Paris Attacks Blamed on Strong Cryptography and Edward Snowden

Well, that didn't take long:

As Paris reels from terrorist attacks that have claimed at least 128 lives, fierce blame for the carnage is being directed toward American whistleblower Edward Snowden and the spread of strong encryption catalyzed by his actions.

Now the Paris attacks are being used an excuse to demand back doors.

CIA Director John Brennan chimed in, too.

Of course, this was planned all along. From September:

Privately, law enforcement officials have acknowledged that prospects for congressional action this year are remote. Although "the legislative environment is very hostile today," the intelligence community's top lawyer, Robert S. Litt, said to colleagues in an August e-mail, which was obtained by The Post, "it could turn in the event of a terrorist attack or criminal event where strong encryption can be shown to have hindered law enforcement."

There is value, he said, in "keeping our options open for such a situation."

I was going to write a definitive refutation to the meme that it's all Snowden's fault, but Glenn Greenwald beat me to it.

EDITED TO ADD: It wasn't fair for me to characterize Ben Wittes's Lawfare post as agitating for back doors. I apologize.

Better links are these two New York Times stories.

EDITED TO ADD (11/17): These two essays are also good.

EDITED TO ADD (11/18): The New York Times published a powerful editorial against mass surveillance.

EDITED TO ADD (11/19): The New York Times deleted a story claiming the attackers used encryption. Because it turns out they didn't use encryption.

Posted on November 16, 2015 at 2:39 PM • 120 Comments

Comments

NoReligionWillSaveYouNovember 16, 2015 2:59 PM

IMO governmented mandating backdoors from developers is a massive red herring. The NSA has proven themselves willing and able to covertly infiltrate low level hardware and software companies. The mandated backdoors for high level software developers are just a psy-op to keep people from realizing where the real disinformation is flowing.

rj07thomasNovember 16, 2015 3:04 PM

There's a shock. So, we build backdoors into everything. In fact no, let's abolish all security and then it could hardly be called snooping- the data is just there, like a trillion postcards. And will the terrorists continue to blindly use these open systems? Of course they won't.

David HendersonNovember 16, 2015 3:14 PM

The original PGP from Zimmerman had a trust hierarchy built on in-person exchange of keys.
Authentication was called a 'key signing party'. It was also before the internet as we know it now existed.

Pretty clear that we need to go back to this model because the existing internet is utterly compromised when it comes to certificates or other authentication from trusted authorities.

BeethovenNovember 16, 2015 3:23 PM

Is that the same CIA Director John Brennan who was using an AOL email account? I don't think he can spell intelligence much less should be commenting on this!

AnuraNovember 16, 2015 3:29 PM

@David Henderson

The web of trust isn't a particularly good model either. It starts out as cumbersome where you can only communicate with people you meet in person - once you start trying to expand that to apply to those you haven't met, it becomes more fragile. Plus, if your key is compromised, how do you make sure it is no longer trusted by everyone?

The big problem with CAs is that they aren't authorities over what the certificate is being issued for, and Web of Trust doesn't solve this. If you want to connect to an unknown domain, who is the authority on that? Well, ultimately the DNS system, so what we really need to use for that is DNSSEC while storing public keys as DNS records. If the ownership of the domain transfers, you don't want the old public keys to remain valid.

PKI is hard, so we shouldn't expect an easy solution.

DanielNovember 16, 2015 3:29 PM

@David Henderson

The problem with your proposal is that it trades-off anonymity (or pseudo-anonymity) for security. There has been no success getting the public to accept that trade-off. A good example of this is the "darknet" of Freenet, which operated on the same principal as key-signing parties. Indeed, allowing for such direct exchange of keys was a major reason Freenet forked itself. Total failure. Freenet recently used their Google Summer of Coding to make a mobile app to exchange darknet keys. Uhh, yeah? Making something people don't want to do easier isn't going to make them want to do it. But I hope the coder learned something :-)

Anon YmousNovember 16, 2015 3:55 PM

I believe the root causes of this problem are ignorance and unwillingness to own up to failures. Top politicians and media reps have a voice but unfortunately do not understand technology nor security so they think that by breaking encryption they have a magic bullet.
They cannot connect the dots on whatever intel they already have (it is well documented that 9/11 happened because the various US intelligence agencies could not piece together intel they already had in a meaningful manner. This is just the most glaring example) but they want to collect more.

Anon YmousNovember 16, 2015 4:05 PM

@Ulrich most politicians are after their own self-interest (cynical, I know). They worry about the short/medium term, i.e. what they can accomplish during their term, especially if that gives them another term. They are not bothered with any global long-term view.

