New NSA Snowden Documents

Glenn Greenwald’s new book, No Place to Hide, was published today. There are about 100 pages of NSA documents on the book’s website. I haven’t gone through them yet. At a quick glance, only a few of them have been published before.

Here are two book reviews.

EDITED TO ADD (5/13): It’s suprising how large the FBI’s role in all of this is. On page 81, we see that they’re the point contact for BLARNEY. (BLARNEY is a decades-old AT&T data collection program.) And page 28 shows the ESCU—that’s the FBI’s Electronic Communications Surveillance Unit—is point on all the important domestic collection and interaction with companies. When companies deny that they work with the NSA, it’s likely that they’re working with the FBI and not realizing that it’s the NSA that getting all the data they’re providing.

Tags: books, Edward Snowden, NSA, whistleblowers

Posted on May 13, 2014 at 6:38 AM • 73 Comments

Comments

Mike the goat • May 13, 2014 7:55 AM

As an aside I noticed that Greenwald today wrote in The Guardian about the NSA tampering with embedded devices.

His book looks like an interesting read and I will surely acquire a copy. I can only hope that now he has had his moment in the sun and (without doubt) made a fair amount of cash he can – in the interest of full disclosure – release all of the documents without redactions, some of which were downright cowardly (i.e. not revealing the names of the VPN products mentioned) and his response to the criticism pretty illogical (paraphrased: so many other products have had NSA tampering it would be misleading to list the few mentioned). Not hating on the guy – I think he has done a stand up job of ensuring that the average Joe is aware of what this rogue government agency is doing. Releasing the names of the products mentioned wouldn’t endanger anyone (like revealing a name of an informant, for example) and might shed some further light on what exactly is going on and how they go about injecting themselves into commercial software and hardware companies especially those outside the United States.

keiner • May 13, 2014 8:05 AM

p 27 of 108 of the .pdf:

“SSO Highlight – Microsoft Skydrive Collection Now Part of PRISM Standard Stored Communications Collection

on 2013-03-08 1500”

I like it!

keiner • May 13, 2014 8:08 AM

… getting better and better from page to page… full access to credit cards, call lists etc. of Skype on p.28…

tbc…

Curious • May 13, 2014 8:09 AM

The faximile of a document for “page 144” in the pdf (“sigint synergy helps shape us foreign policy”) appear to have a list of countries, however there are big gaps and only few are listed (France, Japan, Mexico, Brazil), and it appear as if lots of countries are blanked out. There is no redaction remark.

Given the paragraph that follow, I get the impression that this list would be of countries in the UN security council, which according to the internet would be 15 countries, or something like that. I guess it is reasonable to think that other countries has been subject to espionage as well. I wonder why this list was blanked out.

Curious • May 13, 2014 9:06 AM

Oops. On second thought, I guess ‘facsimile’ might not be the proper word with regard to my earler comment above. Also, I wrote ‘facsimile’ wrong. 😐

Curious • May 13, 2014 9:14 AM

What does “for the purpose of targeting with no defeats” mean? (For “page 189”.)

dot tilde dot • May 13, 2014 9:28 AM

is it just me, or is the server now asking everybody to authenticate?

.~.

dot tilde dot • May 13, 2014 9:29 AM

erm, i should add: authenticate trying to access the documents link.

Curious • May 13, 2014 9:34 AM

@dot tilde dot
I got that too, so I used the other link to the website and downloaded a pdf from there.

Jan Doggen • May 13, 2014 9:39 AM

@dottildedot It’s not just you.

Benni • May 13, 2014 9:42 AM

@Skeptical
“nothing revealing commercial espionage”

Of course not. The nsa prefers to use the word “economic” for that kind of espionage in the slides that bruce has linked. Dear NSA employee, can you just once stop this weasely and evading language?

Bruce Schneier • May 13, 2014 9:54 AM

“I see nothing revealing commercial espionage, or any intent to engage in it.”

The US definitely engages in commercial espionage, but we define it very narrowly. We don’t spy on foreign companies and pass the information on to domestic companies. But we do spy on foreign companies and use that information in international trade negotiations, directly benefiting domestic companies. We call that “economic espionage,” which is supposed to make it okay.

keiner • May 13, 2014 9:56 AM

yepppp, Brazilian Ministry of Energy and Mining is classical counter-terror…

Figureitout • May 13, 2014 9:59 AM

I see nothing revealing commercial espionage, or any intent to engage in it.
Skeptical
–B/c you refuse to accept the evidence being confronted to you. You likewise cannot prove the opposite; your evidence is PR statements which is laughable.

EH • May 13, 2014 10:30 AM

Try to resist Skeptical’s derail into Greenwald’s “tone,” and what they say isn’t revealed, rather than what is there.

I think redacting the specific product names is fine because they’re irrelevant. Just like the NSA, the companies could deal with this by simply changing product names while persisting in the behavior if everybody was led to believe it was just a problem with these specific models rather than a problem with the entire company. “Oh, well, we don’t make the XR-i93 anymore anyway.”

keiner • May 13, 2014 10:46 AM

I recently lost some AOL emails, does anyone know an email address to apply for re-delivery?

uh, Mike • May 13, 2014 10:51 AM

@keiner, you’re the only person who’s not allowed to have them.

TM • May 13, 2014 10:55 AM

It’s one thing to reveal the truth as a reporter working for a reporter’s salary in a newspaper, but selling classified information for top-selling cash on Amazon? This guy seems to have social engineered us all into what may be the scam of the century. Do we even know that Snowden is real? Maybe all this is a fabrication designed to make a multi-million book sale. It has happened before.

yesme • May 13, 2014 11:06 AM

@TM

Yes, it’s probably a scam. The NSA “Warehouses” are a photoshop thing. And General Alexander is part of the game. Btw WW2 didn’t happen. And Jezus Christ did walk on water.

