information concerning their military spending, the US, and every nation in that region, is concerned about the potential for miscalculation and conflict in the future.

While the US prefers that China continue to become a part of the international system, trading and co-existing peacefully with its neighbors, history teaches us that such an outcome sometimes fails to occur.

Therefore the US has walked a careful line with its allies in that region, seeking to engage China in productive relations while at the same time both deterring China from being too aggressive and preparing for various contingencies.

Intelligence collection is a hugely important part of the effort to successfully help China integrate into the international system while avoiding conflict (but while preparing for that contingency should it occur). Because China is still a very closed society politically, visibility into the political thinking of the various parts of its government is difficult. So good intelligence collection is necessary to avoid a misreading of PRC intentions or plans. Misperceptions by the US or the PRC in this area could have grievous consequences.

Let me put it more bluntly. Good intelligence collection in China is part of what will enable the US and China to avoid a war in the future (or, if it does occur, it's part of what will enable the US to win while limiting damage). So it's pretty damn important; and therefore it's outrageous that this was compromised by Snowden.

Neither the US, nor anyone else, can afford for the US to NOT collect intelligence on China. This is an incredibly dangerous place (for the US and allies, AND for China) for the US to lack visibility.

Do you know what a serious topic of discussion is right now among the foreign policy community? Whether the current period in East Asia is analogous to the 1920s in Europe (with some pretty big qualifications, since there are obviously a lot of differences) in the respect that you have a rising power without a democratic government, a lot of territorial disputes between that rising power and its neighbors, and a lot of old enmities between nations in that region.

In other words, whether things in East Asia transition to a new, good status quo, or whether they evolve into a much more tense situation fraught with the possibility of miscalculations and conflict, is an open question.

This isn't about Cisco vs Huawei. It's about something much, much bigger, and much more important. And that's why I'm especially disturbed by this leak.

I'm truly sickened that Snowden chose to expose this operation to journalists and activists across the planet, especially as he knows full well that it is possible for a story like this to ultimately compromise, or render useless, sources and methods still in active use. And I'm disgusted by the decision of Der Spiegel and the NYT to publish a story on the matter (I've written them both scathing letters, and no doubt the NYT is taking my threat to cancel multiple subscriptions very seriously ;) ).

BenniMarch 24, 2014 7:00 AM

@Skeptical:
The quote here is extremely misleading. Woolsey is talking about intelligence agencies revealing payments of bribes to foreign officials,


No. If you would have read the entire links I gave you, then you would find how the nsa defines "bribery".

Tadaa we have a new nsa wordgame:

"Bribery is when the us have a lower priced and better product, but loose the deal"

To quote from
http://www.heise.de/tp/artikel/7/7752/1.html

From this testimony and other documentary sources, it is clear that the "levelling the playing field" policy on economic intelligence collection permits a far wider definition of "unfair competition" than the special case of bribery and corruption. During 1994 and subsequently, intelligence became a major factor in U.S. trade promotion. According to one study:

The U.S. intelligence community, including the National Security Agency and the CIA, had been plugged into a big room on the third floor of the Commerce Department's headquarters.[40]

The same report quotes from a secret Department of Commerce report claiming that, by 1994, the U.S. "may have lost as much as $40 billion through bribes by foreign competitors".


The stated criterion for measuring bribery was "based on cases where the U.S. company lost in situations where it had a better product at a lower price than competititors. The details of the study remain secret".[41]


Well, you can see this definition of "bribery" makes no sense what so ever. Prefering a local product, even if it is higher priced, can have various reasons. For example, people may simply trust their local vendor and manufacturer more than a foreign one. Then, on the technical side, maintenance work and repairs might get easier, if the manufacturer is a local one. There also might be a certain patriotism involved, as in the us, where US products are preferred over foreign ones. And finally, often a the business decision is involved with politics, e.g there are political subventions, since it was the decision of a parliament, to e.g. strengthen the telecommunication infrastructure, or building more power stations that are driven by wind energy. In these cases, the politicians who give the money might have in mind that if the contracts are given to a local vendor and manufacturer, more local people get employed. For all these reasons, a foreign us company might not get the contract even if it has a better product at lower price. But the reasons above for such a decision do not have anything to do with "bribery". Even though the nsa "definition" of "bribery" applies there.

Finally, the nsa definition of "bribery" includes the word "if the us had a bette product". Now how does the nsa define, what is "a better product from US firms" in their eyes. As nationalistic as the nsa guys are, I would not be surprised if they think an US product is always better than a foreign product. Then, it would always be "bribery" if the us loose some contract. Then, the poor US, which looses so much money because it is literally "always" "cheated" by people who "bribe", so it has no other option than to start a bulk collection and mass surveillance, just to get information on every business deal in the world. All this just in hope of a world free of "bribing", (that means, in nsa terms, a world where us companies win all contracts).


BenniMarch 24, 2014 9:04 AM

Ah and by the way, this is a spiegel revelation, that shows the german secret service BND not only collects all internet communications that goes to or comes from foreign nations, (mostly the BND listens on the internet interconnection point DE-CIX, and has bugged 25 german providers), but BND also collects data from german providers like 1&1, Freenet, Strato AG, QSC, Lambdanet und Plusserver, that almost only route traffic within germany, even if the BND is not allowed to collect this material:

http://www.spiegel.de/spiegel/vorab/bnd-laesst-sich-abhoeren-von-verbindungen-deutscher-provider-genehmigen-a-926221.html

It also mentions that the providers threatened to cut the BND listening splices, since the security letters from the secret service often came weeks later.

SkepticalMarch 24, 2014 9:11 AM

@Benni: What are you talking about? Bribery means the undue giving of something of value to a public official in exchange for an official action by that official. There is no "special NSA definition" of bribery, and the revealing of foreign corruption isn't a policy set by the NSA.

Woolsey is talking about instances where a company buys off an official in order to win a bidding contest. If the US has evidence of that corruption, the US would go to a high level of the foreign government and point out the bribery to the foreign government.

You're criticizing the methodology of a study, not what Woolsey is talking about. If you want to look at studies of the magnitude of foreign bribery, there are plenty available. The OECD produces an annual report, I believe.

Clive RobinsonMarch 24, 2014 10:15 AM

@ DB, figureitout,

Whilst the ford bod is telling the truth --probably-- in all respects as far as he sees it, he probably does not see the whole picture as clearly as he might...

I'll give you an example,

I'm aware of a company in Europe that was developing a system to build up traffic flow information that could be sold to various organisations such as district authorities for stratigic planning and to see if changes made had the expected or unexpected impact etc.

The system worked in co-operation with mobile phone service providers and worked by "following the handover" information.

One of the objectives was to make anonymous the information to comply with the strictest of EU legislation and this is quite difficult.

Because to track traffic flow in sufficient accuracy and over a sufficient distance to make the data of sufficient use you have to be able to track an individual journy from begining to end in your coverage area, which for many means their entire journy from start to finish. To do this requires tracking of either the phones electronic serial number or the SIM electronic serial number or both depending on how the mobile phone service works.

Now whilst it's fairly simple to anonymize such a serial number (encrypt it or use a lookup table with random replacment identifier) it's very much harder --if not impossible-- to anonymise the repeate journies made day after day at more or less the same time of day without destroying the value of the data. Likewise anonymising how people travel, that is "car shares" and public transport such as busses coaches and surface trains.

However even what appears on paper to be fairly simple can in fact be frought with problems. Take the simple case of just anonymizing the serial number, on the face of it providing a random number instead is "trivial", well it's not.

If you look at a city like London there can be an ingress and egress of over 6million people into a relativly small area (look up "Zone 1" covarage on the "Transpor for London" web site).

Realisticaly 6million people is going to make a near impossible to use "lookup table" for various reasons but lets assume not for a moment.

The anonymising table is "one-to-one" in that the primary key is the electronic serial number which maps to a "random but unique" number used as the identifier in all other tables in the system. One of which id the event log which is a time ordered record with the following entries,

    Time,RanID,Event,CellLoc.

Where "Time" is a very precise time an event happens, the RanID is the --supposadly-- anonymised electronic serial number, the event type is in Event and the CellLoc is the geographic information of the cell tower or position of the mobile phone.

On paper it looks OK as while it appears that the phone serial number is anonymised, you have to think carefully.
The problem is "How do you generate RandID?" Bearing in mind it has to be "unique" not to an event but a sequence of events which constitute a journy through/in the coverage zone.

Realisticaly you are going to have to use a determanistic process of some kind, preferably one that does not involve looking through a 6million entry table. Further you don't want to be using "true random data" as this is both expensive and unreliable, so you need some kind of crypto system which still does not involve a look up table.

One simple way is just to use a one way hash of the phone serial number, but not only would a "rainbow table" attack work against it, it would be a time invariant simple substitution that would always mape the same way day after day month after month... Which would not in any real way forfill the requirment for anonymization...

So the next idea is to have a time related "salt" but this has the problem that journies in progress will need to keep their old salt value untill finished. This has a number of issues like deciding when a journy is finished and keeping as a minimum the "oldest current" journy time start on "the new salt" so you know when the salt can be updated, howeer this generaly causes problems that are most easily solved with a "mapping table" which quickly becomes unwieldy or problematical.

But that asside is the question of how big the salt should be and how it is generated and how determanistic it is.

What happens is that you either end up "going down the rabbit hole" of steadily more complex methods or you just say "lets go with what's software simple and looks secure on paper but most probably is not".

One trick is to make your base random number jenerator be something such as a BBS generator which is theoreticaly secure (as long as you don't know what the primes are).

As a system designer you tell "managment" you are using a "known to be secure theoreticaly random number generator" and they will in all probability belive you especialy when you show them papers etc and walk them through a few simple examples "to show them".

But can you realy trust that some one during development has not kept one of the primes or knows how to find it simply?

To see all sorts of similar tricks that can be used to "finesse managment" and many others (ie NSA on NIST) have a look at the work of Adam Young and Moti Yung (or their book, "Malicious Cryptography: Exposing Cryptovirology.")

BenniMarch 24, 2014 10:54 AM

@Skeptical:

No, the "study" in question just takes over the official definition of "bribery" as it is used by the american Department of Commerce,

this government agency apparently thinks that bribery is measured by "cases where the U.S. company lost in situations where it had a better product at a lower price than competititors.

And in the office of this agency, the cia has one of its offices. For this reason, the definition of bribery used by whoolsey can be assumed to be equal to the definition of bribery as given by the american Department of Commerce.

But lets look into a more concrete case from

http://www.heise.de/tp/artikel/7/7752/1.html

Declassified U.S. government documents show that the role of the intelligence agencies in the work of the Department of Commerce has been more extensive than is officially admitted by the U.S. government.

Early in 1994, Under Secretary Garten told a Washington meeting that the government was working on strategies for so-called "Big Emerging Markets", where a special effort would be made.[46]

The first country to be studied was Indonesia. Noting that "we have been surpassed by both Japan and the European Union as Indonesia's major trading partners", Garten reported that he had set up "an Interagency Working Group on Indonesia [...] [we are] beginning to create a commercial strategy for that country". He added:

"Once the country strategy is finalised through the TPCC process the Indonesia Working Group will turn to developing ways to ensure the effectiveness of the strategy".