JacobNovember 16, 2015 4:06 PM

From the Guardian, an hour ago:
---------------------------------------
With every new piece of information that has come to light about the perpetrators of the Paris attacks, it has become clearer that the intelligence services in France and Belgium knew about their jihadi backgrounds.

Several had dossiers identifying them as radicals. At least five had travelled to fight in Syria and returned to homes in France or Belgium. They were dots on the radar screen but the security services failed to join them up and so overlooked the gathering conspiracy.

“What we know is that most of these people came back from Syria and nobody stopped them,” said Natalie Goulet, a member of the French senate foreign and defence committee. “Whatever the reform that has been implemented [in the intelligence agencies] it’s not working.
-------------------------------------------------

The solution? more and deeper mass surveillance against citizens, inserting backdoors into comm products, banning ecryption, making T. May a godess.

WonderfulWomenNovember 16, 2015 4:24 PM

@UB - I take Hillary seriously as potentially becomming the first non-male POTUS (1 out of 45 is a lot better than 0 for 44)

rgaffNovember 16, 2015 4:33 PM

@ WonderfulWomen

I think he meant, is there a single politician alive who has ever ONCE opened their mouth and NOT told an outright lie?

It's at the point where you have to just switch everything they say to the opposite figure out the truth... and everyone expects this as normal and right now?

BeckmanNovember 16, 2015 4:46 PM

@Anura: Good point! I think I started using encryption in 1989 already...

France just has put in place a new surveillance law, mainly relating to data retention. So has Switzerland about one year ago. And we got the Hacking Team's Galileo which was purchased and perhaps even used outside the legal framework. Those measures all did not prevent the events in France. But the Paris massacre will be used to step up government surveillance. What about the good old profiling that was so efficient at the Canadian border? https://www.schneier.com/blog/archives/2004/11/profile_hinky.html That would be much more efficient. Or at least staffing the French customs building near Annemasse (border to Geneva). On 12th Nov. 2015 (sorry, pure coincidence), the Swiss customs agents were reading the newspapers and on the French side, the building was unmanned. Rather than trying to suppress cryptography, police should start doing their work.

WWNovember 16, 2015 4:47 PM

@rgaff - actually I think I answered what @UB meant, or the most obvious interpretation of such a short sentiment. I think you take the less useful direction toward pedantic extremism. What your lies have been matter, and beyond ordinary human imperfections, there does appear to be a serious difference between e.g. Hillary and the G.O.P. field. What I find most distressing however, is not the 'lie' Hillary recently uttered, but the the 'betrayal' of prominently using the term 'jihad', versus the more intellectually and philosophically detached and logical verbiage 'religious extremists'. God willing it may be the truth that most of the horrors perpetuated by 'christians' in the name of God and Crusade are behind us. And that the horrors perpetuated by 'muslims' in the name of God and Jihad will follow behind us in the same basic trajectory.

Richard CookNovember 16, 2015 4:49 PM

It's crypto-envy. This is what happens when someone possesses better information security than you do. It's common among government officials. Government leaks like a sieve. When others demonstrate better info sec it generates crypto-envy. voilà

J on the river AcheronNovember 16, 2015 4:51 PM

Blaming encryption for terrorism makes as much sense as Bernie sanders saying "climate change is directly related to terrorism". It's to be expected. Something horrific happens then many hoist their flag to it to try to get attention. I am waiting for followers or enemies of high taxes, religious bigotry, rascism, high college costs, or black lives matter to jump in. Make the connection however tenuous the logic.

rgaffNovember 16, 2015 4:59 PM

@ WW

With the wholesale scuttling of human rights and the constitution and few people caring, I honestly don't see "horrors perpetuated by 'christians' in the name of God and Crusade behind us".... I see the opposite: that very history repeating itself again soon. Yet I seem to be the only one to see this connection... it's frustrating. My expression of my frustration can make me sound pedantic as I flail about trying to call attention to it, among a mob jeering and mocking.

OtherWayNovember 16, 2015 5:04 PM

Does allowing back doors mean the government / law enforcement is responsible when an attack occurs? Are we receiving all the warnings we should today?

WWNovember 16, 2015 5:07 PM

@rgaff - certainly the whole gay marriage scotus, first non-white potus, and other things lead to a view that perhaps the 'moral majority' has been beaten to death finally?

sqrtNovember 16, 2015 5:10 PM

A question on Snowden...

Does the documentation provided by him contain much technical details? I find it a bit odd that a geek would not collect really technical documentation (like technical design documents typically created for IT projects) but maybe he did also release such documents?