Btw, I went to Auschwitz myself. It is true.

Count0 • May 13, 2014 11:09 AM

The sockpuppets are really funny this time!

yesme • May 13, 2014 11:10 AM

Sorry, I went to Auschwitz a couple of years ago on a visit. The place was hell on earth.

reid • May 13, 2014 11:41 AM

@TM

uhh there’s a link to a pdf with all of the NSA docs in the body of this post, available freely; the only thing you get extra by buying the book is greenwald’s editorial invective. “is snowden even real” hahaha get ye back to abovetopsecret or whatever

QnJ1Y2U • May 13, 2014 12:02 PM

Page 30 of 108:

MS (Microsoft), working with the FBI, developed a surveillance capability to deal with the new SSL. These solutions were successfully tested and went live 12 Dec 2012.

This was for outlook.com.

Newish points:
– Sounds like enthusiastic cooperation with the feds; that’s a contradiction with Microsoft’s public statements.
– The FBI’s in the wholesale surveillance game.

Sniff Every Panty • May 13, 2014 12:09 PM

Yes they certainly are. skep is always worth reading to catch up with the next Big Lie of the beltway tax parasites.

today we got “garbage!” We got “half-baked theories!” We got the master of style editing Greenwald’s prose! We got the old lie, “nothing new,” belied by the swing-and-a-miss sarcasm of the pissed-off superspy wannabe. We got skep’s talking-out-my-ass safeword, “undoubtedly,” about what he just knows is in the book.

Clearly the party line that got passed down to the GS-6 ranks is hominahominahominasputtersputter. Not since the War of 1812 has a federal entity stepped so hard on its crank.

Benni • May 13, 2014 12:20 PM

Some slides, I in fact do like.

For example, the fact that they have to interdict Cisco shippings for planting bugs means that it is true when Cisco says its policy is to never work with any government to insert backdoors.

I guess, Cisco engineers now really begin to hate the nsa, since they can not do much against the interdiction. One way to counteract would perhaps be to allow users to download a software that checks whether firmware or hardware modifications of Cisco products have been made. I thing Cisco and other vendors should put a software like this on their download page.

Perhaps google or other large companies, especially foreign internet providers, might consider sending hardware back to cisco for inspections, so that the exact nature of the modifications from the nsa can be elucidated, and counteracted.

I also like the pages where they go on about hacking facebook, since this means that facebook is not as intensly collaborating with the nsa as does Microsoft.

I wonder, however, what this “intel partnership” is for. Do they really have introduced backdoors in the hardware prng of intel processors or what?

name.withheld.for.obvious.reasons • May 13, 2014 12:31 PM

Though no documents are provided, a book on the Snowden affair was released in February of this year from a journalist at the Guardian. From the comments so far there does not seem to be a great deal of hyperbolic issues with Greenwald’s book unless your an IC angler or a land shark. “The Snowden Files” so far is in contrast to Greenwald’s book much as the difference between a story (Harding’s book) and the details of a technical episode. Harding’s book I believe is useful in that the background story is a condemnation of the IC and governments. The people in Harding’s coverage of the affair gives a depth, by their experiences, that humanized the events and contrasts the more emotive sense of betrayal that is the story.

Sniff Every Panty • May 13, 2014 12:40 PM

More sabotage, reporting on SCADA upgrades and CAD in key countries that affect the world economy. P. 138,

More serious breaches of the Vienna Convention. P. 139, p. 143-147

Nicholas Weaver • May 13, 2014 1:21 PM

In going through the documents themselves, I’m really annoyed.

These are very much snips and fragments, designed to paint a Greenwald-biased picture (in contract to the NSA biased picture).

Overall, big slide decks can covey a lot of information: the ones for PRISM, XKEYSCORE, and QUANTUM, and the mass phone recording program, all paint a picture of the NSA grossly overreaching and setting a set of insanely dangerous precedents. This, however, is almost useless, just bits and pieces without context.

Figureitout • May 13, 2014 1:31 PM

Bruce
–And if it isn’t the FBI then it’s DIA. Or CIA. Or DEA. It’s overall a police state.

Moderator && Bruce
–Notice how this post may get obnoxious spam trying to sound conspiratorial (spyderman). This is probably the operation in action, happening right now! Deny, Disrupt, Degrade, Deceive; it’s their strategy, bringing people down.

Wow these slides look like they seriously use MS word art and pictures.

Seeing the actual work benches where they backdoor hardware really hits you hard once it sinks in. Then put the “factory seal” on it; they’re subverting the companies name and work.

pg. 45 (or 136) it says “serving our customers” but no mention of the American People; only military leadership (not the grunts on the ground) and even Dept. of Agriculture? Oh yeah they have their own swat team too.

And…I’ve talked extensively about the operations used against me. Well, a company I’m about to work for, the owner said I contacted him via email when I never did. I have a theory about some possible coercion happening, and allowing incompetent leadership (been described as the most manipulative person ever met) but I didn’t get the evidence. I get random phone calls and messed up messages from random numbers all the time. Look at pg. 102 (191) where they describe their “4 D’s” operations, including “honey traps”, making up false accusations pretending to be a victim, and… emailing/texting friends/colleagues/neighbors, conducting a real-life MITM. I’ve also had my blog hacked almost immediately like always; it was a google service so I’m sure they got the password from the side-stepped SSL, if not immediately from my infected connection and machine.

More falsehoods, this is an evil organization that needs its funding reduced drastically. This is all so disgusting and getting worse. They laugh and joke about getting into people’s personal lives. It needs to show its worth, what actual value is this collection providing to the American People? At the very least shift the funding to DARPA that is at least working on a secure computer architecture.

