Twitpic

In order to create legal frame work the concept of legal access should come first, and that concept should be grind by tech people like Bruce, i.e. it such legal concept could be implemented in existing technological framework of digital world (outside – foreign ‘leg’ and inside US – domestic leg). Then legislators could map those technological possibilities (if exist) to legal frame work.

Markus Ottela • February 24, 2015 2:53 PM

The question is at 1h 40m 02s:
http://www.ustream.tv/recorded/59183380

Bruce interviewed:
http://www.ustream.tv/recorded/59187251

Grauhut • February 24, 2015 2:54 PM

@Keiner, yeahh, Rogers is funny! 🙂

“During the Rogers discussion, Schneier posed one of his favorite questions from the crowd: how do we assure people that U.S. tech products are safe?

“Thats why we need a framework,” Rogers replied. “This is a legitimate question. ‘What is the economic impact?’ With policy and laws we can get to a better place.”

Rogers doesnt understand that even a legal backdoor will not be accepted by the markets.

“Why should i pay for stuff making our nets unsave by design?”

Jurjen • February 24, 2015 2:58 PM

It may be just me, but that was very funny.
It must have been real fun to be able to ask that question, knowing you are saying what millions think, and forcing him to expose his own lies.

Nick P • February 24, 2015 4:30 PM

@ Bruce

That’s priceless. You should do that to him more often. Haha.

Nick P • February 24, 2015 4:42 PM

@ Grauhut

“Rogers doesnt understand that even a legal backdoor will not be accepted by the markets.”

They’re still buying products with the illegal ones despite Snowden leaks. I bet most people here regularly use computers with U.S. made chips, I.P., firmware, and/or software. Probably from one of the big companies that NSA could sway too. They’re taking a hit on exports but still exporting a lot.

So, if the backdoor isn’t mentioned in marketing material, they seem to keep buying stuff. We’ve also seen this happen with firewalls, storage appliances, FPGA’s, and so on where unauthorized access was secretly on by default. Those companies are all still in business selling… the same stuff. A few were forced to remove the software or close that hole. But, still selling.

Crypto AG should’ve taught people how resilient security firms can be despite exposure. Maybe it’s because they make lots of good stuff and most aren’t worried about NSA specifically. Maybe another reason. Still in business with more products than ever.

@ Clive

The Crypto AG catalog has a lot of nice-looking designs in it. Might be worth keeping just as a source of inspiration for newer, more assured designs without the NSA tech support. Cloning them, you know. That’s why I have datasheets on NSA Type 1 and European high security equipment, too.

Daniel • February 24, 2015 4:58 PM

@NicK P

Like you, I’m not persuaded that the market–at least now–gives a damn about privacy. It’s useful to get a reality check from other areas of security.

http://hosted.ap.org/dynamic/stories/U/US_AIR_FORCE_SEX_CASE?SITE=AP&SECTION=HOME&TEMPLATE=DEFAULT

So let’s be clear here:

If (a) a person has AIDS and (b) they fail to disclose it before sex then (c) they are not guilty of aggravated assault because (d) the odds of contracting AIDS from such a person is 1:500.

It’s easy to plug in the blanks: If (a) there is an NSA backdoor and (b) the company fails to disclose it then (c) people will buy the product anyway because (d) the odds that the NSA will see your wife tits are 1:500.

I’m not saying I agree with that logic but even otherwise intelligent people think like this. They don’t understand basic concepts like risk, let alone risk dispersion, and simply think it won’t happen to them and so it’s all good.

Clive Robinson • February 24, 2015 5:36 PM

@ Bruce,

I gather it was not a good sesion for Rogers, as others asked other quite pointed questions and all Rogers could do was mumble nonsense about “frameworks”.

I realy don’t think the man has a clue what he is talking about, and gives the impression he thinks that if he strings a few nonsense — as in no sense– buzzword phrases together people will think he is some kind of deep thinking guru…

Well he’s obviously not thinking and nor is he deep, he’s shallow. So shallow he’s at the point of being as transparant as the Emperor’s new clothes. Thus he and the Emperor have something in common in that they are both baring their least desirable features in public for all to see…

I presume he must have some redeeming features otherwise he should not of risen to the rank he currently holds. But for the life of me I can not see them, unless of course his special “supernatural skill” is doing the human equivalent of a fish flapping and gasping to death on the deck of a boat…

AndTheBeatGoesOn • February 24, 2015 5:38 PM

And this is their answer…

NSA Director Wants Legal Right To Snoop On Encrypted Data

http://it.slashdot.org/story/15/02/24/1924234/nsa-director-wants-legal-right-to-snoop-on-encrypted-data

If what they (the snoops) are doing is proper, they wouldn’t need to make it “legal” to snoop on encrypted data.

However, they must know that their current snooping is “illegal”, therefore the move to make it “legal”.

This is likely crafted to make it a battle of symantics whilst they continue what is presumed to be illegal activity. From the post:

“This may not come as a huge shock, but the director of the NSA doesn’t believe that you have the right to encrypt your data in a way that the government can’t access it. At a cybersecurity policy event, Michael Rogers said that the U.S. should be able to craft a policy that allows the NSA and law enforcement agencies to read encrypted data when they need to.”

“when they need to” means everything, anytime, all the time, need not required.

Dirk Praet • February 24, 2015 5:54 PM

It was Yahoo’s CISO @AlexStamos who pretty much nailed it in asking that if backdoors were to be created for US IC/LE, would it also have to be done for the Chinese, the Russians, Saudi Arabia, the French etc.?

Rogers is not getting the point. Even if it is technically feasible to do so, in practice it would prove to be a major PITA for more than one reason. Not only would other state actors exercise serious pressure on US companies to hand over “the golden keys” to them just as well, but the sheer knowledge of backdoors being present in itself would be the best motivation for state actors, criminals and black hats alike to start throwing resources against any US product or service in search of said backdoor.

But there’s more trouble on the horizon. Who is going to maintain and secure a golden keys database and prevent it from falling into the hands of third parties ? What controls are going to be put in place to prevent, detect and cope with abuse ? Who is going to stop customers from dumping US products and services knowing they’re all compromised. I cannot imagine any foreign government or secure operation accepting the presence of backdoors giving US spy agencies access to their data and infrastructures. Last but not least: is it really worth compromising everyone’s privacy and security in search of the odd terrorist ?

For as far as I’m concerned, people like Daffyd Cameron and Mike Rogers are seriously delusional in thinking that backdooring crypto is going to solve any problem. They’re just going to create much bigger problems that sooner or later will bite everyone in the ass.

Lee • February 24, 2015 6:23 PM

@ Nick P:

You’ve made an Interesting comparison of AIDS risk and damage potential versus the risk and damage potential of covert action. I think that HIV positive individuals are rarely charged when their behaviour affects a single person, and their level of sophistication does not afford them clear or full appreciation of the risk they’ve forced upon their partners. BUT – I can remember the fellow who slept with hundreds of women, and caused forty of them to acquire the virus. He was charged. Which individual fits your analogy?

Huh. • February 24, 2015 6:48 PM

I accidentally ran Roger’s response through google translate into Korean so I translated it back and got this:

Be ardent supporters of the Party’s policies and thoroughgoing fighters who implement them in a do-or-die spirit!

Establish revolutionary discipline and order and keep the Party, state and military secrets strictly!

Establish exacting order of regular operation, regular repair and regular maintenance at all units!

Be constantly on the alert without a moment’s relaxation!

Let us build a fairyland for the people by dint of science!

Let the defence industry sector make a positive contribution to building an economic giant and improving the people’s standard of living!

The destiny of the Party’s policies rests on the officials’ shoulders!

Officers and men of the People’s Internal Security Forces, sharpen the sword for defending their leader, system and people!

Intensify education in law observance and law-based struggle to reliably guarantee the building of a thriving nation by law!

Let judicial and prosecutorial organs fulfil their sacred mission and duty of defending the leader, the policies, the system and the people!

Build “gold mountains” and “treasure mountains” with brilliant scientific and technological achievements!

Let us turn all counties into the people’s fairyland by applying the spirit of the historic Changsong Joint Conference!

Complete with credit the construction of Mirae Scientists Street and other major projects and thus splendidly adorn the venue of the grand October celebration!

Let us make the whole society pulsate with national sentiments and noble and beautiful lifestyle!

Let us make the whole country resound louder with the song We Are the Happiest in the World!