Or what's the chance (completely besides the point in my question) that Snowden is just part of some kind of psy-op trying to test the integrity of their worker pool (by determining if they can get any copycats to surface after manning et al)?

chriskNovember 16, 2015 5:12 PM

Like dealing with a psychopath, isn't it? Never their fault when something goes wrong. America and France were wearing provocative clothing, so citizens' fault.

Nevermind how lucrative NATSEC and playing international markets with the multinational banks happens to be.

rgaffNovember 16, 2015 5:16 PM

@WW

Just because there is more equality in some areas doesn't negate what happens after consolidation of power and removal of the constitution and basic human rights. You have to look at the world like a chess game. How many moves do you look ahead? We're removing the kinds of things that pulled us out of the dark ages, yet human nature is the same (selfish and power hungry).

hoodathunkitNovember 16, 2015 5:19 PM

Ulrich Boche asks:"Is there any US politician or official these days who can be taken serious?"

If by serious you mean "as not lying through their teeth", there are some but very few. Jim Webb is one example, but he is about as appealing a candidate as Bruce Schneier would be. (Sorry Bruce, but it's actually a compliment) Like math, real issues are hard. Most folks vote over emotions, self flattery, and candidate's appearances; voters do not want serious politicians.

Anon15November 16, 2015 5:39 PM

@Anon Ymous

If you read the 9/11 commission report, the US knew Khalid al-Mihdhar had jihadist connections and was in the US. The rules in place at the time prevented the intel side of the FBI from sharing data with the criminal side of the FBI. Only the criminal side of the FBI had the resources to conduct a nationwide manhunt, so the lack of information sharing was at least as large as a problem as any failure to "connect the dots."

New MathNovember 16, 2015 5:41 PM

@sqrt -

Or what's the chance (completely besides the point in my question) that Snowden is just part of some kind of psy-op trying to test the integrity of their worker pool (by determining if they can get any copycats to surface after manning et al)?

An additional possible motivation that seems entirely too plausible to me is that they realized there was such a bifurcation between the skills and knowledge they needed their incoming employees to have, and what the general populace had. I.e. they just had to release some of the mounting pressure at that dam to head off a truly cataclysmic revolutionary 'disaster'. 'disaster' in quotes, because who knows if Hitler had been killed, if that wouldn't have somehow led to some even more successful villian.

BlueLightMemoryNovember 16, 2015 5:44 PM

Brennen, kiss my ass, you criminal, traitorous, SOB.

ISIS is a creation of your agency, and FU if you think and hope that encryption will be outlawed just because you sprung your boogey-man in Paris.

Never_Waste_A_Fascist_OpportunityNovember 16, 2015 5:51 PM

"The Village Idiot"

Q: How do you respond to the allegation that spooks couldn't put obvious dots together that these were identified radicals, fresh back from Syria, keen to cause mayhem?

MIC: "9/11."

Q: And your response to the concerns that turf war between the three letter agencies has permitted a spate of terrorist atrocities in recent times?

MIC: "Encryption bad."

Q: Do you think innumerable breaches of domestic and international laws, alongside the obvious violations of the search and seizure provisions of the 4th amendment ought to be prosecuted? Indeed, hasn't this blinded the agencies to clear and present dangers by hiding needles in a haystack of needles?

MIC: "Tor bad."

Q: Do dick pics provide good intel? Ditto web cam / VOIP cyber sex?

MIC: "Terrorism."

Q: How do you respond to the clear information showing that ISIS has been funded and armed by US allies in the Middle East and that in recent years the US was channeling weapons via Benghazi to the 'moderate rebels' (ISIS) who are apparently the most evil thing since Al-CIA-DA?

That... in fact the genesis of ISIS is the US decision to invade Iraq in 2003 and then disband the Iraqi army filled with Bathists (against expert advice) - subsequently leading to a rag-tag army of radicals that would provide a wedge in the region between Shia & Sunni and thus a pretext for ongoing neo-imperalism and ongoing raping of natural resources?

Surely without USG meddling the Paris incidents would never have happened?

MIC: "Encryption bad."

Q: Is the MIC above the law, given that CIA was not prosecuted for torturing innocents to death, the NSA is being given a free ride for their implementation of Cyber Prison Planet, and the executive branch gleefully funds the 'bad guys TM' on the side - a treasonous act?

MIC: "9/11... Tor Bad... AND Terrorism".

Q: By now, isn't "military intelligence" an oxymoron?