Benni • May 13, 2014 1:39 PM

Some slides, I in fact do like.

For example, the fact that they have to interdict Cisco shippings for planting bugs means that it is true when Cisco says its policy is to never work with any government to insert backdoors.

I also like the pages where they go on about hacking facebook, since this means that facebook is not as intensly collaborating with the nsa as does Microsoft.

I wonder, however, what this “intel partnership” is for. Do they really have introduced backdoors in the hardware prng of intel processors or what?

Skeptical • May 13, 2014 1:52 PM

@Bruce: The US definitely engages in commercial espionage, but we define it very narrowly. We don’t spy on foreign companies and pass the information on to domestic companies. But we do spy on foreign companies and use that information in international trade negotiations, directly benefiting domestic companies. We call that “economic espionage,” which is supposed to make it okay.

Well, there’s a part of this that I agree with, but let me get the parts where I disagree out of the way first.

The definition of commercial espionage is not simply “our” definition, invented as part of a PR game; it’s how the term is commonly used (“industrial espionage” is frequently used with the same meaning). For example, the European Parliament’s report on its investigation into Echelon noted the distinction, finding that industrial espionage is not a permissible use of intelligence services.

I also don’t find any of these terms to be morally loaded. That something is “commercial espionage” doesn’t indicate whether it’s morally appropriate or wise for a nation to engage in. And for nations with large State Owned Enterprises, the question may be quite difficult.

The reason that commercial espionage is distinguished from other types of espionage is because of how commercial espionage affects individual companies, and to some extent economic policy generally.

For instance, the distinction is important to any company that cares about its intellectual property. I’d like to know whether I can invest in a foreign lab without having to worry that the US will simply steal away anything produced and hand it to US companies. Obviously the implications of the NSA’s capabilities would be far graver if this were the case.

The distinction is also important from a broad policy perspective. International free trade is widely viewed as beneficial because it allows market forces to work across countries. Commercial espionage distorts those market forces, reducing the overall benefits of free trade.

Commercial espionage isn’t really compatible with free trade. Other forms of economic espionage, such as spying on Petrobras to aid in assessing the fiscal stability of the Brazilian government, by contrast are quite compatible with free trade.

Okay, so to the extent I understand you to be saying that “commercial espionage” is a distinction without a difference, that’s where I disagree. It’s a meaningful distinction with significant policy implications.

Now, with respect to your point on treaty negotiations, I don’t think our views are that far apart.

The US will collect any information useful to its bargaining position in international negotiations. So it may have been useful during the 1990s for President Clinton to know how much influence Japanese car companies had within the Japanese government, and to what extent those car companies were willing to allow Japan’s market to be opened.

That kind of intelligence activity though is much less concerning from a policy perspective (I’m also skeptical as to how useful it would be in a trade negotiation, but that’s completely uninformed speculation on my part).

This is also a type of intelligence activity that is widely known and is not contested. The presence or absence of it in the Snowden docs isn’t revelatory.

By contrast, the question of whether the US engages in commercial espionage was contested, indeed still is contested, and there have been multiple investigations in the not too distant past to attempt to answer that question.

So the absence of any indications of commercial espionage here is significant, though not as significant as the presence of any such indications would have been.

keiner • May 13, 2014 2:13 PM

Since I downloaded this .pdf this afternoon my firewall logs are filled with blocked port 8080 connects by this computer to various amazonaws US servers, every few seconds 14 trials to different servers.

Never seen that before…

204.236.166.48
50.16.54.227
177.71.234.231
50.112.37.9
46.137.134.188
50.112.37.9

coward • May 13, 2014 3:41 PM

Personally I’ll buy my paper copy with cash and leave the PDF on the server.

Sigmund • May 13, 2014 3:43 PM

@Nicholas Weaver Are you “in contract to the NSA”?

6017 • May 13, 2014 3:48 PM

More and bigger lies from skeptical: “widely known and is not contested,” a triumph of strenuously-maintained ignorance of Vienna Convention on Diplomatic Relations Articles 24 and 27 and of World Court judgments on duplicitous proceedings incl. http://www.icj-cij.org/docket/files/156/17844.pdf

This is how US government drones are trained, just lie and lie and when it doesn’t work then lie some more.

Nicholas Weaver • May 13, 2014 3:55 PM

Sigmund: HELL NO. And I am insulted that you would even think so. Look at what I’ve written:

Our Government Has Weaponized the Internet. Here’s How They Did It

A Close Look at the NSA’s Most Powerful Internet Attack Tool

The NSA has caused incalculable damage, and started a massive online spy-race that we are probably going to lose, bigtime, due to the relative imbalance between offense and defense.

I just have a lot more nuance than Greenwald, and find this slide release to be all heat and no light.

43hti3uht3iuht • May 13, 2014 4:00 PM

@keiner: Upload or hotlink the PDF to kernelmode.info or tuts4you or another non-special-interest RE site, you’ll find out what’s inside within 24 hours for free.. AV scanners are based on signatures, and it could be an Adobe 0-day or ‘crypted’ exploit dropping malware..

Independent Record of Events • May 13, 2014 5:23 PM

@coward “Personally I’ll buy my paper copy with cash…”

Another advantage of paying with cash is that you’ll get a printed receipt.

Save it, because someday it could provide evidence to fight off a parallel-constructed attack from the FBI.

Earle • May 13, 2014 5:34 PM

@Nicholas Weaver

I think Sigmund was just teasing you about a typo in your prior post

anonymous • May 13, 2014 5:36 PM

‘Skeptical’ is an example of a constructed identity, probably populated by more than one individual, to promote the current power paradigm, i.e., ‘democratic’ neoliberal capitalism as expressed by western nation states.

As information war progresses, people will progressively ignore what is essentially a machine-generated sub-discourse.