Make the advancing ranks brim over with enthusiasm and optimism by producing large numbers of songs that champion the Party’s policies and enlivening folk songs!

Let Hungnam and Namhung produce Juche fertilizer in a larger amount!

Carry out the Party’s policies as exactly in all aspects as the Chonji Lubricating Oil Factory did!

Hans • February 24, 2015 8:09 PM

A mostly worthless “interview”.

Rogers kept parroting that we need legal frameworks and we need a dialog, etc. Then he dodged and laughed off any attempt at any such dialog, and contradicted his own claimed need for a legal framework by saying that every thing they do is completely legal. He’s not interested in “progress”, he wants to dodge and delay because he already has everything he wants. He’s completely intellectually dishonest. A well honed politician, despite his protests to the contrary.

“It is difficult to get a man to understand something, when his salary depends upon his not understanding it!”

Bob S. • February 24, 2015 8:26 PM

NSA is carefully misdirecting the encryption discussion towards fait accompli tweaks and technicalities: They want us to focus on the perfect backdoor, now deliberately redefined and euphemized as a “framework” …while completely ignoring and drawing us away from the larger issues altogether.

Two significant issues are:

Shall we allow the government to have unlimited, secret and unaccountable access to all of our electronic communications?
Does not a technical “framework” for access defeat the most basic and fundamental purpose of encryption which is to ensure private communication and data remains …private?

A couple of random thoughts: If I go down to the coffee shop, behind the counter, pour myself a cup a coffee and leave without paying am I entitled to simply say “it’s legal” and make it stick?

The point being the NSA is “collecting” coffee all over the world and saying it’s a legal entitlement. They say that because there is no cop, no court, no politician, no judge, no one at all to stop them and say. “That’s illegal, you’re busted”. It’s a street corner bully modus operandi, on a world wide scale.

Another observation: FBI is being brought in as the domestic mass surveillance partner of the NSA, seeming with equal access to the whole haystack.

And the mission has ~~crept~~ leaped just in the last several months to include general law enforcement as a mission of mass surveillance. For example, stingrays are used to track petty criminals now, not just suspected foreign terrorists or high profile criminal. Media articles refer to mass surveillance data being used for investigation of “serious crimes” (define “serious”) or better yet, anything they think might be “interesting”.

Well, I do grant them their conduct has become very interesting indeed.

65535 • February 24, 2015 10:50 PM

Bruce’s question:

“Yahoo CISO, Alex Stamos, asked the NSA director that if his company had to provide backdoors for the NSA, then would it have to do the same for the People’s Liberation Army [PLA of China] or other national governments.”

“Famed cryptographer Bruce Schneier went a step further in a later discussion, explaining that we cannot prevent criminals and foreign governments from accessing encrypted communications while allowing U.S. law enforcement to do so. This, he said, is technically impossible. Rogers pointedly distanced himself from the conflation that legal access to encrypted communications would constitute a backdoor…” – threatpost

See 20% down page
https://threatpost.com/nsa-director-we-need-frameworks-for-cyber-circumventing-crypto/111198

I agree with Bruce.
If you allow different encryption for big guys and others for the little guys it is unfair and dangerous. It the one-way mirror issue where the government can watch you but you cannot watch the government.

The dangerous part is NSA, and other LEO Agencies are so big that the keys to the back door will trickle down to private investigators and to criminals [Nations like China want those keys also and you can bet they will sell them to anybody].

The main problem with the NSA is sheer mission creep.

The NSA wants their customers like the FBI and local law enforcement to buy into to their game. The NSA is foreign intelligence and has no business in USA criminal cases [it breeds corruption and “parallel construction’; the nasty habit of bugging the Senate and lawyers personal conversations].
“Rogers admitted that the national security community is not yet where it needs to be in terms of securing government, corporate and critical infrastructure networks.”- Threatpost

Well, Admiral Rogers just quit spying on all Americans and focus your efforts on only foreign spying! Don’t keep expanding your role to get higher budget amounts!

Here is where the misinformation comes out from Admiral Rodgers:

“American Civil Liberties Union chief technologist Chris Soghoian asked Rogers if he believes that foreign governments are in the business of spying on the cell-phones of U.S. citizens. In a moment of rare directness, Rogers said that he does believe that foreign governments are attempting to gather data from the devices of Americans.” –Threatpost

Is that spying on cell phones in foreign countries, on the high seas or in open air space? Is the spying done via a backdoor? Possibly a backdoor the NSA implanted in a Chinese phone made in China? What and who are foreign countries actually spying on? Where did the spying start?

‘“It can’t just be, ‘we don’t like journalists,’” Rogers said. “We need a court order,” he said while admitting that the NSA would not have to inform the target of their surveillance about their eavesdropping activities.’ –threatpost

Is this one of those “least untruthful statements” made by your Agency?

Oh sure, we believe you. ~ You would not lie. /

How about that cell phone spying in the Senate journalist gallery? And, the may other drag net cell phone calls you now hold in your Utah 1 million square foot facility?

“Sciutto of CNN asked if the NSA had ever collected communications of metadata information about himself. Rogers responded that it is a matter of law to do focused collection against a U.S. person. He said the NSA would have to get permission by showing a court a legal basis for why it needs such information.” -threatpost

215 program not really need by NSA:

“Sciutto asked Rogers if losing the metadata collection authorities granted by Section 215 of the Patriot Act would directly endanger U.S. citizens. Rogers replied that the loss of Section 215 would certainly make his and the broader NSA’s job more difficult, but also noted that directly correlating threats fulfilled to metadata collected is like saying fingerprints solve crimes.” – threatpost

If you ask LEO’s if they depend on finger prints for criminal convictions – they will tell you no. In fact, finger prints can just complicate the case because so many can be found at the scene of the crime and defense lawyers use that to show finger prints are fairly useless.

The same goes for the 215 program! Everybody who ordered a pizza from one store that may or may not have a “suspect on the Tide list” is a suspect – quite a waste.

@ Bob S.

“NSA is carefully misdirecting the encryption discussion towards fait accompli tweaks and technicalities: They want us to focus on the perfect backdoor, now deliberately redefined and euphemized as a “framework” …while completely ignoring and drawing us away from the larger issues altogether.”

“Two significant issues are: 1. Shall we allow the government to have unlimited, secret and unaccountable access to all of our electronic communications? 2. Does not a technical “framework” for access defeat the most basic and fundamental purpose of encryption which is to ensure private communication and data remains …private?” – Bob S.

Very good points. I would like to see Admiral Rogers truthfully answer them.

packagedblue • February 24, 2015 11:01 PM

All I can say is that …

http://en.wikipedia.org/wiki/Mister_Rogers'_Neighborhood

Roland • February 24, 2015 11:11 PM

The backdoor is already there. It’s called “Trusted Computing”
https://en.wikipedia.org/wiki/Trusted_Computing
AMD chips have an ARM coprocessor. Intel uses ARC. You the user can’t control what code runs on your computer. OS doesn’t matter. The fix is in.

Dino • February 25, 2015 12:49 AM

Since major CPU producers are americans, AMD, Intel, Qualcomm, is anyone that naive to believe that these processors don’t have kill switches or full backdoor access hardware code? It’s just practically impossible to check them…

Clive Robinson • February 25, 2015 1:19 AM

@ Dino,

You forgot to mention the British desiged Acorn Risc Machines (ARM) of Cambridge UK CPU’s. The cores of which get every where, including in the products of two of the companies you mention…

I should point out that Britain is also the other partner in the “Special Relationship” and was thus via the British led end of WWII BRUSA –now UKUSA– agreement the founder of the 5eye club which includes the old –now ex– British Colonies of Australia, Canada and New Zealand (oh and way back America as well 😉

And unlike the US Britain does not have laws about spying on it’s citizens, infact the opposite have a look at the UK “Regulation of Investigatory Powers Act” (RIPA) it specifically allows surveillance on anything reachable via the UK Comms infrastructure, so even those phones on POTOUS table and bedside cabinet… Oh and Mummy Merkal as well…

Thus you realy can not count on anything being secure if you think CPU’s are “hinky” and “phoning home”, such is life…

Wael • February 25, 2015 2:30 AM

@Roland,

The backdoor is already there. It’s called “Trusted Computing”

What’s a backdoor, in your view?

Bong-smoking Primitive Monkey-Brained Sockpuppet • February 25, 2015 3:14 AM

Spying (surveillance) is like the universe. There is no question it is expanding, the question is how fast it’s expanding!