Six months later, documents show that the CIA was intimately involved in this process. Declassified minutes of the Trade Promotion Co-ordinating Committee from 1994 show that the CIA's role in drumming up business for the US was not limited to looking for bribery, or even lobbying by foreign governments.


Minutes and distribution lists for meetings held in July and August 1994 show that at one meeting of the TPCC Advocacy/Finance Subgroup, 5 of 16 attendees were CIA officials. Three of them worked in the Office of Intelligence Liaison. The most senior, Bob Beamer worked at CIA headquarters. The minutes record that the CIA headquarters official was concerned with potential "primary competitors" to the U.S.:


"Bob Beamer suggested that any primary competitors known to the group for these projects should be included as background information [...] the matrix should be For Official Use Only"[47]

These papers were obtained under the Freedom of Information Act because of concerns that a senior Department of Commerce official who also attended these meetings allegedly had undisclosed financial links to a major Indonesian company. Details were published in 1996.[48] By this time, following revelations in the UK, the "Office of Intelligence Liason" had been renamed the "Office of Executive Support".[49] It remained, however, "a high-security office located inside the Commerce Department [...] It is staffed by CIA officials with top-secret security clearances and equipped with direct links from US intelligence agencies".[50]

The potential inputs to this system include data gathered at European NSA stations. For example, former London-based military intelligence attaché Colonel Dan Smith regularly received Comint product from Menwith Hill, while working at the U.S. Embassy in London until 1993. In 1998, he told the BBC that at Menwith Hill:

"In terms of scooping up communications, inevitably since their take is broadband, there will be conversations or communications which are intercepted which have nothing to do with the military, and probably within those there will be some information about commercial dealings [...]

Anything would be possible technically. Technically they can scoop all this information up, sort through it and find out what it is that might be asked for".

In December 1996, the U.S. power companies Enron, General Electric and Bechtel, concluded the first of a series of contracts worth $2.5 billion to build a large new power station at Dabhol, about 100 miles south of Bombay, India. CIA information was allegedly used to help win the contract:


"Working just behind the scenes, as it often does these days, was the Central Intelligence Agency, assessing the risks of the project and scoping out the the competitive strategies of Britain and other countries that want a big chunk of the Indian market".[53], [54]

A second contract said to have been won with CIA support was he sale of an electronic surveillance system for the Amazon Basin, called SIVAM. As a result of this, the Raytheon corporation had beaten Thomson CSF. According to this report:

"Commerce lobbied [the] Brazilian Government, cleared red tape and enlisted help of CIA [...]


As the competition reached a fever pitch, the CIA came in with reports that the French were offering large bribes to Brazilian officials with influence over the decision. 'This was really brazen under-the-table stuff, and we had to counter it,'" one senior government official familiar with the deal said. American officials made it clear to Brazil's leadership that they knew what was going on, and -- based partly on data the agency gathered -- matched France's financing terms [...]

President Clinton wrote a letter backing the American bid. The pressure worked. 'This blew away the French,' said one American official who was eager to cite the case as an example of the C.I.A.'s utility in the economic sphere"[55]


A further report was published by the Washington Post a week later. The report referred to two other major contracts lost by France, a Saudi Arabian order for Airbus and military supplies and services in January 1994, and an Indonesian order for satellites that went instead to Hughes. Regarding the Saudi Arabian contract, there had been:


"A high-pressure campaign waged by the American government [which] persuaded the Saudis to give the entire airline contract to Boeing and McDonnell Douglas. Washington had employed its vast intelligence network - including CIA agents and, according to one source, the international eavesdropping capabilities of the National Security Agency - to sniff out French bribes and generous financing terms"[56]


The alleged role of Echelon stations (not yet known by that name) in these events was first reported by NBC TV in May 1995. Reporter Mike Jensen said that relevant telephone calls and faxes had been "intercepted at secret US intelligence sites in Hong Kong, and Yakima, Washington, and Great Britain, yielding telephone conversations and the crackle of fax transmissions and financial data - evidence of bribes".[57] The report added:

"Analysis is done at CIA headquarters, where a new era in spying has quietly begun - finding out which foreign companies and countries are going under the table to win international business contracts - contracts which otherwise could go to US companies".
[58]


The report included filmed views of the Advocacy Center offices, with the comment that "intelligence [...] funnels into this trade-war room". The programme reported that unspecified sources had provided details of three major contracts where "high-level whistle-blowing has helped US companies win [...] contracts":


a $6 billion airliner and military sale to Saudi Arabia
a $300 million Hughes telecommunications contract with Indonesia
a $1.4 billion Raytheon surveillance system contract with Brazil


Senator Arlen Spector, chairman of the Senate Intelligence Committee Chairman told NBC:

"It is definitely in line for the CIA to help the American competitor"

Of course, even given this detailed information, Skeptical will insist that the nsa and cia never gives any data to us companies, never does economical, industrial espionage, and all what they are doing is hunting terrorists and bribers.

Nick PMarch 24, 2014 11:09 AM

@ Skeptical

"Some of the documents revealed by Snowden were not powerpoints meant for widespread distribution. BULLRUN, for example, is a heavily protected program, the existence and rough type of which were both compromised by a document that was limited to those read into the program (or parts of it)."

I could clarify the statement to say documents about intelligence capabilities that were distributed to many people. That many people received them increases the risk for anyone putting evidence of crimes in the documents.

"I would expect to find major policies here. If commercial espionage is lacking here, then that absence is evidence - not conclusive evidence, but of significant probative value - that the NSA is not conducting commercial espionage."

I disagree and expect the opposite. The reason is that almost all of these documents are all about *capabilities.* They're the kind where they say "we have tools to do X." These are not mission documents or policy directives. They might include some policies regarding the tools themselves. Yet, I wouldn't expect to see more in powerpoints about tools because such things are usually in different documents.

Not to mention including highly classified mission details in a document about tools would be a security breach. Most people receiving the document have no need to know about those mission details or risky policies. This is what I was implying by "widespread distribution." It was a bad term, but what I meant was wide relative to the tiny group cleared for the mission details.

Bottom line: there's no way they'd be in these PowerPoints. Also, Snowden may or may not have been cleared for such a program. USAP's, in particular, tend to have dedicated equipment, personnel, etc to maintain isolation of their activities. Such measures can be taken without a USAP running if somebody high up wants a secret personal project. It can be done within the organization itself using its own resources.

So, although the absence of it is interesting, it leaves us with two possibilities: (a) it's not happening (status quo); (b) it was done in an isolated program. If it's happening, I think 'b' is how they'd do it as they can keep number of witnesses to a handful of their most loyal people. They could even outsource the COMINT of it to a private party so they could legally say "they" weren't doing it & have extra legal shielding private sector gets. Many defence contractors exist that already payoff both politicians and Pentagon's contract deciders to get a steady stream of profit. I'm sure one of them would have some people that would spy on a few key politicians and judges to "ensure America's continued military strength," while receiving generous compensation.

It's happened before. Hoover is our best precedent. He also needed more people than my scheme requires. A modern Hoover with NSA tools could do way worse than we've seen with few ever knowing it. That's why I'm for *much* stronger controls.

@ Figureitout

The secure systems are in many of the papers I gave you. What they were secure against and their assumptions vary. Yet, how they work is clearly in there. Having one in front of you would just give you a minimal, ugly, and somewhat annoying machine to work on. I assure you there's no fun in that.

SkepticalMarch 24, 2014 11:25 AM

@Benni: On the definition of bribery, you're confusing how bribery is defined and how the Department of Commerce tried to quantify American losses due to bribery in 1994.

The concept of bribery is what one would expect, and can be found in the US Foreign Corrupt Practices Act and in the OECD Anti-Bribery Convention. Additional information can be found on this Commerce Department page discussing transparency and anti-bribery policies, resources, and statements.

The 1994 study you referenced apparently tried to quantify the dollar value that American businesses had lost due to foreign bribery. It's focused NOT on whether bribery occurred, but whether a US company lost business a result of the bribery. This is a tricky thing to measure, since even if a foreign company wins a contract through bribery, that doesn't mean that an American company would have won if no bribery had occurred. The source you quoted seems to think that the Commerce Dept determined that a US company had lost business when a bribe had occurred and a clearly inferior product won the contract.

The Commerce Department page I linked you to above should contain ample description of the meaning of bribery as used by the Commerce Department in this context.

As to commercial espionage, all of the specific examples in your comment are cases where US intelligence was used to inform the foreign government that one of its official was taking bribes from a company. Those aren't cases of commercial espionage.

Let me know if you come up a single instance of the NSA conducting commercial espionage. I'd love to see one, and discuss it.

DBMarch 24, 2014 11:36 AM

@Skeptical

I am talking about the story in The Intercept, in which the NSA penetrated certain parts of Huawei in an effort to collect foreign intelligence information about the PRC.

You can't separate the stories like that. They are all related. The one in The Intercept talks about an example of how they do it (by hacking innocent-bystander individual sysadmins) and the other one in Spiegel/NYT gives a single example of who they've done it to (Huawei). You put them together to get a better picture of what's really going on. Also you put it together with other stories, like Petrobas, Belgacom, even Google and Yahoo!! Then you see that they are hacking and stealing from innocent bystanders for all sorts of reasons, and it's "perfectly legal" because they're "foreigners" or it's "not on US soil"... Which means foreigners generally don't have rights, as if they were less valuable humans or something, like slaves. This is wrong and immoral, and you are still an amoral person for promoting it by defending the NSA.

SkepticalMarch 24, 2014 12:09 PM

@Nick P: They're the kind where they say "we have tools to do X." These are not mission documents or policy directives. They might include some policies regarding the tools themselves. Yet, I wouldn't expect to see more in powerpoints about tools because such things are usually in different documents.

The story just published in Der Spiegel and The New York Times was about a project proposal to penetrate Huawei. Snowden showed the South China Morning Post details of various operations. And we've seen numerous other documents describing targets of interest, particular systems of interest, and various types of intelligence of interest.

If commercial espionage is policy for the US Government, then it will not appear only in a particular operation, but will appear in documents describing US policy and directives; it will also appear in discussions of strategy, tools desired, and intelligence needed, to support that policy.

But, at least based on what we've seen (and sure, we don't know what we don't know), those things aren't there.

Not to mention including highly classified mission details in a document about tools would be a security breach. Most people receiving the document have no need to know about those mission details or risky policies. This is what I was implying by "widespread distribution." It was a bad term, but what I meant was wide relative to the tiny group cleared for the mission details.

Well, the documents taken weren't just limited to capabilities, and I'll just point to what I said above about the policy vs particular mission distinction.

Also, Snowden may or may not have been cleared for such a program. USAP's, in particular, tend to have dedicated equipment, personnel, etc to maintain isolation of their activities. Such measures can be taken without a USAP running if somebody high up wants a secret personal project. It can be done within the organization itself using its own resources.

This goes to possibility, but not probability. We can always keep walking around compartmented programs and say that what we're looking for is just beyond the next NDA.

Snowden clearly had access to multiple credentials, not simply his own, and used them access a wide variety of programs. The DIA report placed his access at 1.7 million documents. It's not broken down by number or type of programs, and I believe all we know via anonymous sources is that he was unable to access ECI compartments.

I'm not saying that it's impossible that these programs are somewhere that Snowden couldn't get to.