Mr. Pragma • May 13, 2014 7:50 PM

I don’t trust greenwald any further than I’d trust nsa or, for that matter, any us-american entity whatsoever.

He has worked and is working for/with newspapers that are well known to “negotiate” (read: bend over) with regimes like the usa and uk. And his new project is with a billionaire well known to have (and probably still) partnering with cia.

Maybe those “freedom fighters” are just working on usa’s panopticon project, maybe it happens to just suit someones agenda to “strip” some us agencies, maybe Snowden is just an asset (not necessarily knowingly) of an infight between nsa and cia, whatever.

What I personally find more shocking than ever more “revelations” about nsa is the sheep-like readiness to be manipulated into focussing but the usa. Of course I can’t prove it but I’m certain beyond any doubt that every government does or, provided it had the means, would do, too. Similarly pretty government quickly forgets anything about democracy when secret services are concerned. Granted, usa — as usual — acts particularly law-ignorant, criminally, and brutally, but in the end pretty every country’s secret services so whatever their means allow; some like Russia or Suisse might have at least some reasonable restraint by, for instance, actually using their services to fight off espionage and the like while others like almost certainly pretty every nato member act no better than any mafia syndicate.

And I find it shocking how many are basically quite content to lament somewhat but to happily continuing their use of windows or linux and their unreflected praise of open source software.

And there is something more.

For whatever strange reason pretty no country seems to have any interest in developing alternatives or, god beware, their own ICT industry. China is mainly occupied with producing whatever can be produced and sold and even the whole of europe seems to be content to do hardly more than to staff us-american corp. factories.

Didn’t it strike anyone that having basically no options besides using us-american processors or uk designs/licences (arm) they played themselves into usa’s hand to do whatever they fu**ing please?

Roughly 99% of all business or government computers are based on us-american cores.
Roughly 99% of all network backbone equipment is based on us-american products product cores.
Roughly 99% of all business, government or network equipment is using or based on us-american (or easily controllable or to be manipulated) software like windows and linux (you don’t like me putting linucks there? Well, go and look up who is “sponsoring” the core and majority of kernel and critical standards software in linucks … Hint: ibm, redhat, etc.)

Pardon me but this whole thing reminds me of a very attractive woman having a walk in a transparent gown without bra or panties in a very, very bad neighborhood around 3 am and her family complaining the next day that she has been a victim of undecent approaches …

So, yeah, go right ahead and bash the nsa some more (“oh no! they’ve actually (ab)used yet another free meal we provided to them. Yuck, how despicable!”) – or else go and do your part in building a more solid, safe and secure ICT world. Or at least demand your government to support some kind of national project.

Or, in other words, stop lamenting being raided in your tent and start building some brick walls.

Leon Wolfeson • May 13, 2014 8:13 PM

Benni – There’s already a mechanism for that, in Software, and though which a mechanism for hardware checking could be implimented. I hate to harp on it, but it’s…Open Source.

Mr. Pragma, I suggest you check where ARM are based.

And you want American companies to be told to not do business here? Oookay…

Mr. Pragma • May 13, 2014 8:21 PM

Leon Wolfeson (May 13, 2014 8:13 PM)

Last time I checked Arm was in uk. As I said (” or uk designs/licences (arm)”).

And whatever “here” means, no, I do not want to stop or dictate american companies doing business “here”, elsewhere or whatever.

What I said was that a) I suggest to avoid using american products and b) other countries finally start to work on their own designs or any significant ICT industry at all, beyond copy-producing us or uk products, that is.

So, in your dictum:

Oookay… I suggest you read something before commenting it.

George • May 13, 2014 9:49 PM

Does it explain how all this surveillance has actually made the Homeland any more secure?

Or is that beside the point?

Figureitout • May 13, 2014 10:53 PM

Mr. Pragma
–Pretty all inclusive sweeping assessment of Americans, kind of an American thing to do, eh? Granted there’s a lot of ignorant f*cks here that need to get out in the world more, but the intelligent ones aren’t quite so overtly evil. Maybe no other country has done it b/c they’re not capable of doing it or too poor, I don’t know? Quite sad really. As an American, I would really like to see some alternatives, and the ability to securely deliver that hardware to me. I’m going to build some computers that won’t be any fun at all subverting but I can’t source the money and time to first develop a secure chip (whatever the hell that means), then during the entirety of manufacturing and designing keep all agents out. I mean, I’ll probably make a basic chip design, ship it off somewhere but have no real verification that I want on all the backdoors that can be planted. Need a secured, shielded, underground lab to be able to work and think clearly. If I had $100 million you know I’d be working on that right now (and camp out at the construction site). Fantasies aside, I have a lifelong goal.

George
–No that should be a point made by Bruce and a lot of other people. That’s what I’m saying, someone besides Skeptical should come on here and give the actual benefits of all this collection. What are the tangible, real, financial benefits of all this collection? I’m betting it’s a worthless waste of money as they have a bunch of data that still could be potentially tampered w/ (malicious insiders like moles) and way too much for any real human analysis. The benefits must be classified b/c there aren’t that many.

Peter • May 13, 2014 11:50 PM

The thing with PRISM and the NSA/FBI comes very close to willfully misleading the public. As we know, the Guardian and the Washington Post claimed that NSA had direct access to the servers of the tech companies, but from two slides from the same NSA presentation about PRISM it becomes very clear that it’s the FBI that picks up the data at those companies.

These slides were published almost a month and 5 months later, but as Greenwald and the papers had these slides right from the beginning, they apparently decided not to publish them in their first publication. So although they must have known that it was the FBI that acted as an intermediary, they went out saying it was NSA tapping in the servers of Google, Yahoo, etc.