While much of the world’s concern has been focused on NSA spying, I believe the greatest threat to my freedom will result from my being placed in a virtual algorithmic prison. — Bill Davidow

I say fight prisons with prisons 🙂

Moore’s Law has also made mass automated surveillance dirt cheap. Government surveillance that used to cost millions of dollars can now be carried out for a fraction of that. — Bill Davidow, same article

Belongs in a different thread, but some entities are subsidizing the cost by collecting money from people who value their “perception” of privacy to fund spying on people who don’t give a crap about it 🙂

No amount of bitching and moaning will put an end to spying. It’s been there since the beginning of history. Speaking of “bitching’, makes one wonder if spying is the “oldest profession”!

CallMeLateForSupper • February 25, 2015 9:19 AM

Slightly off the topic of this thread, but regarding a question by CNN’s Sciutto and Rodger’s reply (according to the ThreatPost article):

“Sciutto of CNN asked if the NSA had ever collected communications of metadata information ABOUT HIMSELF. [i.e. about Sciutto; emphasis mine]

“Rogers responded that it is a matter of law to do focused collection against a U.S. person. […] NSA would have to get permission by showing a court a legal basis […] ‘It can’t just be, “we don’t like journalists”’

That is another non-answer answer. Test it yourself. Does any part of Rodger’s reply say “We did” or “We did not” or “We might have” or even “I do not know”? Nope.

Trying to have a fruitful dialogue with an obfuscator is a fool’s errand. Rodgers is hawking what he wants, is not interested in a give-and-take discussion about it … nor any other subject, it seems.

CallMeLateForSupper • February 25, 2015 10:19 AM

“NSA director wants legal right to snoop on encrypted data”

We’ve known for some time that NSA vacuums up emails and files in transit. One class of data, namely encrypted, gets special treatment. When data appears to be encrypted, “it are belong to us”. They don’t know what it is but they stuff it into Bluffdale anyway. Perversely, it is the opposite of a ‘get out of jail”: looks encrypted; send it to jail!

All of which is to point out that NSA already “snoops on encrypted data”. They’ve been doing it for years. They vacuum it, collect it… name your verb. So what, exactly, is Rodgers on about? It’s about encryption per se; he wants blanket legal authority to breach any and all encryption, especially that of comm. devices like iPhone 6. He wants what amounts to Clipper Chip. We saw that movie and didn’t like it one bit. Stand by for a re-run.

albert • February 25, 2015 10:41 AM

@huh
🙂

Funny…and more than a little creepy…

…

albert • February 25, 2015 11:04 AM

@Rogers
@NSA
.
You tried the ‘get forgiveness’ part, now you’re trying the ‘get permission’ part? I’m trying to ‘feel your pain’…but I just can’t empathize. Treating everyone as a criminal isn’t going to help fight terrorism, but it’s a great step, even if unintentional, in creating a truly fascist state.
.
This is not going to work. No one can give you ‘permission’ to perform unconstitutional (illegal) acts. You got FISA already. They get those warrants out as fast as they can ink the stamps. Why not go for a Constitutional Amendment? You’ll need bigger and badder bogeymen, and the corporatocracy will be a hard sell, but it’s worth a shot….
.
…

Roland • February 25, 2015 11:06 AM

@ Wael:
In the past, you bought a computer or motherboard with a processor chip, and you controlled what OS and programs ran on that chip. Nowadays, you still do, except for this tiny co-processor. What code runs on it? What does it do? Where does that code come from? You are not allowed to know that, it’s trade secret. Can you control that code? No. Can you figure out how to control that code? That’s reverse-engineering, a felony under US Federal Law, even though you own the hardware. Is it a back door? You should ask, how can I prove it isn’t a back door? You can’t! This sort of thing (and Snowden) are why tinfoil hats are now fashionable.

Disgusted • February 25, 2015 11:31 AM

These types of controversies usually only lend themselves to settlement by force.

When the public finally grasps the scale of this coup, stages a countercoup, then tracks down and hangs all the perps while tatooing foreheads for lesser crimes – THEN we will finally get justice.

Talking to participating weasels gets one nowhere. We need Nuremburg style trials and assignment of nooses…..

jones • February 25, 2015 11:46 AM

As it stands, Rogers explained, we’re losing somewhere between $100 billion and $400 billion worth of intellectual property to theft each year. This, he said, is of particular concern to the Department of Defense, which watches as its contractors networks are regularly compromised by adversaries

I read the article linked to in the post, and I find it striking that the DoD is grumbling about this. It’s probably the result of military downsizing under Clinton, which wasn’t really downsizing, but outsourcing.

In order to promote economy and efficiency in Federal procurement, it is necessary to secure broad-based competition for Federal contracts. This broad competition is best achieved where there is an expansive pool of potential contractors capable of producing quality goods and services at competitive prices. A great and largely untapped opportunity for expanding the pool of such contractors can be found in this Nation’s economically distressed communities.

Executive Order 13005 – Empowerment Contracting (May 21, 1996)

http://www.presidency.ucsb.edu/ws/?pid=52845

The problem is, this way of approaching “efficiency” leads to reduced accountability. People who rail against government inefficiency don’t understand that accountability is not efficient: it is not efficient to justify your actions at every step. So the push to make government more lean and “efficient” directly leads to an erosion of accountability. You can’t have both accountability and efficiency as policy goals.

Pulitzer prize winning historian Gary Wills suggested that, for example, part of why the Manhattan project was conducted with such extraordinary secrecy was to evade accountability. The Russians knew what we were up to, the Germans probably knew too, it was the American people kept in the dark. This was probably to avoid potential public opposition in light of the 1925 Geneva Protocols against chemical and biological weapons. People were shocked by the destructiveness of mechanized warfare during World War I, and by the use of chemical weapons, which was still in public memory by the time World War II came around.

Wills also points out that this was no isolated instance. When we bombed Cambodia, the Cambodians knew it, it was us kept in the dark. When we invaded Cuba, the Cubans knew what was happening and the Soviets knew, it was us kept in the dark.

Today we have active drone campaigns in at least six foreign countries. We don’t really know the extent of it. The targets know they’re being targeted, its us kept in the dark about what’s going on out there.

The whole origin of the judicially-created “state secrets” doctrine derives from efforts by the military to evade accountability over flaws in the engine design of a new aircraft, which led to the deaths of several civilians:

http://en.wikipedia.org/wiki/1948_Waycross_B-29_crash

Accountability is not efficient. To increase accountability with surveillance matters, there needs to be a reduction in contracting, which means, the government needs to get bigger. Snowden himself would seem to be a clear cut example in support of this view.

jones • February 25, 2015 11:54 AM

@CallMeLateForSupper

The whole question of metadata has been used as a smokescreen quite consistently.

When the issue first arose, Obama & IC kept saying, “relax, it’s just metadata, not content.”

The problem is, metadata is more valuable than content. Content may be unintelligible for any number of reasons: people use idioms, slang, cant, sarcasm, shorthand, speech gets garbled, people refer to important things said elsewhere in person, etc. It’s all highly equivocal. Metadata doesn’t suffer from these problems.

Unfortunately, substantive discussions of the metadata’s value got swept under the rug as bigger, more seemingly sinister leaks spilled out into the media limelight.

Nick P • February 25, 2015 11:55 AM

@ Roland

Actually, people of the past leased large machines with many types of chips, microcode, firmware, OS’s and software. They didn’t control much of what was in their mainframes. Then, minicomputers showed up with a buy option. Similarly had all kinds of parts and software outside of people’s control. Personal computers showed up with various third party chips, firmware, and software outside people’s control. Later, consumer electronics and clouds showed up with the same property.

So, things have always been like this. The only one’s that had it different were those building their own hardware or using I.P. they could verify. The best you can do today without fab money is copy one of the homebrew efforts. Otherwise, you’re trusting blackboxes. That requires an architecture with redundant, diverse hardware all running same task + voting and monitoring to detect subversion. Tricky for anything but simple, transactional applications.

AlanS • February 25, 2015 12:19 PM

Rogers spouts endless platitudes. In the exchange with Stamos: “We have got to be willing as a nation to have a dialogue”, “We can work through this”, “We can create a legal framework”.

What’s with all the “We” this and that? Has the NSA started to refer to itself using the Royal we? “The Royal we will have a dialogue with ourself and come to a decision”.