What I am saying is that he had access to quite a few highly classified programs, and if commercial espionage isn't in there, then that raises the probability that the US Government doesn't engage in it (which would be consistent with stated policies, results of congressional investigations, and various declassified discussions about the subject, over the last few decades).

So, although the absence of it is interesting, it leaves us with two possibilities: (a) it's not happening (status quo); (b) it was done in an isolated program. If it's happening, I think 'b' is how they'd do it as they can keep number of witnesses to a handful of their most loyal people.

Well, that's the number he was able to access using all credentials obtained.

And some of the programs he came across, such as Bullrun, sound extremely sensitive.

So it's not conclusive, but I think a sampling of that many documents, with some credentials apparently able to reach documents about programs like Bullrun, is a meaningful test of the proposition that the US conducts commercial espionage as a policy. When it comes up negative, this should have an effect on our assessment of the probability.

SkepticalMarch 24, 2014 1:08 PM

@DB: This is wrong and immoral, and you are still an amoral person for promoting it by defending the NSA.

You're proposing an ethical rule that would prohibit intelligence agencies from trespassing on private property in order to collect intelligence. As a moral absolute, I have to say that I think such a rule is silly in the extreme.

To the extent intelligence operations cause harm, including by intruding into a person's privacy, that harm should be weighed against the value of the intelligence sought.

This means that not all invasions of privacy are justified, but it means that some of them are. And breaking into Huawei to gain an understanding of the PRC is clearly a justified one.

You may disagree on it, but I'd suggest that's because you haven't learned how important intelligence about the PRC is to the security of a large number of democratic nations.

DBMarch 24, 2014 1:42 PM

@Skeptical

You're proposing an ethical rule that would prohibit intelligence agencies from trespassing on private property in order to collect intelligence. As a moral absolute, I have to say that I think such a rule is silly in the extreme.

Not exactly. I'm saying that if the BILL OF RIGHTS lists certain human rights that Americans have.... maybe we should treat FOREIGNERS like humans too, instead of our slaves.

So if Americans have a right to a trial, foreigners should have the same rights (instead of being held indefinitely in Guantanamo Bay). And if Americans aren't supposed to have their "papers" searched and seized without probable cause, maybe foreigners should have the same rights.

From the perspective I'm looking at, it's not about "intelligence gathering" it's about are we human, or not. And should all humans have rights, or be slaves to other humans.

Saying the Bill of Rights (or something like it) only applies to Americans is wrong and immoral, yet that's exactly how they justify virtually invading, stealing, and digitally attacking everything not on American soil. And that's what you're supporting by supporting the NSA. You're supporting the slavery of the rest of the world to us as superior beings.

BenniMarch 24, 2014 1:56 PM

@ Sceptical:
"Let me know if you come up a single instance of the NSA conducting commercial espionage"

Look on this report from the european parliament,

www.fas.org/irp/program/process/rapport_echelon_en.pdf

On p. 102, it reads:

There are some cases of industrial espionage and/or competitive intelligence which have been described in the press or in the relevant literature. Some of these sources have been analysed and
the results are summarised in the following table. Brief details are given of the persons involved, when the cases occurred, the detailed issues at stake, the objectives and the consequences.

It is noticeable that sometimes a single case is reported in very different ways. One example is the Enercom case, in connection with which either the NSA, or the US Department of Commerce
or the competitor which took the photographs is described as the 'perpetrator'.


Then there follows a large list of business deals, where the us are accused of purely economical espionage.

And note, please, I have already been come up with links to detailed reports from snowden files that are about the monitoring of the german company SAP, which is a competitor of oracle, making nothing else than business software, and certainly obeys german law.

And please, we also had the reports of nsa targetting Petrobras, which is an energy company. Snowden wrote to the european Parliament that "It would be the first of a long list of US energy targets...."

what does sceptical call the "Monitoring of energy companies"? Do you think foreign energy companies must be monitored because one can assume they bribe? Or do you thing energy companies are training terrorists?

Going after these companies is nothing else than pure economical espionage.

But I overlook that skeptical is already playing nsa wordgames, by not counting the stealing of Huawei sourcecode as "industrial espionage.". Huawei is part of the computer industry. Spying on Huawei therefore is purely industrial espionage

Finally, to quote from http://www.heise.de/tp/artikel/7/7752/1.html

It is worth examing in more detail those specific cases where the use of economic intelligence has been alleged to have played a role.[72], [73]

In summary, the contracts and interventions referred to above are:
Date Country/subject Sector Value ($ million) Defeated country
1991 Syria (Homs) Electric power $500 Japan
1993 Indonesia Hughes satellites $300 France
Jan 1994 Saudi Arabia Aircraft, supplies $6,000 France
Jul 1994 Brazil Environment 1 $1,400 France
Dec 1994 Indonesia (Paiton) Electric power $2,600 Not known
Dec 1996 India (Dahbol) Electric power $2,500 UK and others
1993 GATT Trade negotiations N/A France
1995 Vehicles (cars) Emission standards N/A Japan
N/A Vehicles (cars) Luxury vehicle imports 2 N/A Japan
1997 APEC conference Economic negotiations N/A Not known


The contracts listed total more than $13 billion. Thus is 9% of the proclaimed total of trade won by the U.S. during the period.

This is what we fight against! Shutting down the nsa bulk surveillance would cost the USA billions and billions of dollar.

This must be kept in mind, when one is asking for an end of the bulk nsa surveillance.

How in earth will a socially enganged man like Obama take the risk of shutting down an intelligence program that gives american companies billions and billions of dollars profit?

In fact, when obama meed the bosses of facebook and google, I somewhat fear that he offered them a deal like, say

"well, we have this government advocacy cente. I know that google has a weak position in china. There is this chinese search machine, called "baidu"... You could profit from our bulk surveillance program much more, as you do it now. We do lots of monitoring in china, same amount as we do it in india, where we placed in both countries the fourth highest number of bugs in the world, right after Afghanistan, Pakistan and Saudi Arabia. So we could give you all information on baidu from our advocacy centre. Just shut up about our bulk collection practice"


BlobMarch 24, 2014 2:35 PM

Bruce, per your squid article:

Why? The same reason pacific starfish populations are collapsing and washing onshore, and the same reason I don't eat pacific seafood: cesium 137 amplification in the food-chain and take-up. Tuna off the US coast has been found to be contaminated.

two words: Fukushima and meltdowns

DBMarch 24, 2014 2:54 PM

@Skeptical

After thinking about this more, I have more to say:

By saying that I'm promoting treating all humans as equals that have rights, the outcome of that could end up being an "ethical rule that would prohibit intelligence agencies from trespassing on private property"... But if that were to happen, it would only be because that's the right thing to do, not because I want to limit intelligence per se.

I can understand a desire to "gather intelligence" at all costs, to avoid/win a future hypothetical WWIII with China. But how we win/avoid such a potential war is just as important as the fact that we do. If we throw away all our ideals/morals and attack them using the very same methods we accuse them of immorally doing to us, then we are no better than they are. If we win that way, what have we won? We've won the right to transform our country into theirs? That doesn't sound like winning to me, that sounds like losing.

We can't promote "might makes right" or put another way, "power comes from the barrel of a gun" (Mao Zedong). No, we have to promote human rights and ideals, things like equality and justice, truth and honor. And we have to win by playing inside these ideals.

Do not think that we can just give up our ideals temporarily in extreme circumstances, and then take them back up after the emergency is over. It doesn't work that way. Giving up morals and ideals is basically permanent. They're practically gone for good. We have to love them and keep them and cherish them and protect them... even in extreme circumstances. Otherwise, there's no use in winning, we have nothing worth fighting for in the first place.

So let's fight for what's right, instead of just fighting to crush our enemies.

yesmeMarch 24, 2014 3:08 PM

@Skeptical,

The concern about China from a foreign policy perspective is that as it continues to build militarily it will use its power aggressively in East Asia with respect to various disputes it has with other nations in that region and especially in connection with Taiwan.

This type of expansion has the potential, at some point, to cause a serious conflict.

Let me put it more bluntly. Good intelligence collection in China is part of what will enable the US and China to avoid a war in the future (or, if it does occur, it's part of what will enable the US to win while limiting damage). So it's pretty damn important; and therefore it's outrageous that this was compromised by Snowden.

Who is the biggest aggressor of the world, by far, since WW2? Let me answer that question: The USA!

Do you really believe you can have a limited war against China??? Let me anser that question also. Think about Germany, WW2, and the USSR. Do the math please. I will give you a hint. Quantity is a quality too.

Who are gonna be your allies? Russia? India? The EU? Why would anyone help?

Your country is bankrupt. Who is gonna pay the soldiers salaries? China?

You should better thank Snowden so that he makes it a bit harder for making the mistake of going to war against China. A war that the US is never ever gonna "win".

Because China is not a democratic country, and because authority in their government, particularly with respect to the connections between the military, the Chinese Communist Party, and the government, is opaque, and because China publishes very little accurate budgetary information concerning their military spending, the US, and every nation in that region, is concerned about the potential for miscalculation and conflict in the future.

Well, the USA is some sort of a democracy, but that didn't prevent some gigantic mistakes, such as wars. And you still know that the USA has, again by far, the largest annual military budget in the world.

yesmeMarch 24, 2014 3:17 PM

@DB

Btw, your answer makes way more sense than mine.

You are absolutely right.

KnottWhittingleyMarch 24, 2014 3:40 PM

Skeptical:

If commercial espionage is policy for the US Government, then it will not appear only in a particular operation, but will appear in documents describing US policy and directives; it will also appear in discussions of strategy, tools desired, and intelligence needed, to support that policy.

But, at least based on what we've seen (and sure, we don't know what we don't know), those things aren't there.

There's policy, and there's policy, and then there's policy.

The history of illegal operations in the intelligence community shows that there's a rough hierarchy of policies, with publicly-stated policies, internally widely known policies, internally compartmentalized policies, and highly compartmentalized policies.

I would assume that the latter exist---they pretty much always do, don't they?---and strongly guess that Snowden did not have access to the kind of documents where highly compartmentalized policies are expressed, if indeed they're written down at all.

The kind of infrastructure the NSA has built makes it easier than ever before to have super-secret policies and for a very few people to know about them, wielding a few major levels of automated power.

It would only take a few witting people to do some amazing spying on a fair number of individuals and corporations, with major effects, for good or for ill.

You often seem to assume that we know the worst. I assume, or strongly guess, that we don't.

I think there's stuff that the President of the United States and the oversight committees would be very surprised by, because civil servants in the intelligence community do not trust politicians any more than other people do, and often less.

There's other stuff that the President knows, but the oversight committees don't, and I'd guess some that certain people on the oversight committee know---e.g., Mike Rogers---that they choose to share with others (e.g., Wyden or even Feinstein) or with the President.

If you think that the intelligence community follows its formal compartmentalization, and always informs the people up the official "chain of command," you might want to talk to Jimmy Carter. (Or pretty much any President. They all end up complaining about not knowing what's really going on at CIA, etc., though they get varying degrees of cooperation.)

Or ask anybody from the intelligence community who's been on the losing side of an internal power conflict, e.g., between the actual intelligence people and the covert action people, or the various factions within factions.