I mean, what the fuck do you guys actually do all day if terrorists virtually tattoo on their foreheads they are about to undertake an attack, and you still insist on hacking Ashley Maddison on the side to embarrass and destroy your political enemies as a higher priority?

MIC: "Tor bad."

Q: Final question... What can we expect from the deep state in the next edition of "We have always been at war with Oceania"?

MIC: "Nothing to hide, nothing to fear."

rgaffNovember 16, 2015 6:05 PM

"Nothing to hide, nothing to fear."

So if I hide anything, I DO have something to fear? Is this the government directly threatening its own citizens?

Root Ideological WarsNovember 16, 2015 6:10 PM

Q: And your response to the concerns that turf war between the three letter agencies has permitted a spate of terrorist atrocities in recent times?

MIC: "Encryption bad."

One can never be sure of levels of sarcasm and trolling in a place like this but, I'll take this time to harp on the old 'FBI/CIA firewall' issue. This comment, and one above about connecting the dots, seem willfully oblivious to the darn good reasons why that firewall, manifesting often in a way characterizable as 'turf war', was there. This, as the topic of encryption relating to free speech, is a primary root that must not be ignored. I think the long term solution needs to involve something like a set of global inalienable human rights. But the forces of patriotism may retard that outcome for some time.

Dirk PraetNovember 16, 2015 6:12 PM

@ Bruce

As usual, they're talking out of their *sses.

Over the last couple of days, it has become clear that the terrorist trace leads back to the Brussels suburb of Molenbeek in Belgium, a well-known jihadi nest linked to several recent terrorist attacks and foiled plots like the thwarted assault on the Thalys, Charlie Hebdo and the murders at the Jewish museum in Brussels.

At least three of the identified terrorists were known to Belgian security services as high-risk individuals and one of them had an international arrest warrant on his head. The suspected mastermind is also a former resident of Molenbeek who has been travelling on and off between Belgium and Syria where he is now thought to be hiding in Raqqa.

Although it's still too early to draw final conclusions, a complete failure of both federal intelligence services and local Brussels police forces is probably what allowed the Paris attacks to happen, with a huge responsability on the shoulders of the previous Molenbeek mayor and city council. One of the suspects even used to work for him and until a few days ago was still active in the town administration. Over the last two decades, and contrary to many other cities in Belgium, they consistently refused to step up surveillance, monitoring and direct action against known radicals and salafist mosques, to the point that it was common knowledge that the town provided a safe haven for them.

This afternoon, French president Hollande in his speech formally pointed to Belgium as the place where the attacks had been organised, and over the weekend Belgian Home Secretary Jambon had already been summoned to Paris. French officials and media alike are accusing Belgian intelligence services of incompetence and this afternoon an investigation into their operations has been announced.

Unfortunately, it doesn't stop there. Although the relatively small city of Brussels has about 5000 police officers, they are being managed by no less than 18 different county mayors and 6 different police zones, which makes any coordinated efforts of cross-county problems virtually impossible. This has been a known problem for decades, and which has never been properly tackled at the federal level because of political unwillingness to do so.

In short: the Paris attacks had NOTHING to do either with Snowden or encryption. They are the result of inadequate follow-up of and information sharing about known jihadis by resource-constrained Belgian intelligence services, inefficient management and usage of local Brussels police forces, and last but not least the appalingly lax approach of the former Molenbeek mayor and city council who for electoral reasons knowingly and willingly allowed their town to turn into a protective shelter for jihadis and other islamist extremists.

just a thinkingNovember 16, 2015 6:44 PM

It could be so easy. Using encryption only has to be forbidden by law in any country and anyone using a kind of encryption must be a terrorist. So kill all people who are trying to hide information, stay sure that all others have nothing to worry about and the world will be the lost paradise.

Afaik, France has never had a good perception to encryption. Wasn't there e.g. Frenchelon parallel to Echelon?

I think Snowden is on a list of people for destroying their reputation and the case againt them are already written and wait for attacks like in Paris.

tyrNovember 16, 2015 6:56 PM


@rgaff

Like you I feel pretty alone because most of the so-called
terrorism is actually a police problem for dealing with
criminals. The fact that a few criminals can inflict a lot
of damage in a short time does not turn them into the
omnipotent forces of evil badthink. By following the trail
of weapons and cash poured into the failed states by the
adventurers and nationstates with an axe to grind against
neighbors it becomes apparent that shutting off the funds
and ammo would work a lot better. France armed the Syrian
opposition and it blew back in their face. The EU and NATO
have been involved in the mess that spilled all those who
wanted out of the mess into their own area. There is no
new class of criminals, just the same old type who resent
the clear perpetrators of their grievances. If you blew
up the neighborhood where a bank robber lived because he
was a criminal, what would you expect as a reaction ?