As for the endless stuff about “legal frameworks”, we know all about NSA legalism and why he’s pushing that. See The Surveillance State’s Legalism Isn’t About Morals, It’s About Manipulating the Rules. Tocqueville’s comment on lawyers seems pertinent: “If they prize freedom much, they generally value legality still more. They are less afraid of tyranny than of arbitrary power, and provided the legislature undertakes of itself to deprive men of their independence, they are not dissatisfied” (Quoted by Schlanger in her January paper in the Harvard National Security Journal).

youtub • February 25, 2015 1:20 PM

Youtube

NSA – Adm. Rogers (inc Q&A featuring Bruce Schneier & Alex Stamos)

Bruce Schneier interview

yutub • February 25, 2015 1:25 PM

on Youtube

NSA – Adm. Rogers (inc Q&A featuring Bruce Schneier & Alex Stamos)

Bruce Schneier interview

Skeptical • February 25, 2015 4:49 PM

The entire event is fairly remarkable. There are not many, if any, other countries where the head of the nation’s signals intelligence agency voluntarily invites questions, uncensored and unscreened, from a diverse audience that includes highly technically literate civil liberties advocates.

Regardless of whether one agrees at all with Rogers – and it’s perfectly possible to agree with some of what he says but not all of it – it’s striking how willing they are to engage in a public discussion about the issue. That, in itself, is noteworthy and a very good thing.

@Dino: Since major CPU producers are americans, AMD, Intel, Qualcomm, is anyone that naive to believe that these processors don’t have kill switches or full backdoor access hardware code? It’s just practically impossible to check them…

I’m far from naive, and I don’t believe that. And I’ll give you four good reasons.

First, if what you’re talking about existed, you wouldn’t have any need for interdiction. You wouldn’t have a crew painstakingly unsealing packages and then resealing them. That the NSA is doing that kind of thing is a strong indicator that such backdoors don’t exist.

Second, more so than any other form of cooperation between private companies and the government that has come to light, that would very likely be a game over proposition if one of those companies did something like that and the fact were exposed. It’s very hard for me to imagine any of those companies taking that level of risk with their enterprise. Frankly it’s hard for me to imagine the US Government ever even approving such a request.

Third, the US Government has no legal power to force those companies to insert any such backdoors. This would all have to be in the nature of a voluntary action by the company, and there would be a significant number of people who would know about it within the company. Something of this nature would leak fairly quickly. And good luck getting a company’s attorneys to sign off on something like that.

Fourth, as much grief as we give the US Government for doing more cyber offense than cyber defense, the kind of thing you’re talking about would be… it’s very hard to see how the upside risks could ever approach the neighborhood of the downside risks.

And this brings us back to the question Schneier asked at the conference. Why, or how, can Americans products be trusted over other products? The four reasons I’ve given answers the question to some extent. And if we’re just comparing American products to foreign products, then those four reasons suggest additional considerations:

1 – US companies are less closely intertwined with the US Government than are most foreign companies with their respective foreign governments. To the extent US companies lobby the US Government, it’s usually for less regulation and less government control.

2 – The US Government does not conduct commercial espionage. A foreign firm can do research without any fear that the US Government will be taking the fruit of its labors and handing it to a US company. That is emphatically not the case with most other governments around the world.

3 – The US Government is far more restricted in what it can do on US soil than in what it can do outside of US jurisdiction. Within the United States, companies and products enjoy the full panoply of US legal protections. Outside the United States, they do not.

4 – If you’re a foreign company or individual, you have much more to fear from your own government than you do the US Government (unless you’re doing something like plotting attacks against the US or its allies on behalf of a violent non-state actor in a place where you can’t easily be arrested – in which case the expected value of your lifespan is somewhat shorter than average). The US Government isn’t going to hand off your research efforts to the guys at your competitor who have closer ties to the party currently controlling parliament than you do.

The US has one of the most open, self-critical, innovative societies on earth. You should buy any product from the US with the same wariness as a customer that you would buy a product from anywhere. But from a privacy and intellectual property vantage, if everything else were equal (that is, that we’re comparing products of similar grade and quality), I’d be more confident in a US product than in one from outside the US, though for certain countries the difference may be too minimal to ever show an effect on my purchasing decisions.

😉 And hey, if there are any backdoors, odds are they’re better made than those you’d find from most companies elsewhere. At the very least there will have been more attempts to find them, and thus greater likelihood that they would be or would become known.

Wael • February 25, 2015 5:07 PM

@Roland,

In the past, you bought a computer or motherboard with a processor chip, and you controlled what OS and programs ran on that chip

You had more control to what runs. A Trusted Platform “may” be used to limit what you can run. It can be used as a limitation, but still not a Blackdoor.

You should ask, how can I prove it isn’t a back door? You can’t! This sort of thing (and Snowden) are why tinfoil hats are now fashionable.

Under these conditions, its best to treat the whole platform as a black box and analyze traffic. Of course, you’ll need to keep up with the fashion of the day and wear the right head gear!

@Nick P,

So, things have always been like this.

The only difference I see is sticking a label of “Trusted Computing” on such platforms.

Nick P • February 25, 2015 5:18 PM

@ Skeptical

Now, saying things like 2 and 3 are why people think you’re paid to deceive. You’ve seen the documents on this blog that said the opposite and yet you reiterate those points speculatively. (first set) You’ve seen on this blog leaks showing companies taking large bribes to work with NSA. Far as compelling, two different documents at the TS/ECI level say FBI compells U.S. companies to backdoor products to support FISA and SIGINT activities. Those were also in SAP’s where most people with TS clearance can’t even know they exist. NSA/CIA are also allowed to lie about SAP activities to protect secrecy. So we know they do it but not many specifics.

That leaks show FBI is compelling backdoors and they’re still doing interdictions has obvious implication: they don’t have them all. This might be due to foreign design/manufacturing of some and domestically maybe some companies have resisted successfully with who knows what strategy. That it’s all secret means we can’t know for sure.

Dirk Praet • February 25, 2015 7:17 PM

@ jones

So the push to make government more lean and “efficient” directly leads to an erosion of accountability. You can’t have both accountability and efficiency as policy goals.

That, my friend, is as spot-on as spot-on can be.

@ AlanS

Rogers spouts endless platitudes. In the exchange with Stamos: “We have got to be willing as a nation to have a dialogue”, “We can work through this”, “We can create a legal framework”.

Makes you wonder what kind of legal framework he has in mind. An open, transparant one, or yet another highly secretive framework only a select few in the judicial and executive branch know about. My money is on the latter, because if they go for the former, every US product and service is pretty much screwed. And it’s already happening. China has just dropped Cisco, Apple, McAfee and Citrix from its approved state purchase lists (CGPC).

@ Skeptical

US companies are less closely intertwined with the US Government than are most foreign companies with their respective foreign governments.

On what are you basing that assumption ? Everyone knows about the revolving door between the corporate and political world. Who is funding nearly every politician’s election campaigns in the US? And just how much money did the likes of Halliburton make off the Iraq wars?

If you’re a foreign company or individual, you have much more to fear from your own government than you do the US Government

Generalising that statement really is poppycock. It’s probably safe to assume that countries like China and Russia also put pressure on domestic companies to backdoor products and services. Just like a bunch of other authoritarian regimes. Israel has long been suspected to do the same. In Europe we found out that the French IC is actively spying on certain telcos.

But over here in Benelux (Belgium, The Netherlands, Luxemburg), the simple fact of the matter is that companies and individuals putting their trust in Google, Yahoo, Microsoft, Apple, Cisco, Facebook etc. have a far bigger chance to be spied upon by the US and the UK than by their own government. And that companies like Belgacom and Gemalto have been infiltrated to a bigger extent by the US and the UK than by their own governments. Add to that that certain US judges even think that they can force US companies to hand over records residing on servers in Europe, as made clear in the Microsoft Ireland case.

David McMullen, Homeland Security Hero • February 25, 2015 7:21 PM

I said I think we can work through this. Classic response of a military ape used to having his ass kissed, who falls back on Mister Roboto perseveration cause he’s too dumb to interact with free human beings. This is what happens when everybody gets rated outstanding. You get dumbshits like Rogers.

But CATO’s focus on feasibility works for the overreaching state. When Rogers demands a means of crippling privacy protections, just tell him, No. Fuck you. That much he can understand.

Why is above Rogers pay grade and beyond his military-grade mental capacity. The ICCPR treaty body identified US surveillance as a matter requiring immediate attention because of the level of gravity or emergency of the situation (such as when:

• Lack of intervention constitutes a major obstacle for the implementation of the Covenant
• The lack of intervention could threaten the life or security of one or various persons, or
• The issue has been pending for a long time and has not been addressed by the State party.