We're talking about a vast bureaucracy that's political at every level and in every sense, veiled in secrecy.

To me, it seems inevitable that what we can see, even with Snowden's revelations, is not the worst, and does not even reveal real nitty-gritty policy. A lot of it is internal PR, almost as deceptive as the external PR.

Any statement that "we don't do x" should be interpreted in that light---whatever x is, they likely do it, but they don't want so many people to know that the secret is likely to get out.

To assume otherwise is to assume that these people have no sense of operational security at all. Deep secrets aren't put on NSAnet for random analysts or Snowdens to get access to. They're closely held by people in small cells, who can be explained away or disavowed as rogues if they're caught and outed, even just "internally."

We're talking about spies here, after all, and mostly not extremely stupid ones. Presumably most of them know better than to write things down and circulate them if they'd be controversial within the organization. They live and breathe "deny everything, admit nothing, and make counter-accusations." That presumably pervades their internal documents as well as their external PR. How could it not?

As for their vaunted ability to police themselves without public scrutiny or intense congressional scrutiny or adversarial judicial processes, I have to ask this:

Just how many foxes does it take to guard the henhouse?


BenniMarch 24, 2014 4:05 PM

The guy who demonstrates every now and then before germany's nsa complex

https://www.facebook.com/daniel.bangert.1

publishes the following text from the US military police:

"The US military police kindly asks not to participate on the demonstration before the dagger complex".

Well, they may have jurisdiction within the fenced complex, but around it, it is german law that matters, and this reads that "all germans have the right to peacefully meet anywhere under the free sky. "

The german authorities already allowed the demonstration. So, as long as no weapons are involved, or as nobody crawls over the fence of the nsa complex, the nsa can complain as they want, and is not allowed to do anything about it. The local german police is there to protect the rights of the demonstrators, in case the spies would be getting angry.

All actions of nsa spies must be carefully documented. So bring your cameras, when you join the demonstration

https://www.facebook.com/events/510855025700760/
Start is next saturday on 29.03 at 15.00pm at "Griesheimer Marktplatz"

SkepticalMarch 24, 2014 5:35 PM

@Benni: I addressed the national security reason for collecting intelligence Petrobras above.

Can you respond to those points? Once you do that, I'd be happy to address your other points (none is an example of commercial espionage, I'm afraid).

Here is why an intelligence service might be interested in Petrobras for reasons having nothing to do with commercial espionage:

Petrobras is a state owned petroleum company. It is intricately intertwined with the Brazilian Government, and an analysis of Petrobras, and key figures within, can inform a broader analysis of the Brazilian Government and of the Brazilian economy. The current President of Brazil, for example, sat on Petrobras's administrative council during her prior position in the Brazilian Government as home secretary.

To give you an idea of what kinds of things can happen inside that company, in the past week prosecutors in Brazil opened a bribery case against Petrobras officials, a Brazilian newspaper exposed Brazilian President Rouseff's involvement (prior to becoming President) in a questionable oil refinery acquisition, and another Petrobras official was arrested for money laundering.

So if you're curious about where the Brazilian Government might be heading in the future, knowing about what's happening within Petrobras can be important.

SkepticalMarch 24, 2014 6:07 PM

@DB: No, we have to promote human rights and ideals, things like equality and justice, truth and honor. And we have to win by playing inside these ideals.

As I've said before, whether an intelligence service should intrude into an area of privacy depends upon the value of the intelligence sought and the harm the service commits by undertaking that intrusion.

So, where the intelligence value is high, but the harm is low, the intelligence service should likely go ahead. When the harm is great, and the value minimal, the intelligence service should not.

You argued earlier that the US should apply the Bill of Rights to the entire world (it would indeed be interesting to see the US tell the world that it would begin enforcing separation of church and state, but I doubt that would go well in some areas). While the US quite obviously believes in, and acts to further, democracy and human rights, and has done more to that end than any other nation, it also must accept the constraints of reality. A 4th Amendment warrant requirement for searches makes a lot of sense when the US Government has jurisdiction and controls that jurisdiction. It doesn't make much sense in other contexts, such as combat zones, or for intelligence collection in foreign countries. And indeed no country on earth has applied any such restrictions to its intelligence services.

@Knott: The history of illegal operations in the intelligence community shows that there's a rough hierarchy of policies, with publicly-stated policies, internally widely known policies, internally compartmentalized policies, and highly compartmentalized policies. I would assume that the latter exist---they pretty much always do, don't they?---and strongly guess that Snowden did not have access to the kind of documents where highly compartmentalized policies are expressed, if indeed they're written down at all.

Actually I think it's clear that Snowden gained access to quite a few documents that would fall under the "highly compartmentalized" section of your taxonomy there. Read some of the slides on Bullrun. It's described as one of the most sensitive programs in existence, and states literally that "there is no need to know" with respect to that program.

So I don't think we can dismiss Snowden's results with the assumption that commercial espionage programs would be even more walled off than the things he's shown to journalists.

He conducted a wide-ranging search of NSA files using multiple credentials to do so, and looked specifically for documents that would reveal questionable actions.

I do not view the lack of documents about commercial espionage as definitive. However, I also do not think we can reasonably say "the lack of documents about commercial espionage is meaningless." The result of such a search is meaningful, especially given the sensitivity and nature of documents he was able to access.

@yesme: Do you really believe you can have a limited war against China??? Let me anser that question also. Think about Germany, WW2, and the USSR. Do the math please. I will give you a hint. Quantity is a quality too.

I noted that the PRC is a rising power, with many contested territorial claims, in a region where animosity between nations runs deep. As the PRC continues to increase in power, there exists the danger for miscalculation, which can in some circumstances lead to war. Such a war is something to strive very hard to avoid, as the costs would be horrific, while at the same time, given the possibility of it, striving hard to be well prepared for such a contingency. Intelligence is vital to both those things.

Please tell me what your questions have to do with my analysis.

Who are gonna be your allies? Russia? India? The EU? Why would anyone help?

Allies in what scenario?

Your country is bankrupt. Who is gonna pay the soldiers salaries? China?

If you think that the US Government is bankrupt, then your view of international relations likely varies quite significantly from reality.

BenniMarch 24, 2014 7:03 PM

@ Skeptical:
Snowden said that Petrobras is the first of a long list of energy targets....

You certainly will not say that most energy targets bribe or are telling you something on the government.

Also, I have mentioned many more cases, like espionage gainst sap, or the many companies in the report of the european comission, on which you seem to be silent.

By the way, here is the interview with the leading nsa spook and SPIEGEL:
http://www.spiegel.de/international/world/spiegel-interview-with-former-nsa-director-michael-hayden-a-960389-2.html


Interesting is the point where Spiegel asks:


SPIEGEL: In November 1999, you visited Germany and went to the NSA station in Bad Aibling, and afterwards you wrote a letter to the Chancellery where you assured them that you are not conducting espionage against …

Hayden: … Germany, that's right.

SPIEGEL: It could have been a wonderful friendship.

Hayden: I took as a principal position that it was worth it to me to stop collection activities in Germany -- not on Germany -- that were overhangs from the occupation and to stop that in return for entering into a very mature relationship with the German intelligence services. That was the policy we followed when I was director. We made decisions, and activities stopped -- not against Germany but from Germany, out of sensitivity to German sovereignty, in order to enable us to approach an intelligence relationship with Germany among equals.

SPIEGEL: But two years later, the surveillance of the chancellor's cell phone started. Were we Germans too naïve?

Hayden: I can neither confirm nor deny what we do or don't do,

SPIEGEL: Given the fact that, as you said, Americans might have underestimated the sensitivity of Germans with regards to the surveillance, don't you think it would be a valuable approach to reach a no-spy agreement with Germany?

Hayden: No-spy agreements are just too difficult. The White House made it quite clear, "No, we're not going to do no-spy agreements." It's just too hard to do, not even with the British.

And here is the report of the meeting between obama and Xi Jinping:

http://www.spiegel.de/politik/ausland/nsa-obama-beruhigt-xi-nach-spionage-vorwuerfen-a-960530.html

During the meeting of Obama and the chinese premier Xi Jinping, it apparently sufficed for obama, to "ensure Xi that the NSA are not spying for their economic advantage", to let Xi Jinping say " We have made progress in our bilateral relationship and have achived consent in many questions.":

This is said by this chinese premier, after the NSA has planted its bugs everywhere in china. Such a reaction can be explained by several reasons:
a) the US have their means to blackmail xi or to put severe pressure on the chinese
b) for the chinese, it is "normal behavior" to plant massive bugs on foreign servers and to break into other companies computers for stealing the sourcecode or
c) theamerican president is a master in manipulating and calming people down or
d) the chinese premier is just dumb.

Perhaps all four reasons apply here in parts. From the outcome of this meeting, the chinese, who have lend 1,277 trillions of money to the us, apparently accept it without much complain that the NSA clustered their systems full with bugs and stole their companies secrets as a thank you.

Apparently, one can not even rely on the worlds authoritarin regimes anymore these days and it seems, proper dictatorships are not longer, what they once were.

The fact that even the chinese are that helpless against the nsa, just shows how difficult it will be, to make the methods of the nsa a part of history

SkepticalMarch 24, 2014 7:24 PM

@Benni: I'm saying that a full analysis of politics in Brazil will need to include a major state owned company like Petrobras, for the reasons I gave.

As to Enercon and the EU report, I'll just quote from an earlier comment on the subject:

The EU report primarily notes events where the US Government detected, and told a foreign government, of bribery by various European companies, such as Airbus in Saudi Arabia. Other than cases where the US reported on bribery, there are incidents reported where the US detected and reported commercial espionage by other entities, and where the US conducted espionage in the course of negotiating treaties between itself and other governments.

None of those constitute commercial espionage.

Then there is Enercon. A US company sued Enercon for infringing on its patents for a windmill generator design, resulting in a ban in the US on some of Enercon's products until 2010. Enercon claimed in defense that the NSA had stolen its secret windmill generator designs and given them to the US company. Problematically, Enercon failed to fact-check before telling this fantastic story - the US company registered the patents three years before the alleged espionage occurred. Nonetheless, it was dumped into the EU report.

That's all there is Benni. A sordid tale of the US revealing bribery schemes by foreign companies, using its intelligence services in negotiating treaties, and the US revealing commercial espionage by other nations.

FigureitoutMarch 24, 2014 7:57 PM

DB
--You're not very good at making people feel better, are you? :p This makes me feel better, the "wave bubble":

http://www.ladyada.net/make/wavebubble/index.html

Clive Robinson
--I've seen a traffic analysis system that could be anonymous. I'm having a hard time how you can't conceive one, unless we have different ideas of all the data you want from it or how it works. Then the data is relayed on thru the internet but it's just numbers of cars/trucks/etc driving thru an intersection. It's easy to wreck that anonymity real quick w/ cameras and RF sniffers. That's one of those instances where, if sensors are used properly, then the data can be very beneficial b/c who likes to sit in traffic b/c of a stupidly designed intersection or have a traffic light turn red when there's no one coming perpendicular.

Nick P
--Ok.