This was not only not true, but also gave the companies involved the opportunity to (maybe even honestly) deny any direct relationship with NSA. Leaving everyone confused and also in doubt about whether the companies were telling the truth.

The aforementioned slides and all other PRISM slides are listed and explained on my weblog: What is known about NSA’s PRISM program

Mr. Pragma • May 13, 2014 11:57 PM

Figureitout (May 13, 2014 10:53 PM)

No. I didn’t assess “the americans” but their country and those in control of it.
Granted, it’s not easy to like americans and it’s seductive to reason that all that ugly dirt is their responsability. But sadly, I’m afraid, “the americans” are hardly more in control of their country and the actions of its agencies than we non-americans are.

So, I’m perfectly willing to see that there are single americans who are decent beings and who do decent work; Bruce Schneier comes to mind (he is american, isn’t he?) or Prof. Bernstein.

Unfortunately, however, it’s not these decent americans who are in control of usa’s agencies and institutions of crime, espionage, anti-democracy attacks, mass-murder, etc. Consequently, so it seems, it is a reasonable and sound approach to simply avoid any and all american products and services, assuming that they are tainted or corrupted.

If it helps usa lovers to feel better, I see much responsibility with other nations, too (although guilt isn’t my interest; solutions are). After all it’s (from what I know) not usa’s guilt that other nations lazily took whatever usa served rather than building up their own ICT industries (beyond merely copy-producing).

In a way some of this reminds me of Microsoft some 25 years ago. Microsoft didn’t get big because they were so great; they got big because the other players were so bloody incompetent and ignorant.

That’s why I don’t like (for instance) Europeans just complaining about how evil nsa and the usa are. After all, Germany and France, to name some examples, had every chance to build their own capabilities. Unfortunately, for whatever reason, they chose not do much more than building factories, most of them even by usa corporations, to produce american CPUs.
And it could be done. Russia, for example, although living through extremely difficult times, managed to at least pick up OpenSparc and build something on it. Similarly China made quite impressive progress based on Mips. So, those “mighty” countries like Germany or France sure enough could have done something similar, too.

In the end it’s simple. If you are dependent on others to provide you with processors they have the capability to manipulate your networks and computers.

So, rest assured that I do see the responsibilities of others too, when I seem to just bash the americans.

unamerican • May 14, 2014 12:04 AM

I’m not aware of any evidence that American intelligence has prevented terrorism, economic collapse or war. In fact there is documented evidence of fabricating pretexts for war, manufacturing fake terror plots and suppressing domestic dissent. I look forward to ‘Skeptics’, Hayden, Alexander, Obama and other defenders of the glorious democratic corporate freedom agenda of the west providing public testimony on these points. We can wipe out the national security state tomorrow, preserve a minimum deterrent force and move on to a humane existence.

OT – Mr. Pragma, thanks for your Ukraine comments at MOA . . .

Peter • May 14, 2014 12:20 AM

Intelligence agencies are not only preventing acts of terrorism, it’s not like we see in Hollywood films or television series. Intelligence agencies spend most of their time preparing reports about a wide variety of topics to keep their “customers”, like senior policy makers informed about what happens around the world.

Military intelligence agencies, like NSA, are spending a lot of time and effort in supporting American troops abroad by providing military commanders with strategical, tactical, situational and operational intelligence so they can operate in the most effective way.

So we really cannot judge an agency like NSA by how many terrorist plots they prevented – they are part of a huge civilian and military bureaucracy, the effectiveness of which can only be estimated by asking their customers whether they are satisfied with the reports they get from NSA and the other member of the intelligence community.

Cohem • May 14, 2014 12:29 AM

Wow, Glenn Greenwald didn’t even want to use PGP despite Edward Snowden him to use it so many times? How can you actually trust this guy? Edward Snowden said that the NSA still doesn’t know which documents he stole. Maybe Greenwald got courtorders to reveal all the secret documents he got from Edward Snowden. That wouldn’t be surprising after the ‘give us all your SSL keys courtorder’ story from Lavabit. So, if the NSA can legally obtain the SSL keys to decrypt and/or impersonate an encrypted mail service. Why wouldn’t they be able to get a court order to make Greenwald give them what they wanted?

Tom239 • May 14, 2014 12:35 AM

Bruce Schneier wrote:

The US definitely engages in commercial espionage, but we define it very narrowly. We don’t spy on foreign companies and pass the information on to domestic companies. But we do spy on foreign companies and use that information in international trade negotiations, directly benefiting domestic companies. We call that “economic espionage,” which is supposed to make it okay.

And yet the USA denies engaging even in economic espionage. The WaPo quoted this assurance they received: “The department [of Defense] does not engage in economic espionage in any domain, including cyber.” (Yes, this is the kind of limited denial that doesn’t say whether any other department does it–even so, it’s a bit of a stretch to say the DoD and thus the NSA is technically not in the industrial espionage game because it’s just doing the collection.)

Clive Robinson • May 14, 2014 2:14 AM

@ Peter,

Military intelligence agencies, like NSA, are spending a lot of time and effort in supporting American troops abroad by providing military commanders with strategical, tactical, situational and operational intelligence so they can operate in the most effective way.

The problem is these “Reports” that are generated are often of little worth, not because of protecting “methods and sources” but because the analysts are either “hedging their bets” or working from incorrect assumptions from “not having boots on the ground HumInt”.

There are a number of cases where the NSA “muckety mucks” have been told quite bluntly by commanders in the field their “product” is not wanted as it’s worse than useless.

In fact the problem appears to be sufficiently bad that one of the primary missions of the DoD in recent times is to either get the raw intel or collect the raw intel themselves and cut the NSA and other agency analysts out of the loop as much as possible (which might from a political view be just a turf war, but other views say not).