The IC has been floundering since the end of the cold war
without a mission, hoping some magic would produce the
needed boogeyman to guarantee funding. Couple that with
the ideas of destroying others to make yourself better
and continually meddling using criminal scum as your proxy
gets you to today.
They have the budget wished for and given little teenaged
asshole criminals the exalted status "jihadi terrorists"
expecting ordinary people to surrender to Orwellian nitwits
as a way to make the problem go away.

To end a conflict you have to interdict the flow of weapons,
ammunition and money into the area. No where in the middle
east do you see this being done, everybody wants to get in
some target practice before World War three starts. All
wish for some magical bombing campaign of women, children,
and orphans to solve the conflicts generated by disruptive
foreign policies.

The real tragedy is that those who make policy are not held to
account for their horrible actions until the end of planetary
war. At that point they will hang one sides leaders the others
will pledge to be nicer in future and the survivors will try
to rebuild something out of the rubble. If the last time is an
example the IC will absorb and embrace the poisonous ideas and
policies of their enemy to fester in the dark until a later day.

There have been places in the recent past where an AK47 could
be purchased for 10 USD in bulk. The criminals who move contraband
are not interested in the general welfare and that makes access
far too easy. Nation states make money off making sure every one
in the third world has easy access to these expensive weapons.
They will not give some poor farmer a shovel but are happy to
hand him an M16 or an AK47 worth a years income.

We have the lousiest leadership, the most ridiculous foreign policy,
and the strangest set of priorities that any generation has been
able to produce. That is a worldwide phenomena apparently suicidal
racial madness. Pretty sad for an animal that prides itself on
being able to think and act on thinking.

WhiskersInMenloNovember 16, 2015 7:32 PM

One interesting topic is the too quick identification of PlayStation 4
as a platform of interest.
http://www.politico.eu/article/why-terrorists-love-playstation-4
Later in the article:
"It’s unclear if the suspects in the attacks used PlayStation as a means of communication. But the sophistication of the attacks raises questions about the ability of law enforcement to detect plots as extremists use new and different forms of technology to elude investigators."

So what we are seeing is pet agenda surfacing with no context or evaluation.
Like the maps of old -- there be dragons -- simply is code for unknown.

Long term this is an issue of law and civility. As long as we embark on wars
against all manner of things we will have law outside of the law and thugs
protecting their ill gotten games.

None appear willing to measure this but Colorado has made it easy. All the
tax money would have moved into the hands of international drug thugs.
While drugs are a true problem the war on anything you dislike is generating
collateral damage of colossal proportions, so large that the richest nation in
the world might use it to finance conflicts: CIA involvement in Contra cocaine trafficking
https://en.wikipedia.org/wiki/CIA_involvement_in_Contra_cocaine_trafficking

ianfNovember 16, 2015 7:53 PM


@ Dirk “In short: the Paris attacks had NOTHING to do either with Snowden or encryption.

Mere fact that the TLA talking heads now mention terrorist tool: encryption is proof that the latest attacks had nothing to do with it. But what happened with the promising rumor of them allegedly using PS4 for attack coordination?

I WANT TO SEE A MP ASK THERESA MAY (on BBC News, my window into UK politics) “Given Paris terrorists' use of gaming consoles for their advance planning operations, when is the Home Secretary going to introduce a bill to outlaw these obvious accessories to terror?” ("accoutrements" in French).

rgaffNovember 16, 2015 8:10 PM

What did Sony do to piss them off for them to be taking shots at the PS4? That's the real story... Always read between the lines :)

Dirk PraetNovember 16, 2015 8:19 PM

@ tyr

By following the trail of weapons and cash poured into the failed states by the adventurers and nationstates with an axe to grind against neighbors it becomes apparent that shutting off the funds and ammo would work a lot better.

But of course it would, there's just no political will to do so because of the huge financial and political interests at stake. Today, Vladimir Putin at the G20 summit in Turkey said they knew of about 40 (fourty) different nations either directly or indirectly funding Da'esh, among which members of the G20.

Officially, no one is supporting Da'esh, but unofficially much of their oil exports are being channeled through Turkey with knowledge of the Turkish government. Quite some private parties in Saudi Arabia and the Gulf States are financing them too, but nothing is being done against them because the West simply can't afford to upset its two-faced allies in the region whose governments categorically deny all such allegations.

The money trails are known. Da'esh today gets the bulk of its income out of oil exports, followed by taxes levied on the population of the areas they control, ransoms extorted from those same people and sales of artifacts of historical sites they have either pillaged or destroyed.