OT

http://dontstuffbeansupyournose.com/2014/03/22/why-writing-firmware-is-kinda-like-software-exploitation/

--Interesting article, the "Heisenbug" lol. Bugs...finding and fixing them is better than...Reddit had link bait that got me and wasn't what I initially thought (exfiltrating function return values w/ LED's). Don't like how he calls a flash emulation tool a "FET", that term's taken. They got to experience "fun" hardware bugs like a temperature change affecting the oscillator crystal and screwing up timing in RF comms. Mentioned firmware updates thru IR ports for cameras...sh*t. The solution to the problem was a bit of a letdown at the end, sort of a "D'oh" moment probably. Had a very similar one w/ a little morse keyboard on arduino I did but it was much higher up in comfy arduino-land; when the timing variable was a "byte" and was just cycling thru 0-255 in a speed function. Easy fix was to stop speed variable at 230. Felt dumb but at least I found it...

DBMarch 24, 2014 9:23 PM

@Skeptical


No, we have to promote human rights and ideals, things like equality and justice, truth and honor. And we have to win by playing inside these ideals.

As I've said before, whether an intelligence service should intrude into an area of privacy depends upon the value of the intelligence sought and the harm the service commits by undertaking that intrusion.

So, where the intelligence value is high, but the harm is low, the intelligence service should likely go ahead. When the harm is great, and the value minimal, the intelligence service should not.

Alright... so we've come full circle back to you are amoral. It's merely a cost/benefit calculation to you is all that matters. Morals are just part of the "cost" in your equation, and easily traded away. Any level of intrusion might be permissible in your view, given the right dire-enough circumstances. The extension of this principle to our own land means that even the Constitution and Bill of Rights might be easily suspendable given a "good enough" excuse... like.. oh.. say.. "terrorism"... And yep, that's how the Patriot Act is justified too... surprise. Apparently Democracy and morals are only for when it's convenient, not for when things really matter.

You argued earlier that the US should apply the Bill of Rights to the entire world (it would indeed be interesting to see the US tell the world that it would begin enforcing separation of church and state)...

Not exactly. I argued that the US should apply some form of basic human rights (the US Bill of Rights being one example way they are documented, UDHR is another example) to its own dealings with the rest of the world, because that's the right thing to do. Not that the US should be their enforcers upon what everyone else in the world does to each other per se. And no, the US shouldn't just have someone else like the GCHQ do their dirty work for them internationally, that's as bad as doing it themselves.

A 4th Amendment warrant requirement for searches makes a lot of sense when the US Government has jurisdiction and controls that jurisdiction. It doesn't make much sense in other contexts, such as combat zones, or for intelligence collection in foreign countries.

Well, yeah, that's the problem with your viewpoint... apparently the whole earth is like an electronic "combat zone" where anything goes, and not a soul has rights. Even within our own country we've created a handy loophole called the "3rd party doctrine" that lets us search and seize whatever we want, as long as it's in the hands of a 3rd party... arrgh. Excellent for American cloud businesses...not!

And indeed no country on earth has applied any such restrictions to its intelligence services.

Also part of the problem. But just because nobody is doing the right thing, doesn't mean it should be an excuse not to. Nobody else is abusing human rights in the digital realm on the scale that we are either, and that's scary.

KnottWhittingleyMarch 24, 2014 9:26 PM

New York Times:

"Obama to Call for End of NSA's Bulk Data Collection"
by Charlie Savage March 23, 2014

http://www.nytimes.com/2014/03/25/us/obama-to-seek-nsa-curb-on-call-data.html?_r=0

"Under the proposal, they said, N.S.A. would end its systematic collection of data about Americans’ calling habits. The records would stay in the hands of phone companies, which would not be required to retain the data for any longer than they normally would. And the N.S.A. could obtain specific records only with permission from a judge, using a new kind of court order."

DBMarch 24, 2014 10:05 PM

"Obama to Call for End of NSA's Bulk Data Collection"

That's NOT and end. That's a transference of it.

It's the exact same bullsh*t that Obama did when he claimed he "tried to shut down Guantanamo Bay and Congress wouldn't let him"... He was NOT trying to SHUT IT DOWN... only transfer them to a different location and keep going with the same thing as always.

So also, Obama is NOT trying to end bulk data collection, only shift it so a different party does the collection. It's still the exact same thing happening, there's no difference.

This was so predictable. Obama is amoral too, just like someone else I keep calling out on here...

DBMarch 24, 2014 10:13 PM

Oh maybe my outburst was too hasty... I'm just really suspicious of Obama right now... :)

DBMarch 24, 2014 11:02 PM

The devil is always in the details...

It mentions creating a "new kind" of court order... which I am still suspicious could mean it's still going to be a "bulk" kind... Otherwise why would they need a new kind? I'm ok with there being more "swiftness" and efficiency in the court system, but I'm highly suspicious that this will still end up being all of Peter's records being collected by a court order being issued against Paul, for example. It even alludes to this with the preservation of the "2 hop" rule... In my opinion, if they want to gather records on thousands to millions of people 2 hops away, they should have individualized warrants for each one of those thousands to millions of people!

A study showed that average Americans are only separated by 3 degrees. So 2 hops is A LOT of people. Don't kid yourself thinking that's just a few people so it doesn't matter. One more hop and it's still most of America! From ONE warrant!

DBMarch 24, 2014 11:10 PM

dang it.. I misread... it's actually 6. Sorry for the spam.

2 hops is still a lot of people being collected for nothing they've done. Do you want to be investigated just because you have the same doctor as someone the government is after? Each one should be thought about based on its own merits first.

KnottWhittingleyMarch 25, 2014 12:16 AM

DB,

I don't blame you for being a bit suspicious. I just quoted the article without comment because I really don't yet know what I think it means, if anything.

The devil certainly is in the details, and 2 hops is still everybody who matters if there aren't reasonable filters.
(E.g., everybody who matters in DC is within 2 hops of somebody who's arguably an agent of a foreign government or corporation.)

The best thing I can say about it so far is that it's not as obviously bad as Feinstein's plan to congressionally ratify the status quo plus worse stuff, or what I'd guess is Mike Rogers's plan. (Which involves Greenwald and Poitras and you and me in black sites with waterboards.)

SkepticalMarch 25, 2014 12:43 AM

@DB: Alright... so we've come full circle back to you are amoral. It's merely a cost/benefit calculation to you is all that matters. Morals are just part of the "cost" in your equation, and easily traded away.

I've been nice, but since you persist in calling me amoral I'll be blunt.

I spoke of weighing the harms of intruding into an area of privacy against the potential good of doing so. The entire calculation is a moral calculation; morals aren't on one side of the balance; morals are the balance.

Bizarrely you can't seem to grasp the fact that everywhere, including the United States, including when a judge decides whether to issue a search warrant, there is a weighing involved. Within the confines of the 4th Amendment that weighing has received some elaboration by iterations of judicial decisions on the question. Outside of the strictures of the particular form of the American 4th Amendment we must look to our own ethics in conducting a similar weighing.

So when we say "I am doing some harm in penetrating this person's computer, but I must weigh that harm against the good I can accomplish by accessing a foreign government's, or a terrorist group's, communications" we are not shunting aside morality. We're actually engaging in a moral judgment. Outside a world of simplistic absolutes that gets a little complicated. Unfortunately, much of what is important happens in a world that is messy.

Any level of intrusion might be permissible in your view, given the right dire-enough circumstances.

Can sufficiently "dire" circumstances justify invasions into a person's privacy?? Hell yes they can. In fact, I cannot think of a country where "dire circumstances" are necessary before at least some of your private information can be intruded upon.
And this is not just my view, but the view of every court in the United States, and every other nation I'm even vaguely familiar with, and every reasonably-minded person on the planet. Are you kidding me? You think that no sufficiently dire circumstances could justify a complete intrusion into someone's privacy?

The extension of this principle to our own land means that even the Constitution and Bill of Rights might be easily suspendable given a "good enough" excuse...

Believe it or not reality guides our application of the Constitution. Lincoln was on the mark when he said that the Constitution is not a suicide pact. Sorry, human circumstances and human outcomes matter. No government should be in the business of "let justice be done though the heavens fall." You don't win points for destroying yourself for the sake of principle.

Clive RobinsonMarch 25, 2014 2:02 AM

@ Figureitout,

    I've seen a traffic analysis system that could be anonymous. I'm having a hard time how you can't conceive one, unless we have different ideas of al the data you want from it or how it works.

The traditional way todo a traffic sensus is to hire lot's of very cheap labour and sit them on stools at traffic intersections with boards with "tally counters" on where a tally counter is used for a particular type of transport (bike,car,van,lorry etc). The problem is it's very expensive, highly error prone, inordinantly slow and at best gives only a pinprick view of a city of a hundred or so square miles in area.

The bigest expense is "sensors" be they little old guys on stools or high tech cameras, you need one heck of a lot of them and they cost big bucks, then there is the data streaming and colation costs etc etc...

The system was designed around using existing infrastructure --the mobile phone network-- that had all the sensors and straming and colation already done and that needed minimum changes to "piggy back" on.

It also had the major major advantage that it could provide "journy/trip" information directly which previous sensus methods could not. The system was also designed to integrate with existing systems such as traffic/stop light counters all to be done in "real time" (compared to previous methods). Untill "vehical licence plate readers" get deployed on every intersection it's as good as your going to get, and even if other systems get put in place it will still b cheaper as well as covering non licenced modes of transport such as push bikes and some pedestrians as well as public transport users.

It's why I've a fairly good understanding of just how bad the "3rd Party Doctorin" the US has can be for ubiquitous surveilance and just how easily it could be implemented with just a small server pluged into the mobile network with just a single cat5 connection... It's also why I can see that the US legislated requirment for GPS in phones "for emergancy use" is not for what you, I or any first responder would regard as an emergancy...

Any way onto things more interesting :-)

Yes I would agree that FET has a more standard use, the functionality of the device he was using was once considered to be "A poor man's ICE" and was considered back in my day ;-) as being for "wanabees" or as he calls them hobbiests/makers. Oh and he's also wrong about using somebofy elses platform in your own products. I know of producers of low volume but high value equipment using the guts from laptops and even pocket games consoles because they could not buy the components to do a tenth the job for the same price. To see why look up the price of various LCD displays and then look up the price of a laptop or games console with the same spec displays...

As for wierd behaviour I once had a problem with developing a system using single chip micro controlers with UV erasable memory so had those quartz windows in them . If I used it in one test setup at my bench I had no problems all worked fine. However take it to another work bench and sepending on what angle it was at it would fairly soon make random errors and crash. With hindsight I should have realised that it was not the anfle with respect to gravity that was the issue but the overhead lighting from windows. Basicaly the little dots of coloured paper we used to cover the quartz window were not stopping the light sufficiently for stray photons not to flip bits in the CPU thus causing the random crashes...

As for the guys "LED" usage, that's how we used to do it back in the "8bit days" when having the likes of a UART was a 50USD luxury (these young farts don't know how lucky they are ;-) Interestingly it also tells me a lot about how little equipment they have/use, I have a 100MHz storage scope and similarly fast 32channel logic analyser on the "logic bench" all the time and a similar scope audio and RF analysers on the analog bench. All of which connect back to PC's via "Line Isolating Networks" (LISNs) which sit in their own shielded enclosures.