Part of this is that one of the problems the US Intel agencies have been long known to suffer from is a lack of boots on the ground Intel –humint– worse they have been known to quite deliberatly “burn” other cooperating countries humint assets for the sake of cheap political publicity (a recent well talked about case being the second underpants bomber).

One of the reasons it’s felt that the US is “so far behind” on the cyber front compared to the Chinese and Russians is that whilst the US lacks “agents” abroad both the Chinese and Russians have a great many agents working on US soil. Whilst I appreciate it’s much easier for closed societies to obtain or place human assets/agents in open societies for a whole host of reasons, other open and closed societies are managing to obtain or place human assets in both China and Russia.

Perhaps US citizens should ask why this state of play has come about where the US Intel organisations have for so long failed on the Humint front that their soloution to the problem is total Elint/Sigint dominance of “collect everything”. Even though it’s been known publicaly since the “Berlin Tunnel” that such information even when from known sources is usually at best questionable. Further that even third world terrorists actualy are sufficiently aware of this that they take considerable care not to use communications technology, or use it in such a way that US drones are making “Meta-Data KILLS” of innocent people…

Or • May 14, 2014 3:27 AM

Page 157
maybe “or” is a good username

keiner • May 14, 2014 3:46 AM

@43hti3uht3iuht

Tried to register at KernelMode, but the confirmation eMail did not arrive within 3 hours at my AOL account…

“Contact an admin” is a bad joke, if you can not log in to a forum…

Skeptical • May 14, 2014 7:39 AM

@Pragma: some like Russia or Suisse might have at least some reasonable restraint by, for instance, actually using their services to fight off espionage and the like while others like almost certainly pretty every nato member act no better than any mafia syndicate.

It’s bizarre to read a Brit who thinks that NATO is a mafia syndicate while Russia has “at least some reasonable restraint”, especially in light of recent events in Ukraine and the level of corruption in Russia.

But I suppose the nice thing about living in the West is that there is a roof for everyone, regardless of your political opinion or bent, whereas in Russia… different roofs for different people, often at a high price.

@unamerican: I look forward to ‘Skeptics’, Hayden, Alexander, Obama and other defenders of the glorious democratic corporate freedom agenda of the west providing public testimony on these points. We can wipe out the national security state tomorrow, preserve a minimum deterrent force and move on to a humane existence.

Oh, the West has plenty of warts, but there’s been ample public testimony on terrorist plots stopped, and terrorist actors and groups derailed, as a result of US action.

Senator Leahy, and others, questioned whether the Section 215 telephone metadata program had been useful in stopping terrorist plots. No one, including Leahy, questioned whether Section 702 or 12333 programs had been effective.

@keiner: Since I downloaded this .pdf this afternoon my firewall logs are filled with blocked port 8080 connects by this computer to various amazonaws US servers, every few seconds 14 trials to different servers.

I’m completely ignorant of such technical matters, but this vulnerability notice issued yesterday by Adobe with respect to the Adobe Reader might be relevant: HP Zero Day Initiative – Advisories

Steve • May 14, 2014 8:27 AM

Please do not engage the sock puppets. Thank you.

I’m particularly concerned about the slide detailing “strategic partnerships”. The company that I work for was listed on that slide, and I was disappointed and alarmed. It states that 80 companies are in an “alliance” with the NSA, however it does not define that alliance. I’ve been waiting for concrete evidence for complicit involvement before tendering my resignation. This potentially qualifies.

Ian Lamothe Brassard • May 14, 2014 9:13 AM

I am quite annoyed by the constant accusations of “sock puppetry” around here, in lieu of actual argumentation. Schneier blog used to be one of the first place on the web where infosec professionals could discuss and learn. Now the level of discourse isn’t better than what we can find a Reddit. This is really getting old.

Benni • May 14, 2014 10:22 AM

Regarding economic espionage of the nsa,

whistleblower William Binney says here:

http://www.heise.de/newsticker/meldung/Ehemaliger-NSA-Technikchef-Der-NSA-gehoert-das-Netzwerk-2188605.html

That contractors and advisors have access to nsa data and to the reports that were compiled from this data. They would then use this to create better offers than business rivals of american companies.

These “advisors” associated with the nsa would not want to solve the problem, instead they just want to get the next contract with some company that they can offer their advise to.

Several companys around the nsa would make their profits only with the surveillance data, selling them to other companies.

In german:

“Das gesamte Überwachungssystem ermögliche nicht nur, eigene Beziehungspartner sowie Politiker, Anwälte, Journalisten oder gar Verfassungsrichter auszuschnüffeln, sondern auch eine weitgehende Wirtschaftsspionage. Vertragspartner wie IT-Dienstleister oder Berater hätten Zugang zu den Datenbergen und daraus erstellten Analysen und könnten so Offerten von Konkurrenten unterbieten, führte Binney aus. Das dem Geheimdienstkomplex zuarbeitende Umfeld wolle das Problem nicht lösen, sondern “den nächsten Vertrag ergattern”. Zahlreiche Firmen lebten so von der überbordenden Massenspeicherung.”

Nick P • May 14, 2014 10:26 AM

@ Ian

I’ve noticed this. My guess has been that several people have left who used to love the thoughtful discussions. There were quite a few people of various viewpoints that I recall. Without them, the old types of discussions are less likely to flourish.

FluffytheObeseCat • May 14, 2014 12:32 PM

@ Ian @ NickP

Schneier’s blog still gets an unusually high %age of sensible respondents. It is uniquely superior in that regard — head and shoulders above most others.