Taking out by air raids or cruise missiles the oil sites they control could deal a significant blow to them, but is a decision no western politician dares to make. The same goes for publicly holding accountable on the international stage those countries actively doing business with or quietly allowing the transfer of funds to them.

Further insisting on the immediate removal of Assad in the light of the Paris atacks in my opinion has become irrelevant. The man may be a brutal dictator, an enemy of the Syrian people and someone Erdogan and other (Sunni) nations in the region want gone, but he is no enemy to us. Da'esh is, so it really is a matter of getting our priorities right and finally broker that deal with the Russians to form a broad international coalition to strike a decisive blow to them.

Failure to do so would be nothing less than high treason on behalf of our politicians who would once again reveal themselves to be nothing more than puppets on the payroll of the oil industry and other special interest groups that have nothing to win from a Da'esh defeat.

Holy Treasonous LogicNovember 16, 2015 8:31 PM

The man may be a brutal dictator, an enemy of the Syrian people and someone Erdogan and other (Sunni) nations in the region want gone, but he is no enemy to us.

There are short term enemies and long term enemies, likewise for political objectives. You sir, are my enemy, as are any who appease brutal dictators.

ThothNovember 16, 2015 8:35 PM

What rights does France have to talk about banning encryption and security when they simply failed their task in heeding warnings from US, Iraq and Turkey ?!

Iraq. A country that just revived itself after a war could detect IS's communications and intentions whereas an advanced nation like France could not put it's ears to listen to warnings from US, Iraq and Turkey.

Encryption is not a problem... It is a scapegoat to take the blame. An unsophisticated nation like Iraq (without much US support) and a conservative country like Turkey could detect the threat whereas the most state-of-the-art nations like USA, UK, France ...etc... are so blinded by their meddling in foreign affairs and electronic intelligence when it has been known on the inaccuracy of arm chair style SIGINT/COMINT.

Before they start blaming encryption and not their lousy efforts at intelligence gathering, they should start contemplating on why they missed multiple warnings from 2 nations (Iraq and Turkey).

Shame on France's intel agencies and those anti-security war mongers... They should do some internal "management" before coming out to meddle with the World.

According to [8], metadata played a key role in predicting the attacks.

Also quoting from [8], "The organization has heavily used steganography to conceal electronic documents—even files within pornographic videos on websites—rather than relying on e-mail". They have good OPSEC and they don't rely on electronic transmissions over the wire or wireless networks but prefer to use manual courier of electronic media, steganography, air-gapping and good OPSEC than using things like TOR, secure protocols and such which have shown to be very leaky.

We know that from [9], [10], [11], [12], [13], Osama bin Laden uses manual courier and containing drafted email messages without evidence of sophisticated encryption or technology. The manual painful OPSEC that people hate still works after close to 15 years counting from (11 Sept 2001 to 17 Nov 2015). Well executed and organized OPSEC deters and reduces digital footprints that Western ICs rely so heavily upon that they are blinded by their own SIGINT/COMINT which produces far more false positives and problems.

As @Clive Robinson mentions, using paper instead of electronic for sensitive information is the most effective method when combined with "invisible ink" and a one time pad key material written on flammable cigarette paper. Incorporate the paper and "invisible ink" encrypted with simple one time pad makes it even harder to break and it has been used by spies since the Cold War or even earlier.

Carefully writing a normal looking letter on top of the hidden message (using ball-point pen with non-smudging ink) adds to the plausible deniability of the secret message.

With the Western ICs still largely stuck in the SIGINT/COMINT dominant mindset of the covert operations, our previously discussed techniques (please use the blog's search for @Clive Robinson, @Nick P, @Thoth, @Figureitout, @Wael, @Markus Ottela et. al.) besides air-gapping with the removable of offending functionalities like WiFi, Bluetooth and other wireless transmissions and using Data Guards and Data Diodes and EMSEC whenever practically possible. We know that even our host, @Bruce Schneier, uses air-gaps when accessing Snowden archives.

Any dirty little secrets or legitimate secrets worth it's weight more than gold and human lives should never be placed into electrons and never to exist physically (not even on the paper/invisible ink/one time pad/stegano/crypto method) as the safest secrets are the secrets that never existed in the first place.