Obviously connecting a scope or logic analyser to his two wire interface would have alowed a much better range of diagnostics to be performed. One of which he ran into with his XTALs at different tempratures running at different frequencies... If he had transmitted a "known training" pattern of data across the RF link from the transmitter to the receiver and changed the state of his two wire interface for every error received he would have seen the LEDs blink. If however he displayed it on an oscilloscope the repeatition pattern of the errors as seen on the scope with a slow time base would have shown "sinusoidal bunching" at a frequency comparable to the frequency difference between the two XTALs which is a dead give away as to a clock drift based timing error...

I guess basic testing techniques are not as widely/well taught as the used to be :-(

yesmeMarch 25, 2014 2:21 AM

@skeptical

You don't win points for destroying yourself for the sake of principle.

I remember this:

* A monk putting himself on fire
* Ghandi
* Mandela

Sometimes principles are worth destroying yourself for. And I think the right for privacy is a very serious one.

yesmeMarch 25, 2014 2:46 AM

Of course there are / were a lot of people more fighting and even destroying theirselves for their principles.

Too bad this doesn't happen much in todays USA politics.

yesmeMarch 25, 2014 2:52 AM

... And with USA politics I mean the executive branch. The guys who are pulling the strings.

DBMarch 25, 2014 3:14 AM

@Skeptical

I've been nice, but since you persist in calling me amoral I'll be blunt.

Thank you for being blunt. Finally you are explaining yourself to me, instead of frustrating me with evasiveness (or lack of clear explanation, or a lack of my own understanding, take your pick). I finally see your point about "morality"! :)

But this still doesn't address the issue of stealing from or breaking into people who have nothing to do with your end targets, as a means to an end to find out who your real targets even are in the first place.... There have to be some limits here. As a sysadmin, I shouldn't be forced into trying, on my own, to invent "NSA proof" hardware and software, just to uphold my normal ordinary human rights as a bonna-fide human. It's gone way too far.

"Zero knowledge" encrypted storage seems to be the only way to run an internet based service nowadays in a way that upholds human rights, where everything's encrypted and only the end user has the key. It shouldn't be this hard, something's gone dreadfully wrong in our society and in our social contracts between us.

You don't win points for destroying yourself for the sake of principle.

You don't win points for destroying democracy and freedom, and instituting dictatorship in its place, because it's perceived to be more expedient to stop all crime from ever happening (an impossible task anyway, but you can try). Is this an extreme? Absolutely. But I worry a lot that the more we keep giving up basic human rights, the more we keep heading in this direction. Surely you can see this point about slippery slope, just as I can see yours.

I still do believe that some overarching moral principles have to be absolute, but I can see I'm not getting anywhere with that argument with you, you believe differently. That's fine. Though it's going to continue to cause us to butt heads about application of them, at least I can see where you're coming from.

Clive RobinsonMarch 25, 2014 3:39 AM

@ DB,

    I still do believe that some overarching moral principles have to be absolute, but I can see I'm not getting anywhere with that argument with you, you believe differently.

Sadly he's not the only one.

Look at ccongress critters and other politicos the only thing not for sale is their overarching need to be re-elected no matter what morals or others they throw under the campaign bus...

BenniMarch 25, 2014 9:46 AM

@Skeptical:
"That's all there is Benni. A sordid tale of the US revealing bribery schemes by foreign companies, using its intelligence services in negotiating treaties, and the US revealing commercial espionage by other nations."

Why are you consistently ignoring that the nsa does TAO operations against SAP?
Do you not have the necessary government clearance for that?
Or are you some spook sitting on just the snowden files, knowing that there was no such thing in what snoden could have stolen?

Well, actually this is correct. You have a much bigger leak than just snowden.

In germany, there exists a right wing tabloid newspaper of usually poor quality. It is called "Bild". During the Spiegel affair, this tabloid choose side with the government. And now, you can find there vigorous articles defending the nsa. The magazine is full of wrong stories and lies, and there is even a blog, called bildblog, which critically assesses the bild articles, finding errors: http://www.bildblog.de/

Perhaps this was, why journalists of Bild could approach nsa workers in germany. First, Bild showed them documents that were published by Spiegel, (as bild does not have access to snowden files). This were documents on tapping merkels phone, and the nsa workers said that chancellor merkel, does not stand for merkel but for the entire function, and that this means, tapping chancellor merkel since 2002, implies they tapped chancellor schroeder before.
And then the nsa spooks said they would employ their tao methods to closely wathch after around 300 people in germany, among them the company sap:

Usually, what is in Bild, is full of lies, but i think this is the only article of them, where every word is true. I think this for the reason that in his spiegel interview, the nsa boss now admitted monitoring Schroeder:


http://www.spiegel.de/international/world/spiegel-interview-with-former-nsa-director-michael-hayden-a-960389.html

Hayden: It's hard for me to answer as I'm not in the government. But leadership intentions are always a high priority, a foreign intelligence objective. In 1978, you've got US-President Carter wagging his finger at his intel people at the Camp David Accords between Egyptians and Israelis saying, "I want to know what Anwar al-Sadat and Menachem Begin think. I want to know what they think about me. I want to know what they think about each other. I want to know what in their heart of hearts they think about the agreement we've put on the table." How are you going to do that? I suspect you're going to conduct aggressive surveillance against their communications. Whether that circumstance applies to the chancellor is an entirely different question, but I would add that the chancellor's predecessor …

SPIEGEL: … Gerhard Schröder …

Hayden: … conducted a whole variety of things that were kind of inconsistent with the American view of the world, which is not claiming the American view is right. We did the Iraq war with very different points of view. His approach to Russia was very different than the American approach to Russia, and then finally, this whole Gazprom billion-euro loan guarantee also raised questions, which might be answered by this kind of activity.

SPIEGEL: Would that justify surveillance of his cell phone?

Hayden: I am not going to make that conclusion. What I am going to say, though, is that you could see circumstances like that where that might make it more rather than less attractive to do.

This is a kind of a free transcript of the bild article by some german news site :

http://www.n-tv.de/politik/NSA-soll-de-Maiziere-statt-Merkel-abhoeren-article12333506.html

It clearly states:
"NSA goes after 320 persons in germany. These are decision makers in politics and also from the economy.
An example of economic espionage is the Company SAP with its main buildings in Walldorf. The largest european software maker is a competitor with the american company oracle. An SAP spokesman says: We dont comment on thes things"


for the bild article itself, you must pay:

http://www.bild.de/bild-plus/politik/inland/politik-inland/lauschangriff-auf-320-wichtige-deutsche-34798676,view=conversionToLogin.bild.html

It says, among other things, that the nsa spooks have the order, not to let any information slip since merkel is no longer monitored, so they are tapping the phones of the other ministries. The bild journalists even quote an nsa transcript from merkel where she asks deMaiziere "What should I think".

The nsa employees are telling all this to the press, perhaps because they also disagree with what they are ordered to do.

Now dear sceptical, you can phone up to your colleagues in germany, telling your spooke friends, that the special collection service in germany has severe leaks.


DBMarch 25, 2014 9:58 AM

@Clive Robinson

Yeah, morals are more like a mudslide to some people, instead of a goalpost. I was calling that "amoral" or "without morals" but I guess I should probably call it "variable" or "non-absolute" or "situational morals"... and maybe they'd be less insulted.

KnottWhittingleyMarch 25, 2014 5:29 PM

Skeptical:

Actually I think it's clear that Snowden gained access to quite a few documents that would fall under the "highly compartmentalized" section of your taxonomy there. Read some of the slides on Bullrun. It's described as one of the most sensitive programs in existence, and states literally that "there is no need to know" with respect to that program.

No, that's not an example of the kind of thing I mean by highly compartmentalized---any more than having nearly a million people with "Top Secret" clearance means they all get to see actual top secrets.

Anything that hundreds or thousands of people know is not actually highly compartmentalized, even if the slides they show to tell hundreds of people say Top Secret.

I'm talking about things that only a few people or a few dozen people know about, which probably doesn't have an official code name like BULLRUN, and there are no training or internal sales slides because it's actually very secret and very compartmentalized.

When Thomas Tamm at Justice blew the whistle on wiretaps he knew were being given suspiciously very special treatment, people in the office didn't know the name of the program, were not shown any training slides, etc.---despite having super duper clearances way above top secret to see all sorts of sensitive compartmentalized information.

They were just told to give certain files special treatment---sending them directly to the head of the FISA court, not the other judges, etc.---and to shut the hell up about it. They came to call it "the Program" for lack of any name for what was obviously a program.

Maybe that particular operation had a code name among some smaller group, maybe it didn't, I dunno, but I hope you get my drift.

Or consider what came to be called "Operation Paperclip," way back when we were smuggling Nazi scientists into the US and giving them secret jobs despite their being wanted for war crimes.

Why was it called "Operation Paperclip"? Because it not only didn't have a name, but nothing was written down to flag certain German scientists' files for special treatment. Instead, a paperclip was attached to the file folder in a way that would signal to people In The Know that it should be treated specially, and outsiders couldn't tell that anything funny was going on with the files that passed through their hands.

That's the kind of thing I mean---things that are actually so secret and so important that even giving them an official name is too dangerous, and there is no official clearance level---it's above all the official clearances above top secret.

As far as I can tell, those are the kinds of actually very secret and very compartmentalized things that go on in every major intelligence organization, which we are unlikely to learn about from Snowden.

However revealing the Snowden revelations turn out to be, it's a good guess that there's still worse we don't know about, and will not know about without a very serious independent inquiry like the Church Committee's---and likely some that are so deeply buried that no investigation will ever find out about them.

Those are the ones I want to know about. (And a pony.)

The only prospect I see of finding out about the worst stuff is if we get serious prosecuting our own spies and torturers, and offering them immunity to rat each other and their bosses out.

Nick PMarch 25, 2014 5:59 PM

@ KnottWhittingly

Very well said. You seem to get what I was talking about perfectly. There are secret programs and there are SECRET programs. The more criminal they are, the more secret they are. Things like BULLRUN they could justify to key lawmakers would be nowhere near as protected as a program to collect dirt on lawmakers. It's so common sense I wonder why I have to argue it.

Historical precedents would also include J E Hoover doing what I describe. I keep mentioning that one. Far as a program like Paperclip, I usually mention MKULTRA as it was majorly screwed up, involved many people, and maintained secrecy for a long time. It took a [serious] act of Congress to get details on that program. Imagine if that one dude had never died and his family didn't fight govt for details on the program. It might have gone on even longer with Congress and most spooks with TS clearance still not knowing anything about it.

SkepticalMarch 25, 2014 6:25 PM

@Knott: Anything that hundreds or thousands of people know is not actually highly compartmentalized ... I'm talking about things that only a few people or a few dozen people know about, which probably doesn't have an official code name like BULLRUN, and there are no training or internal sales slides ...

I understand your point, but I doubt commercial espionage undertaken as a policy could not include hundreds of people.

I also strongly doubt that it would be undertaken without legal and bureaucratic cover.

As examples we can look at the two most controversial intelligence programs in decades, one of which you raised:

When Thomas Tamm at Justice blew the whistle on wiretaps he knew were being given suspiciously very special treatment, people in the office didn't know the name of the program, were not shown any training slides, etc. ... They were just told to give certain files special treatment---sending them directly to the head of the FISA court, not the other judges, etc.---and to shut the hell up about it. They came to call it "the Program" for lack of any name for what was obviously a program.