All of which apply to the NSA’s rampage.) The US government’s homework is due imminently and it will be graded like the remedial test it is, A through E, publicly at the treaty body plenary. The state’s public failure and disgrace. Wearing the retard’s dunce cap in front of the world. That’s what it takes to get through thick DoD skulls.

Thoth • February 26, 2015 12:29 AM

Cryptography done right is robust. NSA has and would use multiple combinations of techniques to ensure crypto is done wrong. The current call for a “framework” is the technique of disruption and distraction.

Distraction is used to pull attention to some legit looking bureaucratic power mongering thingy that gives NSA just what they want (when they already knowingly possess enough power, resource and techniques to do close to anything).

Disruption is used to put false impression into actual ITSec/CommSec/Privacy so that people would be heavily misguided which will ensure NSA gets a robust hand into destroying strong security and crypto altogether forever.

Why it is unlikely crypto for the engineers and scientists or those who are willing to learn would be destroyed is those of us who know crypto would not forget crypto overnight somehow. The problem is those who know crypto and security only makes up a small percentage and the bulk of people who are vulnerable and do not know are the actual weak links in ITSec/CommSec/Privacy. You may know security and crypto but your friends do not and it is very hard to communicate securely with them. Another problem is non-domain guys trying their hands at implementing crypto/security and they usually result in catastrophic weakness and that these two groups are what NSA is trying to target at … making the ignorant more ignorant and making sure the standards are broken and the industry is always corrupted.

Aaron Spinkk • February 26, 2015 12:43 AM

Just want to point out that Trusted Computing isn’t a backdoor, it is simply a tool. Like any tool, it can be used for both good and evil. In order to ever get to a point where we have real endpoint security, a Trusted Computing system will be required. All the various issues with Trusted Computing have little to do with Trusted Computing itself and are related to external issues of openness and control.

Wesley Parish • February 26, 2015 5:37 AM

@NickP

re:@Skeptical I’m reminded of Yet Another Mullah Nasrudin story: The Mullah Nasrudin took one of his slower students to get some water from the well. He took a bucket with a hole in it, and poured the water in steadily.

“Look, teacher, there’s ahole in the bottom, and the water’s running out just as fast as you pour it in,” the student said in some alarm. The Mullah Nasrudin said, with much gravitas, “I am looking at the top of the bucket, not the bottom. When the water fills it up to the brim, I’ll take it home.”

The student went home and gave the matter much thought. A few days later he went to the mullah’s house and said, “Teach me how to learn.”

In fewer words, in the Western tradition: “You can lead a horse to water, but you can’t make him drink.”

Seriously, after @Skeptical a few weeks back, referred to the Vietnam War as something not disproving his thesis that the US was competent with HUMINT, I wrote him/them/it off. Everyone who’s ever read even the shortest history of that conflict knows that the CIA were caught with their trousers down by the Tet Offensive, which then surely must mark their greatest success in HUMINT to date. 😉

Leave poor @Skeptical alone. He takes after Bubbles Devere, in knowing when to stop.

Skeptical • February 26, 2015 7:07 AM

@Nick: Now, saying things like 2 and 3 are why people think you’re paid to deceive. You’ve seen the documents on this blog that said the opposite and yet you reiterate those points speculatively. (first set) You’ve seen on this blog leaks showing companies taking large bribes to work with NSA.

No, we’ve seen that RSA was paid a sum to create a product that, among other things, included a certain algorithm as a default in the API (while documenting the existence of alternatives to that default – and most apparently used the alternatives). It’s never been shown that the money was given to put in place a compromised algorithm.

Far as compelling, two different documents at the TS/ECI level say FBI compells U.S. companies to backdoor products to support FISA and SIGINT activities. Those were also in SAP’s where most people with TS clearance can’t even know they exist. NSA/CIA are also allowed to lie about SAP activities to protect secrecy. So we know they do it but not many specifics.

The documents note that the FBI compels cooperation from companies. That means subpoenas, warrants, and NSLs, none of which could be used to force Intel or AMD to install backdoors into their chips.

That leaks show FBI is compelling backdoors

Nick, the commenter asked how we can trust chips made by Intel and AMD – not whether you should trust that your communications aren’t subject to lawful intercept. The FBI can and does compel companies to hand over information and to provide wiretaps. But the FBI cannot compel Intel or AMD to insert backdoors into their products.

and they’re still doing interdictions has obvious implication: they don’t have them all.

Which makes ridiculous the claim that the FBI can compel Intel or AMD to insert backdoors. If the US Government had that power, Cisco routers would certainly not require interdiction.

@Wesley: Everyone who’s ever read even the shortest history of that conflict knows that the CIA were caught with their trousers down by the Tet Offensive, which then surely must mark their greatest success in HUMINT to date.

That certainly proves your point. Just like the 1973 Arab-Israeli War “proves” that the Israelis are also incompetent at HUMINT.

Or maybe it’s just a bit ridiculous to deduce the competence of a nation’s intelligence services based on the existence of a surprise attack nearly half a century ago?

O=========~ • February 26, 2015 8:58 AM

Security suckups want a pat on the back for Rogers’ appearance in public. But this is a common phenomenon in nature. When the African baby croaks, the worms crawl out his mouth and wave around and say, Hey, Where’s my mealies?”

Same here. The parasite has killed the host. NSA has fatally corrupted the highest-value sector of the US industrial base and discredited the state that hides it. They dimly sense that something’s wrong, so out pops Rogers, NSA’s scolex.

CallMeLateForSupper • February 26, 2015 11:16 AM

@jones

I am puzzled that you addressed your post to me. Nothing I wrote in this thread had anything to do with metadata.

DwarfTitan • February 26, 2015 12:06 PM

A dialogue:

Can we have backdoors into your encryption? No.

Rogers’ life story will be made into a movie directed by Clint Eastwood. It will be called “American Snooper.”

Nick P • February 26, 2015 1:29 PM

@ All

re backdoors

I just posted here a series of quotes from leaked documents showing the U.S. bribes or compels companies to backdoor their products. The quotes also talk of inserting vulnerabilities, making design changes to products to make them exploitable, and weakening public standards. There’s no debate: they’re backdooring products, some are forced to do it, and we have little other information on the subject. So, any future discussions should start from there.

Note: The link also illustrates plenty of deception even within the intelligence community. So, any argument predicated on trust in a NSA or FBI claim is unreliable by default because pathological liars are unreliable by default. Third parties such as GAO need to review classified files to vet any claim in order to trust it.

@ Skeptical

“The documents note that the FBI compels cooperation from companies. That means subpoenas, warrants, and NSLs”

The quotes in the above link contradict that statement a bit. They use the phrase “SIGINT-enabling.” SIGINT-enabling is NSA-speak for Backdoor Adding. In context of every other use of that term, the FBI has the ability to compel the addition of backdoors or leveraging existing functionality as a backdoor. Anyone concerned about U.S. agencies should assume they can do this by default and not trust U.S. products for such information.

“Which makes ridiculous the claim that the FBI can compel Intel or AMD to insert backdoors. If the US Government had that power, Cisco routers would certainly not require interdiction.”

A common mistake and I’ve already explained how this works to you before. Prior to Snowden leaks, FBI repeatedly used warrants and sensitive but unclassified technology to gather information on suspects. DEA did that too. Publicly, they talked about how encryption and security in many products (eg iPhones) hurt their investigations. In the Snowden leaks, we find NSA could beat/bypass all that, shared information with the FBI/DEA, and asked them to hide the source of it. In some cases, leaks indicate they back off from a target instead of using their CNE methods to avoid risking targets knowing the existence of those methods. And so on and so forth.

Using inferior techniques to hide the existence of best attacks is M.O. for intelligence community going back decades. The layers of deception and compartmentation support my assertion: even many TS clearance holders doing CNE work weren’t aware of specific subversions with U.S. companies. They knew about interdiction and hacking kits, though, as that was below ECI. So, if doing an attack, OF COURSE they’d use interdiction or another method they had access to. Only someone ECI cleared could’ve known about or used the subversion method.