Consider then, if you will, making a few intelligent critiques* and posting them. Instead of this generalized carping at the tail end of a letters thread.

i.e. “Perhaps US citizens should ask why […] US Intel organisations have for so long failed on the Humint front that their solution to the problem is total Elint/Sigint dominance or “collect everything”. Even though it’s been known publicly since the “Berlin Tunnel” that [“collect everything”] is usually at best questionable. Further that even third world terrorists actualy are sufficiently aware of this that they take considerable care not to use communications technology, or use it in such a way that US drones are making “Meta-Data KILLS” of innocent people…”

Clive as usual, got to the crux of matters. The post topic is Greenwald’s book and raw data release, but both the post topic and the book release itself are important only in the context of these greater issues that Clive nailed. Yet again.

*(I’ve watched both of you do so to great effect over the years I’ve quietly read this blog; it isn’t as though you’re among the incapable.)

Mr. Pragma • May 14, 2014 1:38 PM

Skeptical (May 14, 2014 7:39 AM)

You do not discuss — and even less so on a technically informed level — you merely propagandize. -> No further answer deserved.

@all

Well, this matter does have strongly political aspects. I agree with those, however, who desire to keep the political discussions limited and to concentrate primarily on the technical issues.

I’m missing a well informed essay by someone like Bruce Schneier along the line “What do we have to learn from heartbleed?”.

We may find that “the americans” are guilty, evil, whatever – but this doesn’t make ICT more secure or reliable.
We may discuss again and again about the most minute details of what greenwald et al. have made public and about whether it’s credible and if so, why and to what degree, etc, etc – but this doesn’t make ICT more secure or reliable.
We may stress again and again and again the miraculous advantages of open source – but this doesn’t make ICT more secure or reliable.

No doubt, open source has striking advantages. But there might be buts. For one openssl is open source and yet none of the “many eyes” spotted the problem; neither did the senior guy who nodded OK some youngsters terrible code. Nor did thousands of engineers in projects using openssl – most probably because they didn’t look but simply trusted in the first place.

It seems that at least a major part of the problem is more in the social/psychological sphere rather than in the technical corner.

Did S. Henson nod OK Seggelmanns explosive code because Henson was an nsa or gchq agent or otherwise malevolent? Almost certainly not. Almost certainly he simply assumed a PhD candidate who after all co-worked on the RfC to be qualified and competent and to act accordingly.
And the “community”, for instance, the distribution maintainers in charge, were the evil-minded? Almost certainly not, almost certainly they simply assumed code from openssl, after all a security crown jewel, to be very well checked – or maybe they were just frightened to check it because actually they had occasionally looked into openssl and saw what a nightmare the mixture of encryption (lots of math, not easy) plus a shocking pile of very questionably organized, structured, and maintained code was. Which- or whatever it was, again a layer of control and trust failed and again the next layer relied on non-existing control and safe mechanisms not knowing they were actually playing lotto.

Now whom could concerned individual turn to (and why would they do that, assuming that multiple very knowledgable layers nodded openssl OK and “secure”, in fact in a way “the core of security”?)

Commercial auditors? Hardly. Even mid-size companies could hardly easily afford that, not to even think about your average citizen John Smith.

State authorities? Actually yes, actually that would fall plain in the center of a modern states responsibility, and in fact many states do have something like an agency for ICT security.
Unfortunately, though, those agencies didn’t do their job. Maybe in part the states, in particular nato states, didn’t want citizens too secure from prying eyes. But quite certainly, at least in many cases, also because they made the same error that other layers had made; they assumed that the “crown jewels” were very well engineered and checked. After all, wouldn’t it be insane if, say, some student could check in some unverified explosive code?!

Maybe it’s about time to understand that “open source” is for the most part more a social, political, and psychological issue rather than a technical one (in fact, the very term “open” strongly hints at it).

Don’t get me wrong. I’m by no means anti open-source and I do see its advantages. But it’s about time to also see its disadvantages and it being basically more about social and political issues (democracy, “bazaar”, copyleft, etc.) than about technical ones.

What we need, both as states and as citizens, are never sleeping and well trained technical guard dogs. Dogs that act like “I don’t care who you are, I don’t care how great, democratic, beloved, respected or whatever you are. You want to pass that bag of code into my area and I will sniff it carefully and based on the assumption that a first day newbie with evil intentions wrote that code, period.”

Benni • May 14, 2014 3:19 PM

By the way, former NSA Boss Michael Hayden works now for the Chertoff group.

If I am the boss of some american company, and want to know more about my “enemies” eeh I mean, the competitors of my company: Can I hire Mr Hayden’s expertise then? Say, simply, If i provide him with 100.000$ in cash, can he tell me what xkeyscore tells me on my competitors?

Perhaps technically, it is true that the NSA does not give anything to domestic companies. But the advisors in the private firms that have the security clearance might do…..

Matt • May 14, 2014 6:32 PM

Keiner, I also have noted lots of traffic to dynamic IP addresses in the cloud, amazon and other awhile back. Pretty good trick having one changing IP address set do one part of the communications and a second changing IP address set do the other. This also came with a trash of the wall clock for the firewall log, so don’t bother asking the cloud who had that dynamic IP address, because you don’t have the correct time of day.

On topic, while the FBI was playing passive defense in some of this, what these documents have not revealed as far as I know is what sub contractors have been actively offensive. I suspect the administration is guilty of active false flag ops in cyber warfare during these Ukrainian crises with non US victims being on the hit list. Who else would bother to use IP addresses from Kiev University?

Nick P • May 14, 2014 11:12 PM

@ FluffytheObeseCat

I totally agree that this blog is higher quality than most. I’ve repeatedly stated it here, I’ve promoted it elsewhere, and that qualitative difference is why I’m still here. Bruce’s persona also tends to attract some good thinkers here. And I try to contribute plenty myself, as well.