Links:
1. http://www.huffingtonpost.co.uk/2015/11/15/iraq-warned-coalition-ahead-of-paris-attack_n_8569444.html
2. http://news.yahoo.com/iraq-says-shared-intel-france-u-iran-were-102216264.html
3. http://www.nydailynews.com/news/world/car-shoot-restaurants-paris-attacks-found-article-1.2435486
4. http://bigstory.ap.org/article/c9302b053f23414ea41ae48287a823d0/ap-newsbreak-iraq-warned-attacks-paris-assault
5. http://www.haaretz.com/misc/login-page?utm_campaign=trendemon-registration-exit-intent
6. https://sg.news.yahoo.com/turkey-says-notified-france-twice-paris-attacker-senior-102033310--business.html
7. http://www.nytimes.com/2015/11/16/world/europe/inquiry-finds-mounting-proof-of-syria-link-to-paris-attacks.html?ribbon-ad-idx=10&rref=world/europe&module=Ribbon&version=context®ion=Header&action=click&contentCollection=Europe&pgtype=article&_r=0
8. http://arstechnica.com/information-technology/2015/11/isis-encrypted-communications-with-paris-attackers-french-officials-say/
9. http://www.geek.com/chips/osama-bin-laden-sent-emails-via-usb-stick-and-courier-1378279/
10. http://www.computerworld.com/article/2471385/internet/osama-bin-laden-s-email-store-found-on-usb-sticks.html
11. http://www.nbcnews.com/id/43011358/ns/technology_and_science-tech_and_gadgets/t/how-bin-laden-emailed-without-being-detected/#.VkqNuUs26bA
12. http://www.computerworld.com/article/2471385/internet/osama-bin-laden-s-email-store-found-on-usb-sticks.html
13. http://www.techworld.com/news/security/bin-laden-used-usb-sticks-to-send-messages-3279773/

Dirk PraetNovember 16, 2015 8:40 PM

@ ianf, @ Pencil Abuser

But what happened with the promising rumor of them allegedly using PS4 for attack coordination?

There is at this time NO single shred of evidence the attackers were indeed using PS4 to communicate. All of these rumors are based on a statement by Belgian Home Secretary Jambon that they were aware of the fact that Da'esh militants are known to use them, but it was never even confirmed they had actually found a console.

We might as well speculate the terrorists were using pigeons as a means of communication as I saw several of them in TV footage of a Molenbeek street that got raided today.

B613November 16, 2015 8:42 PM

@OtherWay

Does allowing back doors mean the government / law enforcement is responsible when an attack occurs? Are we receiving all the warnings we should today?

If the US Government got backdoors in all US software (and so hardware), then all US software & US hardware would be compromised and terrorists would "go dark" not using any of it.

The main reason they are dropping the ball on terrorism is because they are refusing to focus on having covert 24/7 surveillance on bona fide, strong Islamist extremists.

It is like the joke: a guy comes along and sees a drunk is looking around a lit streetlamp at night. The guy asks the drunk, "What are you doing?" The drunk replies, "Looking for the coin I lost". The guy looks and sees there is no coin, and asks, "So where did you lose it". The drunk replies, "Down that dark alley." The guy exclaims, "Well, why aren't you looking there for your coin?!" The drunk responds, "Because there is no light there."

Mass surveillance: Requires enormous expenditure on systems; connections to those systems; analysts to go through the data; software to go through the data; data centers for the analysts to work at going through the data; legal costs, and so on.

Targeted surveillance: Requires enormous expenditure on security vulnerabilities; specialized malware; miniaturized video, audio, gps systems; surveillance drone and satellite technology; chemical surveillance technology; disguise, legend, cover management technology; human resources trained in all of the above; etc.

The two compete with each other. You get good at one, bad at the other.

They are opting to get bad at targeted surveillance and good at mass surveillance.

NameNovember 16, 2015 8:43 PM

Bruce, please write your Snowden meme buster anyway. I try hard to ignore Glenn Greenwald. He has dropped the ball he was given and I don't trust him at all.

In fact I think you'd do well to write a Glenn Greenwald meme buster in which his journalistic incompetence is exposed. His views on Islamism are fully unsupportable; he is a self-styled leader of the Regressive Left.

GrauhutNovember 16, 2015 8:57 PM

@Beethoven: "Is that the same CIA Director John Brennan who was using an AOL email account?"

Yes.

He ist also the guy with that incredible good taste when it comes to choosing allies in Syria...

The CIA has incredibly great #ModerateRebels on their side.

https://pbs.twimg.com/media/CT83yHnWwAA0cIi.jpg
https://bit.ly/1kA74Cm


Imho Abdelhamid Abaaoud wins that "catch me if you can game" much too often. With that stats Vegas would be off limits for him.