This is typical for SAP-protected capabilities. Over time, though, the capabilities get to wider audiences if there’s less risk in it. In a few decades, FOIA or future leakers will shed some light on this for us no doubt. 😉

Nick P • February 26, 2015 6:48 PM

@ Wesley Parish

Haha. If Skeptical said that, it’s extra funny given the CIA’s position on that event. One of their more honest moments. They sometimes don’t mind a bit of honesty if the event is a few decades in the past, people involved are in paid retirement, public no longer cares, and statute of limitations is way past.

The kind of people you want to give secrecy and immunity to…

Wesley Parish • February 27, 2015 2:56 AM

Well, @Skeptical, thank you for that last post. I haven’t had a good laugh in quite some time!

What, for Pete’s sake, is an “Intelligence” Agency supposed to do, besides providing timely and valid information on enemies, real and potential?

If Agency X of Nation Y during Crisis Z allows said Nation Y to be taken by surprise, they are not doing their job, and are probably “rumboing the port wenches”, to quote one UK Returned Serviceman Brian Aldiss:

Esomberr looked mildly upon them.

“You worms,” he said. “You hrattocks. You tit-tattlers. Do not all kings bankrupt their countries? Would not everyone lock up his father, given the power? Are not queens always in danger? Do not multitudes always dream of rising up and overthrowing someone or other? You chatter merely of traditional role-playing in the great but on the whole somewhat typecast theatre of life. You tell me nothing of substance. Agents of Oldorando would be flogged if they turned in such a report.”

The men bowed their heads. “We also have to report that agents of Oldorando are busy here.”

“Let’s hope they don’t spend all their time rumboing the port wenches, as you two evidently do. The next time I summon you, I shall expect news from you, not gossip.”

It may be charitably supposed that an “Intelligence” Agency that spends all its time and money on collecting everything that passes on a communications network, is guilty of giggling at the gossip, not reporting on vital currents of news and intention: it may also be supposed that an “Intelligence” Agency that either does not collect vitally important information or does not analyse it correctly, is in fraudulent possession of taxpayer funds.

Dirk Praet • February 27, 2015 5:42 AM

@ Wesley Parish, @ Nick P

I’m a bit confused. Reading through that CIA report, they claim they actually saw Tet coming and that they got there figures right but that it it was the government and the military that simply did not listen to them.

Nick P • February 27, 2015 10:47 AM

@ Dirk

Oh darn, I read it wrong. It stopped here:

” policymakers seeking good news had encouraged optimistic reporting and ignored or complained about intelligence analysis that failed to support their expectations. The bliss of ignorance had several times cost the US war effort dearly, but worse was in store at the end of January 1968, when a misreading of the enemy’s intentions and a calculated understating of his strength left the nation and its political leaders wide open to the shock of the Communists’ unprecedentedly massive spring military campaign, the “Tet (Spring) Offensive.”

Had I kept reading, I’d see the rest which suggests their analysts did a good job and were ignored. The upper level was the problem. That’s still true, though, with all the upper levels of intelligence and police agencies playing games with the public. They’re ignoring what the data says for one reason or another. So, my original claim is toast but the new one fits: history is merely repeating itself in a new form. Even worse, the new capabilities often produce jack.

Skeptical • February 27, 2015 7:43 PM

@Nick: Using inferior techniques to hide the existence of best attacks is M.O. for intelligence community going back decades. The layers of deception and compartmentation support my assertion: even many TS clearance holders doing CNE work weren’t aware of specific subversions with U.S. companies. They knew about interdiction and hacking kits, though, as that was below ECI. So, if doing an attack, OF COURSE they’d use interdiction or another method they had access to. Only someone ECI cleared could’ve known about or used the subversion method.

It’s certainly possible – and I raised this possibility when the interdiction was first reported on – that the entire interdiction process, and the numerous specialized implants developed as part of it, is all part of an effort to shield even more valuable capabilities.

I have several problems with this possibility.

First, an interdiction isn’t a low-budget affair. A program of ongoing interdiction even less so. If it’s all merely a deception operation, it’s an immensely expensive one with huge opportunity costs.

Second, the targets that would be the subject of these interdiction and implant efforts are not going to be your average criminal. They’re going to be targets of very significant value – in other words, precisely the kind of targets where the temptation to use some kind of backdoor built into nearly every computer and mobile device would be overwhelming, especially for those concerned about being accused of not trying hard enough to stop a terrorist attack.

So as a deception operation, it’s just hard to buy. It would be the equivalent of the US producing the F-22 as a giant feint, while the secret F-73 launched from secret submarine aircraft carriers is the true advanced air dominance aircraft, and then not using the F-73 aircraft even in situations where the leadership would pay a significant political cost were it ever exposed that they did not use the capability.

There are other reasons to doubt the existence of such a broad-scale backdoor program as well. I truly doubt that the US Government could somehow talk Intel, AMD, Qualcomm, and others into inserting backdoors into all their products and keep it from leaking. An effort on that scale would be impossible to conceal. I doubt the companies would agree to it.

Finally, for all the talk of how invested the NSA is in mass surveillance programs, I actually don’t think a broad effort to backdoor, secretly, every chip and router is worth it, and I think they know that. The odds of detection (even assuming it never leaks) rise considerably if you place it in every product, and although I could see a need for that type of capability being argued for in a world where well implemented and strong encryption was the norm, that has not been the case. Instead the NSA has consistently found ways around the encryption. That’s much cheaper, harder to detect, and makes more sense on several levels than a program to persuade major companies to secretly backdoor all their products.

What they’re talking about these days, I’d add, however vaguely, is something rather different and much better for everyone – but I’m out of time.

I’ll get to the “US bad at HUMINT” subject another time too.

Nick P • February 28, 2015 12:18 AM

@ Skeptical

Reading through your post, although it has good reasoning, shows me that you’re hypothesizing about the situation. You’re also treating it like one organization when it’s a group that each have parts to play and powers over us. The FBI does the compelling and works with NSA on Backdoor Adding domestically. CIA/INSCOM do it on foreign and maybe domestic. From there, their methods and activities might diverge a bit. Yet, FBI and CIA rarely seem to use those capabilities in favor of weaker, traditional, public ones. You’re post, esp F-73 concept, contradicts what they the NSA/FBI/CIA partnership is actually doing.

Two FBI examples are Stingray and crypto. FBI encouraged GPS to be put in phones for both mobile 911 and claiming they needed it for locating criminals. The latter was a calculated lie that they knew would encourage crooks to buy old phones without GPS. It took them until 2004 in a court case to admit that they had been tracking phones without GPS the whole time. They didn’t always do it as knowledge of the capability was too important. They made a similar claim about iPhone encryption and yet NSA documents show they can shred iOS plus let FBI/DEA parallel construct it. The FBI said this about crypto in general despite having FBI tech and NSA support to bypass it entirely on common platforms using attacks on those platforms and/or implants.

In all of these situations, many real cases went on without the use of the secret capabilities [far as we know]. They intentionally held back for fear of exposing their methods. So, they do that whether we think it makes sense or not. The only question is, “are they doing that for U.S. products and/or crypto?” Documents indicate yes but not who specifically or criteria. It does show their intent, though: they want it all.

” I truly doubt that the US Government could somehow talk Intel, AMD, Qualcomm, and others into inserting backdoors into all their products and keep it from leaking. An effort on that scale would be impossible to conceal. I doubt the companies would agree to it. ”

As I said previously, they’ve already done forms of this for companies that sold to mass market. It’s even easier to hide things in chips. Their previous MO is to make it look accidental. There’s errata found in chips all the time and so another one won’t hurt the industry.

” I actually don’t think a broad effort to backdoor, secretly, every chip and router is worth it, and I think they know that. The odds of detection (even assuming it never leaks) rise considerably if you place it in every product, and although I could see a need for that type of capability being argued for in a world where well implemented and strong encryption was the norm, that has not been the case.”

You just basically made the case against mass surveillance. I couldn’t agree with it more. 😉 Thing is, NSA’s internal mission is to Collect It All to Predict or Prevent It All. That implicitly requires vulnerabilities or backdoors in all privacy technology. The documents indicate they’re trying to get U.S. and foreign companies to weaken their technology. If U.S. companies refuse, the FBI can “compel” some or all to do it. If foreign companies refuse, the CIA will do… more. This mission, prior deceptions, and the knowledge that they’re forcing design changes in U.S. products make a strong case for assuming by default U.S. operated stuff is backdoored for NSA use.

It’s the only reasonable assumption to make in a country where secret authorities can secretly compel or attack those in their jurisdiction for eavesdropping. That situation is bad from the start.