Tamm was there in 2004. There was a name for the program as soon as the President authorized it (3-4 weeks after 9/11). There would be lots of paperwork associated with it. If Tamm had been a Snowden, and able to use the credentials of multiple individuals to access different areas and programs, he may well have found that paperwork.

Then there's the enhanced interrogation program. This involved what many argue to be torture on al Qaeda detainees in secret sites at various places outside US borders. But there was quite a bit of paperwork associated with this program. Indeed, according to Senator Feinstein, the CIA turned over 1.6 million pages worth (and then there's whatever they didn't turn over).

I do agree that at one point, probably in the early days of the CIA, they could operate some programs without writing things down in official records. But given the size of the bureaucracy, and the much greater number of laws and potential legal consequences that apply now which did not exist in those early days, I doubt programs are implemented that do not involve written records.

As to prosecuting anyone... listen, I think there's lots of room to disagree with some of the NSA programs reported on, but I haven't seen any example of illegal behavior by the NSA divulged in the articles based on Snowden's leaks.

Nick PMarch 25, 2014 7:25 PM

@ Skeptical

"I understand your point, but I doubt commercial espionage undertaken as a policy could not include hundreds of people."

We're talking about that and gaining dirt on politicians. Two issues here. Massive commercial espionage might involve hundreds of people. It might not. It's unlikely to be a tiny group, though, I'll agree there. My part of the discussion focuses on the other issue as it's more critical to our democracy.

"I do agree that at one point, probably in the early days of the CIA, they could operate some programs without writing things down in official records. But given the size of the bureaucracy, and the much greater number of laws and potential legal consequences that apply now which did not exist in those early days, I doubt programs are implemented that do not involve written records."

That's irrelevant. Even things above SAP's require records and a certain amount of approval. The existence or nonexistence of records only gives part of the potential for them to be leaked. The other part comes from someone having access. In a SAP, they have all sorts of dedicated resources, internal controls, etc Nobody outside the SAP can even know what they're doing, much less access their docs. There can be zero docs, one doc, a million docs and the situation doesn't change without access. Additionally, even the basic NIPSOM manual has special requirements to ensure docs don't leak while in use and get destroyed afterward. It has similar requirements for the computers & networks, too.

(Note: This is why some of these highly sensitive programs don't seem to be real SAP's or their security was just lax as hell compared to what they're *supposed* to be doing. Probably the latter as plenty of precedents in DOD of bad security practices done for whatever reason.)

My proposal was any illegal activity would be done as something higher than a SAP (eg Waived SAP) as relatively few people have to authorize it, the details are even more protected than a SAP, reporting requirements are waived, and it's easier to hand pick the people least likely to talk. Additionally, it might be as easy as setting up a link to surveillance platform without logging for a seemingly legitimate purpose (eg mole hunt) and it also gets used for the criminal reason. Doing that covertly would be ridiculously easy given what's in the TAO catalog.

It also doesn't take a hundred people to monitor the key committees governing intelligence, the President and Supreme Court. One person with NSA tools could probably pull it off [1]. A small team could do it quite easily. They only need to find one piece of career ending dirt on each person. They can build it over time. After a year, they might have dirt on dozens to hundreds of people. They only need about a dozen, though. And most people supporting the program don't need to know the specifics to do their part. Just a few.

I'm not saying the mere possibility of it happening means they're guilty. I'm saying that the intelligence agencies are run by very scheming people with a long history of abuses, including in recent times. They are opportunists that expand their power and protect their agencies' funding however they can get away with. That there's an easy way in their grasp to control the source of their funding and oversight is disturbing. We must assume they will eventually try it and close that vulnerability.

Doing that will take the kinds of stronger, independent controls on these programs with accountability and full access to whats going on. In a nutshell, GAO with clearances and the ability to press criminal charges. Otherwise, a scenario like I've outlined can happen & history indicates they'll try it eventually. Or they're doing it now. One or the other. Congress should act while they have the chance.

[1] An example of what one evil person can do without NSA tools. A pro with automated intelligence tools getting source material from NSA surveillance machines could do a lot more. A small team of them could do even more. I'm sure you get the idea.

FigureitoutMarch 25, 2014 8:02 PM

Clive Robinson
The system was designed around using existing infrastructure --the mobile phone network-- that had all the sensors and straming and colation already done and that needed minimum changes to "piggy back" on.
--Ok exactly. The system I'm talking about doesn't use the phone network (anonymity, meet death); and it is more expensive (I think you've mentioned quite copiously about a "race for the bottom" in terms of price and quality). And it's not cameras (though they can be attached) and it's not old dudes on stools lol; just microwave radar. This system would be susceptible to targeted attacks injecting bugs or using other jamming techniques to cause some problems. Another thing I don't get is pedestrian crosswalk systems and how much they generally suck. I don't get it, there must be a hidden problem I'm not seeing; but there's timing issues (a difficult problem in embedded engineering) and just straight up they lose power. Anyway, I won't bore you anymore; but I get pleasure in well engineered systems that run smoothly and intelligently while also avoiding opportunities for creepy abuse of info.

RE: Using other platforms
--I didn't agree w/ that either; he's talking about selling maybe unrealistic amounts of product.

RE: Weird problems
--Oh c'mon. YOU of all people didn't think about that. :p I don't mind discussing my major f*ckups, eventually people forget (the internet won't, but meh I'm trying to prevent more stupid). I've also had the pleasure of compiling a little school program in Visual Studio (I like Vim so much better now), one day it will compile, the next, errors I've never heard of...Oh the joys of programming when you can't find your bug...Or it compiles but then you get a freaky error...

RE: "8-bit days"
--Hey, I'm reliving the "8-bit days" here w/ my Z80 computer. My dad's like, "WTF son, that's what I used". I'm just like, exactly! I don't know how a computer works beyond a screen and I can't trace it so there's going to be hidden problems. Maybe other people don't appreciate just how much fun it is to develop these days (not securely, but functioning); but I do for sure. Those early engineers, I'm not convinced they aren't robots. And they're not wrong for hating on younger engineers, but they didn't have all the distractions and then the lack of economic opportunities my generation has to deal w/.

Man, some nice equipment, you must be rich or good at gathering intel of good deals. :p My scope is from the stone age, one of the knobs on it broke off when I was turning it a while ago...I really would kill for a nice digital radio, new 'scope, logic analyser, etc; but I have enough stuff to have fun. Hopefully I can get some time on a microscope at my school to inspect a chip; but I need to have a decent proposal and be ready to go and be quick. And no old school basic testing techniques aren't taught as much, I haven't had the classes I'm really looking forward to, but I'm guessing you have to seek out and learn them yourself; which to be honest, how it's usually been anyway.

ModeratorMarch 25, 2014 9:42 PM

I don't know for sure, but I'm guessing that was supposed to be published on the 28th, not the 18th.

name.withheld.for.obvious.reasonsMarch 25, 2014 10:16 PM

@ Nick P, Notwhittingly (aka Clapper)

There are secret programs and there are SECRET programs.

Having some experience with black programs, I can say that a whole lot can go wrong (irrespective of the government or private interests). I could tell you stories that would curl the titanium on your landing struts. Whether civilian or military, you can find yourself on your own--or worse.

Clive RobinsonMarch 26, 2014 12:54 AM

@ DB,

Sorry I missed your comment to me I guess my "old eyesight" is not what it once was :-(

Speaking of "old" and with regard to those with "moral issues" there was once a popular term that changed the words but conveyed the same meaning which was where "a lady of the evening" or similar was said to have "negotiable virtue".

Perhaps the same could be applied to certain types, after all they do appear to prostrate themselves at the "temple of mammon".

Clive RobinsonMarch 26, 2014 1:47 AM

@ Nick P, Name.Witheld...,

The easiest way to hide a realy black project is in plain sight.

So commercial espionage can be easily hidden as follows,

You set up a large but secret project that is "looking for weapon technology pre-cursors", nothing unusuall it's what many intel community orgs do. Because it involves "thinking outside the box viewpoints" you set up a "think tank" style organisation (like "Rand") staffed with selected scientists and industry technologists. They (justlike Rand) have within their remit the ability to put investagative research "out on contract" to a few select commercial organisations with consiferable experiance in those areas (like TRW, Raytheon etc).

Apparently all above board and can be seen at work every day in the MIC/intel world. For some reason nobody appears to question which pre-cursor tech gets selected and why or who gets the research contracts and why, or for that matter what they then do with the results of their research...

Nor do people ask why people at the top of intel and other gov depts get jobs with either the think tanks or research orgs on eye wateringly large salaries for just a few hours work each year...

I'm sure that you can see how such a major part of what the IC do could "accidently" be perverted by a few "rouge individuals"... very reprehensible but the good work of protecting the US from "future tech" weapons must go on.

As has been pointed out the expensive part of R&D is "bleeding edge thinking" once an idea has been formulated and developed to the point of practicality by one set of people, another set of people can get to the same point at a graction of the cost just by knowing that "it's been done" and a general idea on the principles used.

As we know the French IC have been saving French tech companies trillions of USD in R&D costs since the 1950's. So we have to assume other nations IC orgs are doing the same.

Oh and the Petrobas stuff look at it this way if somebody in the IC had to pay "contractors" off what better way could youthink of than giving out a few "share tips" to buy stock in companies you know are going to be given the nod over which drill sites to bid for. A few thousand USD placed at just the right time by the contractor could show a very significant profit in just a short period of time, and it would be very hard to join the dots together...

SkepticalMarch 26, 2014 2:44 AM

@Nick P: ... and gaining dirt on politicians. ... My part of the discussion focuses on the other issue as it's more critical to our democracy.

That's an important topic too. My earlier comments were focused on commercial espionage, or what seems to be the lack of it on the part of the US.

... Nobody outside the SAP can even know what they're doing, much less access their docs. There can be zero docs, one doc, a million docs and the situation doesn't change without access.

Okay, with you so far.

I'd note that it does take very high level involvement to create a SAP, and there's DOD oversight w/r/t such programs in its domain, among other things, that go along with it.

I suspect Snowden found his way to access to at least some, given his use of multiple credentials.

... It also doesn't take a hundred people to monitor the key committees governing intelligence, the President and Supreme Court. One person with NSA tools could probably pull it off [1]. A small team could do it quite easily. They only need to find one piece of career ending dirt on each person. They can build it over time. After a year, they might have dirt on dozens to hundreds of people. They only need about a dozen, though. And most people supporting the program don't need to know the specifics to do their part. Just a few.

Leaving Murphy's law aside, I think you're underestimating the difficulty and resources needed here. The mission you're describing is the collection of blackmail material against much of the political branches of the US government, which collection is to be effected by the use of NSA systems but in a manner undetectable to any watchguard at NSA, and to any watchguards the surveillance targets will have.

You'll be using these systems to monitor domestic calls without having a court order (frankly I'm not even certain the NSA is set up technically to actually eavesdrop on full-domestic (originator and destination numbers both inside US) calls within the US; if that's needed the FBI is the agency who owns it). You'll be monitoring numbers that are highly likely to trip any internal warning systems that the NSA has.

I suspect that you'll have some very large barriers in front of you.

And we haven't even begun to discuss the personnel hours needed, since the kind of information you're looking for may take many, many, many hours per subject to discover (though depending on the subject it may take little time at all).