That said, it’s perfectly reasonable to objectively look at the discussions on the blog and how they might have changed over time. Look at some big discussions from 2009-2011 and compare those comments to current ones. There’s definitely been a change as Ian noted. That around half a dozen people involved in those discussions no longer post here led to my hypothesis. Dirk Praet comes to mind immediately as he always had insightful posts with good presentation style. RobertT seems to have moved on to other things as well. Probably got tired of repeating himself. 😉

So, I felt the issue Ian brought up was at least worth replying to. I wasn’t going to discuss it past that because, as you pointed out, the words can be put to more beneficial use. Now onto that. 🙂

Aspie • May 15, 2014 8:02 AM

Off topic – apologies to other posters/readers.

@Figureitout
Bro, I had a disk crash (2TB); lost a lot but not crucial stuff. Lost password to some email accounts though. Need to re-establish a link somehow.

WRT: 4th computer – many changes since; SPI primitives and MMU emulation (256 byte pages) and thread/tasking. Still no ferrari but aerogel (solid and virtually transparent). Getting near the mark on the modularism; quite power efficient in terms of pp/watt using nanoWatt tech.

I’m re-cutting the code in a more transportable form (asm/C) for more platform independence but the FORTH code will be guaranteed to work a-la Java. Also whisked up a FORTH compiler (v. primitive but it works) in perl.

AlanS • May 15, 2014 10:01 AM

@Skeptical

“…there’s been ample public testimony on terrorist plots stopped, and terrorist actors and groups derailed, as a result of US action.”

The “ample public testimony” and the “US action” in most cases turns out to be made up of gross exaggerations and false credit-taking by the NSA. If you think otherwise, please cite the evidence and make your case.

“No one…questioned whether Section 702 or 12333 programs had been effective.”

Effective at subverting the constitution? The Executive ‘mislead’ the Supreme Court about 702. See The “Culture of Misinformation” and the Government’s Representations to the Supreme Court in Clapper.

Skeptical • May 15, 2014 11:07 AM

@AlanS:

Here are Senators Mark Udall and Ron Wyden on the effectiveness of Section 702 programs (and lack thereof for Section 215):

Based on the evidence that we have seen, it appears that multiple terrorist plots have been disrupted at least in part because of information obtained under section 702 of FISA. However, it appears that the bulk phone records collection program under section 215 of the USA Patriot Act played little or no role in most of these disruptions.

Udall/Wyden Press Release

@Pragma: You do not discuss — and even less so on a technically informed level — you merely propagandize. -> No further answer deserved.

Unlike certain posters, I comment under one pseudonym and engage different viewpoints with respect and good faith. I’ll take your comment here for precisely what it is worth.

Mr. Pragma • May 15, 2014 3:29 PM

Skeptical (May 15, 2014 11:07 AM)

I did not doubt (or attack) you as a person nor did I assume you are or are not a socket puppet (nor am I interested in that. What I’m interested in is the matter at hand and some quality of arguments and thoughts).
That said, I stand by what I’ve said.

Whatever your problems with “certain posters” are does not concern me.

Feel free to post whatever you feel is right and should be said relating to the matter at hand.
But accept and respect the freedom of others to shake and rattle and examine your views and statements and to say you’re talking BS when you give them reason to.

You’re welcome.

AlanS • May 15, 2014 5:01 PM

@Skeptical

But both the quoted senators have been and continue to be very critical of section 702 programs. And your quote starts “Based on the evidence that we have seen, it appears…”. That’s the sort of thing you write when you suspect you are being fed selective information and lied to.

The problem with 702 is that any effectiveness against terrorists is likely to come from targeted intelligence gathering activities that were available to the IC prior to the FISA Amendments and in fact prior to 9/11. What section 702 has enabled in practice has been the mass surveillance of American communications without a warrant. So the question is really: did the new powers available under the FISA amendments increase the effectiveness of the methods against terrorists that were already available? Or are they just a violation of civil liberties protections plain and simple? There is little evidence for the former and a lot of evidence for the latter.

Put another way, one can claim that the an RPG is highly effective against rabbits and other vermin but so what if the old .22 was equally effective and didn’t result in large numbers of dead farm animals and other collateral damage.

chokepoint • May 16, 2014 5:51 AM

shows the ESCU … is point
Hoover’s legacy – he could never let go even to the point of keeping vital clues about the Pearl Harbor attack secret from Bill Donovan.
And so it goes, down the line, the same madness and paranoia that has driven the USA to all the monstrosities it has committed in the name of National Security.

Figureitout • May 18, 2014 12:35 AM

Aspie
–Responded here: https://www.schneier.com/blog/archives/2014/05/friday_squid_bl_425.html#c6100288

JerryH • May 19, 2014 2:59 AM

The NSA mandate is to exceed their mandate.
No proof but I happen to know that the Snowden “revelations”
are deliberate news driven distraction.

It is likely that the real dirty work, the real horror shows on average
US civilians are outsourced to corporate contractors, like Snowden
was. (not talking about hacking corp assets, Gitmo torture or right
wingers flooding the internet with paranoia)

GCro • April 18, 2015 9:58 AM

Most PDF documents scanned have 0% threat, this one is %10 aka suspicious.

Summary Below:
April 18 2015, 3:38

Input
NSA abuses -NoPlaceToHide-Documents-Uncompressed.pdf
PDF document, version 1.7
1a645a9d9d79ea4926a0fa2dd67f491f5fac13d7fcfd5f60c864b454975af04b
Summary
Threat Score: 10/100
AV Detection: Unknown
Matched 9 Signatures
Countries
–
Environment
Windows 7 64 bit (DE)
Details at: https://www.hybrid-analysis.com/sample/1a645a9d9d79ea4926a0fa2dd67f491f5fac13d7fcfd5f60c864b454975af04b?environmentId=1

New NSA Snowden Documents

Comments

Leave a comment Cancel reply