Skeptical • February 28, 2015 8:03 AM

@Nick: In all of these situations, many real cases went on without the use of the secret capabilities [far as we know]. They intentionally held back for fear of exposing their methods. So, they do that whether we think it makes sense or not. The only question is, “are they doing that for U.S. products and/or crypto?” Documents indicate yes but not who specifically or criteria. It does show their intent, though: they want it all.

None of your examples engage with my reasons for doubt. The question isn’t whether the NSA would try to conceal the fact of the backdooring of Intel, AMD, etc. – I’ll just call this theory the Universal Backdoor Theory – of course they would.

The question is whether it makes any sense to utilize a program as expensive as interdiction and implants, on targets that would be those where you would want to use a Universal Backdoor, for sake of concealing the existence of a Universal Backdoor.

It is possible, but very unlikely, for reasons I gave in my last comment.

These reasons do not apply to the FBI using directional antennas and cell-tower connections to fix a rough position on a mobile phone even while urging the installation of GPS (for the sound reason that GPS is more precise). In that case the FBI continued to use the only available, but inferior, methods for locating transmitting mobile phones pending the adoption of better capabilities.

A better analogy to the Universal Backdoor Theory would be for the FBI to have had GPS secretly implanted in every phone long before GPS was publicly placed in phones, and for the FBI nonetheless to have used inferior and expensive methods even in cases where the use of GPS would be most desired.

And I would doubt that case for the same reasons I doubt the Universal Backdoor Theory.

Thing is, NSA’s internal mission is to Collect It All to Predict or Prevent It All. That implicitly requires vulnerabilities or backdoors in all privacy technology.

You’re extrapolating from a phrase on a powerpoint slide.

You’re also not recognizing that the instance in which broad-scale collection has been applied has occurred in passive surveillance, not active surveillance. The use of Universal Backdoors to “collect it all” would require the blanket use of active surveillance – something at odds with everything we’ve learned about how the NSA conducts active surveillance.

The documents indicate they’re trying to get U.S. and foreign companies to weaken their technology.

They don’t indicate how, or for that matter how broadly. No doubt, somewhere, there is a powerpoint slide noting that the fact of US cooperation with private manufacturers to enable the degradation of gas centrifuges and associated PLCs is classified. Yet to read that as implying that the US must be degrading all gas centrifgues and PLCs everywhere would be a grave mistake.

If U.S. companies refuse, the FBI can “compel” some or all to do it.

So far I’ve spoken in terms of probabilities, but here we can be more absolute:

There is no existing legal mechanism by which the United States Government can compel Intel, AMD, and other manufacturers to introduce vulnerabilities into their products.

If you believe that there is one, I challenge you to cite the law giving them that power. The lack of such a law is precisely why the attorneys advising the Tor Project are certain that the Tor Project cannot be compelled to introduce backdoors.

@Wesley: My problem with your theory is that you take a very particular case from nearly half a century ago and use it to evaluate, apparently, US intelligence today as it exists in an extremely wide variety of circumstances. It’s a pretty weak argument. And it also has the absurd implication that any nation that has been subject to a surprise attack must have incompetence intelligence services – which implies that not being surprised is merely a matter of competence in intelligence – which is a bit like saying that winning a battle is simply a matter of military competence. We don’t fully determine our fates, as much as we might prefer we did.

Clive Robinson • February 28, 2015 9:24 AM

@ Skeptical,

The use of Universal Backdoors to “collect it all” would require the blanket use of active surveillance – something at odds with everything we’ve learned about how the NSA conducts active surveillance.

Err you appear to have a false assumption in there.

“Collect it all” does not require “active surveillance” passive surveillance will be just as effective.

We know that the NSA amongst others are tapping fibers all over the place. One example is that of Googles servers, where the fibers used inside of the perceived security barrier were tapped by the NSA and every byte moving across them was available, and as past evidence shows the NSA would have collected every byte as it passed, by just passively listening.

This leaves the question of what is and is not a backdoor…

For years now you will find I have refered to the work of Adam Young and Moti Yung in this respect (Bruce has also refered to them in his recent paper, which I would suggest you read).

In essence you can take something like an RSA PubKey Cert, and in the process of generating it provide a short cut to one of the primes used such that factoring the cert takes not eons of brut force searching but just a second or two at the most. The thing is you can encrypt that short cut such that it is not feasible to prove if the short cut is in any given certificate with just the certificate, you need to be able to have access to and be able to accurately debug the certificate generation process, which often is not possible.

But… it is also known there is another short cut, which is due to the lack of entropy when a certificate is generated. This is especially true for “embedded devices” such as routers. It does not take much in the way of resources to obtain the devices or their software and find the charecteristics of the random number generator. There is also a mathmatical short cut where you can compare certificates increadibly rapidly to see if they have factors in common even though it does not give you the factors. Thus the NSA can quite easily collect just about every PubKey Cert there is in use out there as they cross the wires. They then find those that have factors in common and devote resources to factoring out just one, as it will then rapidly give you the factors for all the certs in that group. Often a cert will end up in more than one group so a cascade effect will happen where certs very quickly get their primes found, at which point it’s game over the NSA have the primes to make the private keys and thus a passive backdoor. As for the gathering and comparing, we know that this is an increadibly fast prosess because a couple of academic researchers did it a couple of years back, and found that the majority of certs with common factors came from embedded devices such as routers and firewalls.

Which only leaves the question of finding the random number generator charecteristics and short cutting the factoring process. The fact that there are so many certs with common factors tells us that the charecteristics of the random number generators are very amenable to this…

This sort of easily achivable “backdooring” only becomes worthwhile if you do “collect everything” it does not pay off for directed attacks.

It’s a point I’ve made before on this blog when discussing if the NSA could fa tor 1024bit certs, but it did not cause much comnent at the time.

Nick P • February 28, 2015 2:20 PM

@ Skeptical

re backdoor

Again, you make strong arguments. Except for two things: they are putting weaknesses into some vendors products to reach customers universally; they do hold off on using advanced methods at times. Combined with BULLRUN on U.S. companies, any defenders must assume they might have more weaknesses and backdoors in U.S. companies (in development or in limited use).

That brings to your next point about targeted vs dragnet. Like you pointed out for TAO, the most powerful capabilities are not used widespread: just aimed at more important targets and sometimes not used if detection risk is high. These subversions would have both properties even more. I’m not sure they’d ever want the information released. It’s use would always have to be deniable. That has benefits for people only hit with passive collection. They’d be unaffected.

One thing that’s missing from this discussion is that there are different types of subversion. My own posts are one-sided too. The NSA subversions have included weaknesses to break crypto, weaknesses to enable wiretapping, insertion of radio into air-grapped machines, modification of monitor cables to broadcast signals when hit by a specific radar beam, and so on. The most exemplar subversion, detailed in the paper I linked, is to insert something that looks harmless and activates in combination with later input (remote or physical). Although having reduced utility, it maximizes both deniability and long-term effectiveness. One of these kinds of subversions is more likely to happen at the chip level than a full-on Remote Access Tool.

Yet, we have nothing to go on past their intent to backdoor U.S. encryption products, examples of how/who, and their stated goals on doing it to more than encryption.

“You’re also not recognizing that the instance in which broad-scale collection has been applied has occurred in passive surveillance, not active surveillance. The use of Universal Backdoors to “collect it all” would require the blanket use of active surveillance – something at odds with everything we’ve learned about how the NSA conducts active surveillance.”

I actually agree with that. They’re doing Collect It All with passive methods. The other techniques are used to access whatever they can’t get with those methods. So far, it’s typically done on a targeted basis.

“They don’t indicate how, or for that matter how broadly. No doubt, somewhere, there is a powerpoint slide noting that the fact of US cooperation with private manufacturers to enable the degradation of gas centrifuges and associated PLCs is classified.”

Which, unlike your position, means defenders should assume the worst. That they’re doing it in secret while publicly acting like they’re helping protect companies is all we need to know. Organization has bad character, they’re trying to coerce weakening of our systems, and getting caught in bed with them can have financial consequences.

“There is no existing legal mechanism by which the United States Government can compel Intel, AMD, and other manufacturers to introduce vulnerabilities into their products.”

There’s no existing legal mechanism by which the U.S. government can warrantlessly collect all users data, including private messages, in online services. General Alexander even repeatedly said they don’t collect such information: only metadata instead. Yet, the leaks show they collect as much of that as possible with permission of FISC under secret interpretations of law. Who knows what the FBI can do with secret interpretations of law in effect.