Finally, even if all of that is successfully accomplished, you then face the incredibly risky prospect of trying to use this information to twist the arms of powerful people. Some of those people will be under surveillance from other groups, who may detect your attempt at blackmail (game over for you); others will refuse; others will play out the line but begin what may be a well supported effort to bring your operation to light; most will go to the FBI (which is again, game over).

And God help you when you're caught, as they will come after you with that special level of outraged anger reserved for those who betray us.

If this is the career advancement plan of a deputy secretary of defense, or of national intelligence, then that official needs remedial training in planning ASAP.

I'm not saying the mere possibility of it happening means they're guilty. I'm saying that the intelligence agencies are run by very scheming people with a long history of abuses, including in recent times. They are opportunists that expand their power and protect their agencies' funding however they can get away with. That there's an easy way in their grasp to control the source of their funding and oversight is disturbing. We must assume they will eventually try it and close that vulnerability.

Actually the people currently running the intelligence services have no history at all of abuse. And a Hoover today would almost certainly find himself arrested in short order by his own agency.

As to the bureaucratic urge to expand one's power and increase one's budget, subverting NSA systems in a private bulk-blackmail-collection effort aimed at some of the most powerful people in the nation would be an extraordinarily reckless path for any one of them to attempt. It's almost certain to end in failure.

Now, those are mostly the points on which I disagree. But the areas of agreement here may be more significant. I am also concerned that these surveillance powers remain controlled, embedded in an institutional structure that makes abuse difficult to perpetrate and likely to be caught, and subject to investigation and audit by an IG with a strong sense of mission and, if necessary, by the Department of Justice.

In large part, though, those things are in place. And the changes that I've wanted, particularly with respect to the declassification of important FISC opinions, and greater institutional emphasis at the NSA on the privacy implications of proposed policies, seem to be happening.

KnottWhittingleyMarch 26, 2014 1:31 PM

Skeptical,

With the infrastructure available to the NSA, it is much easier to do what DB is talking about than ever before.

You don't need a big conspiracy.

Just look at what one rogue junior techie named Snowden was able to do---he walked off with thousands if not millions of classified documents, and the NSA still does not know what he took. It apparently doesn't know squat about how he took it, either, because he knew how to bypass audit trails, etc.

Even when the docs started leaking, they couldn't figure out who'd taken what until he outed himself, and it appears that all they know at this point is what he's told them.

As far as we can tell, there are other people who've absconded with thousands or millions of very highly classified docs, and we still don't know about it.

So much for alert watchdogs.

If somebody in Clapper or Alexander's position decided to play Hoover, it would certainly be stupidly dangerous to do it the way Hoover did---by writing very incriminating things down and sending them to 200 field offices where a ragtag band of burglers could find them.

But Clapper or Hoover wouldn't need to do that. All they'd need to do is to conspire with a very few other like-minded people---say, 4. One techie with access like Snowden's, one analyst with access to PRISM, and a couple of middle managers who'll protect them.

Ideally you'd want a developer/integrator who has a job involving running experimental versions of PRISM, etc., on an airgapped network.

All those kinds of people exist at NSA. They have to.

It'd also be good to have a hardware guy who can get you things like a box of untraceable burn phones with cloned SIMs.

The main trick to doing what DB's talking about discreetly is to get other people to do almost all the work, for varied unquestionably "legitimate" reasons. A lot of those people will be in other three-letter agencies, like FBI, DEA, FEC, SEC, IRS, etc.

Suppose, for example, you want information on Leahy or Wyden and their families.

Just use one of your burn phones to call up their wives, daughters, lawyers, or campaign managers, and also to call a Columbian drug lord's accountant's private number, or somebody else who will draw the attention of whichever agency you want to start looking at your target. Depending on how you want to play it, have a good computer-generated voice say "sorry wrong number," but include some weird shit that listeners will think is code for something, or start a fax transmission of information that decodes to something patterned but meaninglessly mysterious.

Then sit back while other agencies examine your targets and their associates' lives with fine-toothed combs.

Five people could do this to hundreds of important people.

Hoover never had such power.


CarpeMarch 26, 2014 3:16 PM

@Skeptical

"Actually the people currently running the intelligence services have no history at all of abuse. And a Hoover today would almost certainly find himself arrested in short order by his own agency."

I don't know how a person can say this with no sense of irony at all...

Nick PMarch 26, 2014 9:29 PM

Preliminary Analysis of Mylar

Goals

1. Build web applications

2. Protect confidentiality of data stored on untrusted servers.

3. Support keyword search over encrypted documents.

4. Support sharing of keys between users.

5. Authenticate client-side code.

Methods & Risk Factors

1. Pinning certificates to keys. A TLA might corrupt certificate issuance. There are claims that this happens.

2. New cryptographic scheme. This might have flaws and needs professional cryptanalysis.

3. A form of trusted boot using static code, top-level HTML as root of trust, and hashes embedded in it for other files*. A proven principle far as verifying content. However, in this one it says they get the HTML page from server and verify it with server's X.509 certificate. If server is compromised, couldn't it issue malicious HTML to bootstrap a malicious Mylar application? It seems the code authentication trusts the server which is untrusted in rest of the paper. A MITM + server attack, which NSA is capable of, could defeat the scheme if I'm understanding it right.

* Abstractly similar to my HTML authentication scheme discussed here with Mike.

4. Layered on Meteor web application framework, a JavaScript framework.

4-1. Language choice. JavaScript wasn't designed for secure client-side apps. It is being leveraged for certain security frameworks and tools, now. I see it as a risk factor that's hard to quantify. Specific risks range from effects of language on crypto protocol implementations (eg covert channels) to risk of runtime to attack. NSA's contractors love finding 0-days in browsers like Firefox and Chrome. And those JS interpreters are getting more complex and low-level all the time.

(Security of client-server model was so much easier to validate than web varient of it. I miss being a security engineer in the 90's haha.)

4-2. Meteor Layer. A design, implementation, or configuration error in the framework might be used against the system.

4-3. Mylar Layer. A design, implementation, configuration, or integration error at Mylar or Mylar-to-Metero layers might be used against the system.

5. Generic attacks on cryptosystems. Unsafe fail attacks, denial of service attacks*, timing channels, bad algorithm, etc.

6. Bypass via social engineering or another vector on same machine.

* One I came up with combines 5-6 to feed it bad data to make it seem unreliable. Expect user to contact tech support, use Google to solve problem, etc. Perform NSA style MITM at that moment. Compromise the host. Compromise the service. Option six in general is compromise a weaker service, which legacy says will be there, and then compromise the Mylar portion from there. A Mylar-only thin client might help here.

Time To Read The Paper

Ok, that's my comments before reading past Section 1. Let's see what changes after I read more. I like doing it that way as a personal test to see how well my experience anticipates issues. We'll see. :)

7. Identity provider. "For some applications, Mylar
needs a trusted identity provider service (IDP) to verify
that a given public key belongs to a particular username." Issues we've seen in trusted 3rd party and PGP-type systems could apply.

Confirmation of 6: "Mylar protects... confidentiality in the face of arbitrary server compromise, *as long as none of the users with access to that data item use a compromised machine*." Emphasis is mine. A major approach at compromising web apps is credential stealing or MITM attacks via compromised machines. True for both TLA and non-TLA attackers. So, this is significant if they're in threat profile.

Confirmation of 5: "Mylar does not hide data access patterns, or communication and timing patterns in an application." These patterns are important in traffic analysis and advanced cryptosystem attacks, both which are important to NSA. (Same for other countries' TLA's or snooping carriers.)

Modification of 4: They claim Meteor framework helps prevent some of the mistakes web application developers do that might undermine security. So, *if* risks I mention in 4 don't kick in, then the functionality of Meteor might reduce other risks like cross-site scripting attacks. That's a lot of faith in one set of things to prevent easier issues, imho. Yet, using something like Meteor might also also increase adoption.

Confirmation of 3: The server's private key is used to sign the code that starts root of trust for all of this. So, the design wants the server to be untrusted, but it is in fact trusted. It seems that a server attack can be used to send malicious code to the machine which might be used to leak information somehow. (Among other things.)

They mention something about this later on in the paper: "Mylar relies on X.509 certificates to supply the web site owner's public key for code verification. Alternative schemes would avoid the need for fully trusted certificate authorities, and the Mylar extension could allow users to manually specify site owner public keys for especially sensitive web sites."

It's good they thought about CA risk, but why not risk of putting root of trust on server which is assumed to be compromised? I hope I'm just totally missing something here due to a quick read of the paper. If I'm missing it, it's likely built-in to their crypto scheme which I'm skipping for now as I don't have the time/energy to evaluate it. I'll leave that for someone else.

Conclusion

I've done a preliminary analysis based on paper with limited data. The design is simple enough to be usable and possibly protect against many black hat threats. However, it has risk factors that make it highly likely that both NSA and black hats can defeat it directly or via bypass. It also isn't designed or implemented using high assurance techniques that are necessary against sophisticated, well-funded attackers (eg NSA). (Excusable because it's a prototype.) So, my initial conclusion is that this is a mere obstacle for a determined opponent and shouldn't be trusted to stop them. Unfortunately, determined attackers are common today.

However, as I said, it has potential as a layer of security against the many lower grade attackers out there. And the crypto might address some of my criticisms. It needs cryptographers with time on their hands to look at it.

can of dayz beansMarch 27, 2014 8:16 PM

No Mr Bond, we expect you to use wi-fi: MI5 pensions off spies who can't use I.T.

http://www.dailymail.co.uk/news/article-1265219/MI5-pensions-spies-use-I-T.html

'Our enemies use every available method to attack including using technology. We have to be aware of the imminent threats of cyber attacks and the old generation of MI5 have to be completely comfortable using computers and the latest technology.

'There is no room now for the old school tie or recruitment from just certain Oxbridge colleges.
'We need people from all walks of life who can speak a range of languages and possess certain technical skills.'

* * * * * * * *

Don’t Know How to Use Facebook? You’re Fired!

http://www.newsweek.com/dont-know-how-use-facebook-youre-fired-210328

"According to the Daily Mail newspaper, the British intelligence agency MI5 has rolled out plans to lay off workers (including spies) who do not know how to use social-networking tools like Facebook and Twitter. "

KnottWhittingleyMarch 27, 2014 11:31 PM

EFF on new report from UN Human Rights Committee about US (non-) compliance with ICCPR wrt privacy etc.

https://www.eff.org/deeplinks/2014/03/dispatch-geneva-eff-responds-observations-un-human-rights-committee-nsa-surveillance

The article has a link to the text of the the "concluding observations" (marked "ADVANCED UNEDITED VERSION") of the Committee's responses on the US's fourth periodic report to the committee. Section 22 is the one about surveillance and privacy.


CatMatMarch 28, 2014 6:04 PM

Are we still here?

@Skeptical:
So, the logic here would be that NSA is fully justified when they break in and ransack the home of subject A because she uses the same email provider as subject B who is related to subject C that is married to subject D who happens to work at Samsung, which is considered to be a company providing software to subject E giving services to subject F having an affiliation of some kind to subject G who might be considered a terrorist? When all they *know* is that the company is called "Samsung"?

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Resilient Systems, Inc.