We do know all the public ways they’ve destroyed companies, esp hosting firms, with mere allegations allowing them to seize assets and equipment. It’s probably not any real law that they use. More, a reminder that the FBI can act above the law without any real consequences for them and plenty for their opponents. That’s been enough for many people to take plea’s. That’s the kind of shit police have threatened me with before. So, I’m thinking that it’s probably such lawlessness rather than a law.

” The lack of such a law is precisely why the attorneys advising the Tor Project are certain that the Tor Project cannot be compelled to introduce backdoors.”

Actually, as I said in other post, their wording indicates they think they’re a special exemption to current laws. They’re not a carrier, they don’t sell anything, their crypto is exempt from export control, they’re not defense contractors, and they push clear rather than black boxes. Their people are also very privacy conscious in a way that gives FBI little leverage on them. Pretty much the opposite of all top chip and software vendors in every way. They’re not an example of anything except how to structure a non-profit to reduce U.S.’s extra-judicial power.

Skeptical • February 28, 2015 2:59 PM

@Clive: “Collect it all” does not require “active surveillance” passive surveillance will be just as effective.

Yes. My point is that backdoors in every chip and device – to the extent we’re referring to backdoors that would require active surveillance to exploit – would not fit into what “collect it all” refers to.

Your point that there could be “backdoors” that enable decryption of what is sent from a device, where what is sent can be collected passively and then decrypted, is indeed a fair point (and I appreciate the illustration you provided in your comment). But at least insofar as implanting such a type of “backdoor” in all chips and devices, it would be completely impractical and for a substantial subset of chips and devices not provide much payoff. And even here I might quibble as to the extent to which this is truly passive (inasmuch as the expected operation of a component or machine has been deliberately altered, there are elements to this that would likely fall into the active category – but neither category seems very precise).

In any event, this is a quite minor point compared to the other points to consider as to whether the Universal Backdoor Theory is plausible, which I don’t think it is.

Dirk Praet • March 1, 2015 1:27 PM

@ Skeptical, @ Nick P., @ Clive

But at least insofar as implanting such a type of “backdoor” in all chips and devices, it would be completely impractical and for a substantial subset of chips and devices not provide much payoff.

For a change, I actually agree with you on that. The presence of secret backdoors in Intel or AMD chips would bankrupt both companies if ever they were found out about. Which still doesn’t mean that they are not in bed with the NSA, as made clear by Intel CEO Brian Krzanich’s ominous silence at a Reddit online chat session last year when he was repeatedly asked about such backdoors. His non-responsiveness at the time elicited a “Blink twice if you’re not allowed to answer this question” from @trevortimm as well as ridicule from other users such as @KimZetter and the like.

Like Steve Blank, I believe it is safe to assume that NSA is capable of exploiting Intel/AMD chips by leveraging privileged knowledge of the microcode update mechanisms, and in pretty much the same way we have recently learned the Equation Group/IRATEMONK is doing with HDD firmware. Intel Core vPro processors containing a 3G chip that allows remote shutdowns and bypassing of hard drive encryption even when the machine is not connected to the network after all are an irresistible target. Same goes for smartphones that can be pushed on-SIM code to infect the OS when you’re in possession of the OTA keys.

There is no existing legal mechanism by which the United States Government can compel Intel, AMD, and other manufacturers to introduce vulnerabilities into their products.

Make that “no existing legal mechanism we know of”. Before Snowden, the public didn’t know about the secret interpretations of PA 215 and FISA 702. Even in Congress, there seemed to be quite some folks completely unaware of it. I wouldn’t be surprised if sooner or later some Spiegel or Intercept article brings to light some additional legislative work, Executive Order or Presidential Directive under which corporations can be further coerced to do the administration’s bidding, and under gag order.

Skeptical • March 2, 2015 10:10 AM

@Dirk: Make that “no existing legal mechanism we know of”. Before Snowden, the public didn’t know about the secret interpretations of PA 215 and FISA 702. Even in Congress, there seemed to be quite some folks completely unaware of it.

For many laws, as applied to particular circumstances, one may not be completely certain as to how a court will rule on the question of its application. There’s a zone of uncertainty that exists, the size of which varies depending upon how a law is written and upon how frequently the question has come before courts before and upon how well the courts have answered the question.

The telephony metadata program falls into that zone. I can understand the rationale of the court for issuing orders enabling it; and I would equally understand the rationale of a court for NOT issuing orders enabling it.

But that doesn’t mean that suddenly everything is possible. Hey, do I have to pay my taxes next year? Maybe not – maybe there’s some secret rule or law that exempts… No, there isn’t. No, there is no reasonable interpretation of a law that would allow you to do so.

So what about the government forcing manufacturers like Intel and AMD to insert backdoors? There’s no law under which a court would be able to issue such an order. Period. There is no zone of uncertainty around any law in which such a power could exist. And the attorneys – both in-house and outside counsel – used by these companies are as high-powered as they come. Try to legally compel Intel to insert a backdoor into all of its products? Their lawyers would go to war, and they’d win.

What I could see is Intel cooperating in very specific cases of high importance – but these would be cases we would all likely agree with. And the cooperation would be voluntary.

Listen, I’m not the least bit naive about American law or the American legal system. It has a lot of warts, and elements of it are unnecessarily inefficient and, in the case of criminal justice, unnecessarily brutal. I can list dozens of ways it can be improved. But if my only question were whether a national government can legally compel a manufacturer to insert backdoors, I would very comfortably buy a product manufactured in the United States over one manufactured anywhere else.

Indeed, quite frankly if security were my main concern, and I was not conducting a criminal enterprise or a foreign intelligence operation, and I was operating within the United States, then assuming two products to be equivalent on a technical level, I would take the American product every time.

And by the way – I would fully expect, over the next 10 years, a massive increase in security for all companies operating within the United States. I expect the USG to take much broader responsibility for shielding the private sector from foreign attacks. Sony was the wakeup call for much of the private sector that Titanium Rain may have been for defense and government contractors.

So long as this is done with appropriate privacy protections included, this would be a very good thing for industry everywhere.

We’re actually in a very strange state of affairs right now. On the one hand, there’s a lot of noise and effort directed at trying to restrict the USG in certain ways. On the other hand, there’s increasing effort directed at trying to get the USG to take broader responsibility for cyber-security. There’s nothing inconsistent about this – one may want the USG to stop the telephony metadata program while also more aggressively preventing, deterring, and if necessary actively disabling, foreign intrusions and attacks.

In some ways the advocates of “reining in” the NSA have it wrong. You don’t want to rein them in, and you don’t want to diminish their funding. Instead you want them to increase their efforts in some areas (which will likely require much more funding) and stop certain other programs (which are unlikely to cost that much).

Dirk Praet • March 2, 2015 6:36 PM

@ Skeptical

So what about the government forcing manufacturers like Intel and AMD to insert backdoors? There’s no law under which a court would be able to issue such an order. Period.

Unfortunately, I do not share your optimism in this regard, and for which I refer to my previous post with the following question: before Snowden, did you or did you not know how PA 215 and FISA 702 were interpreted as to allow many of the NSA programs we have now learned of? Unless you’re NSA, DoJ or on one of the intelligence committees, I don’t think you did and in which case (pre-Snowden) you would have thrown the exact same argument against anyone claiming they were.

Then again, I also said that – just like you – I doubt Intel/AMD are building factory backdoors in their processors and for the reasons I mentioned in my previous post. It is way more likely that the NSA has other means of exploiting them, as in leveraging existing microcode update mechanisms.

And by the way – I would fully expect, over the next 10 years, a massive increase in security for all companies operating within the United States.

A rather bold statement in light of the fact that over the last decade the NSA has been doing exactly the opposite. You can’t possibly believe the PRISM partners to be actually happy with what they’ve been forced to do.

In some ways the advocates of “reining in” the NSA have it wrong. You don’t want to rein them in, and you don’t want to diminish their funding.

I’m afraid I’m seeing that quite differently. The NSA is an out-of-control organisation operating under secret orders from secret courts based on secret interpretations of the law. Secret law is hidden tyranny. Their activities may have thwarted a couple of terrorist plots here and there, but in the process they have compromised the privacy and security of billions of people both at home and abroad. This dystopian surveillance apparatus – if ever it falls into the wrong hands – is a much bigger menace to our democratic societies than the occasional terrorist. IMO they need to be either reined in or disbanded.

Twitpic

Comments

Leave a comment Cancel reply