Dirk PraetNovember 16, 2015 9:03 PM

@ Holy Treasonous Logic

You sir, are my enemy, as are any who appease brutal dictators.

I don't. I said it's a matter of getting priorities right, but which you are obviously intellectually incapable of understanding.

@ Grauhut

Imho Abdelhamid Abaaoud wins that "catch me if you can game" much too often.

I was thinking the same thing, but he doesn't look smart enough to be a CIA double agent.

B613November 16, 2015 9:16 PM

@sqrt

A question on Snowden...
Does the documentation provided by him contain much technical details? I find it a bit odd that a geek would not collect really technical documentation (like technical design documents typically created for IT projects) but maybe he did also release such documents?

No. Really it was also all stuff anyone paranoid would and did already assume they were surveilling. "Paranoid" would include terrorists.

I have seen some argue that he revealed data damaging to US interests. I strongly disagree with that viewpoint. I do not think it can be substantiated. For instance, he revealed the Eagle Sentry program, router hacking in China, and telecommunications cable hacking. But, all of these things were already well known. *Maybe* not some of the specific details, but assuming otherwise would have been truly foolish.

Or what's the chance (completely besides the point in my question) that Snowden is just part of some kind of psy-op trying to test the integrity of their worker pool (by determining if they can get any copycats to surface after manning et al)?

No, I do not think so.

It is very hard to tell in any intelligence disclosure by nearly any means whether or not it might not really be a covert counterintelligence program.

Ultimately, you have to sift through all the details, and try and weigh the damage caused versus the possible value. When there is only circumstantial evidence.

The real value here would not be to smoke out whistleblowers. The real value would be if the information disclosed misled terrorists and adversarial nations.

Basically, a classic counterintelligence misdirection. You reveal a bunch of systems that are actually obsolete. That misdirects, adding stealth to the systems that are actually working, and not obsolete.

Very much like the many operations during WWII designed to mislead the Nazis about the location of the Allied troop invasion through Normandy.

In this case, then, nothing has gone dark at all. It is all a ruse.

One problem with this is considering the cost. The cost in terms of losing face for the US intel leaders has been absolutely enormous. Would they all really like to have set off that storm as it has been and end up spending their days in futile punditry battles where usually they are looking like complete fools? Did they really want to look like devil wolves to the American people and the world? There was enormous cost in losing all these systems and the momentum of those systems they had been building. Some would say that was bad, but the only reason they lost these was - under the light of day - they were shown to be unlawful.

Pretty much like a crook blaming the cops for being caught.

The other factor is that these are not the brightest bulbs on the block. Look at OPM. Clearly, no one was manning the wheel. Besides all those records being stolen, who knows what records had been being put in that database all along?

Or the Iraq War. Any idiot could have seen the intelligence was entirely inadequate to advance a war under the pretense that Saddam had ties to Al Qaeda and WMD.

And so many other massive missteps.

Do you seriously think they are capable of such a coordinated and super massive program of deception while sacrificing their faces in the mean time?

I Love Thought ExperimentsNovember 16, 2015 9:28 PM

Do you seriously think they are capable of such a coordinated and super massive program of deception while sacrificing their faces in the mean time?

Intercept(Obama->Snowden):"Make Assange look like peanuts."

Your massive program of deception could have begun and ended right there. Theoretically.

rgaffNovember 16, 2015 9:29 PM

@ B613

"Pretty much like a crook blaming the cops for being caught."

Actually it's like crooks threatening the guy that turned them in with death threats...

Distributed DissentNovember 16, 2015 10:26 PM

Bruce, please write your Snowden meme buster anyway. I try hard to ignore Glenn Greenwald. He has dropped the ball he was given and I don't trust him at all.

In fact I think you'd do well to write a Glenn Greenwald meme buster in which his journalistic incompetence is exposed.

+1, but with an emphasis on the fact that Bruce Schneier, Glenn Greenwald, and Edward Snowden are all merely individual human beings. Given the enormity of the arc of history events they have found themselves surfing, I'd say they all deserve roughly an infinite amount of slack. But the +1 stands. And just because Greenwald may have written with an angrier keyboard once or twice than maybe you think he should have, doesn't relegate the rest of his critical work to the wastebin of 'incompetence'. Not every sprint is a world record time, or even a victory.

GrauhutNovember 16, 2015 10:45 PM

@Holy Treasonous Logic: "You sir, are my enemy, as are any who appease brutal dictators."

Put me on your enemy list! The world would be a better, more peaceful place if Saddam were still alive doing his job. And Assad should remain in his position. Better locals teach the morons in that area some civilization, than we have to do it.


Or is the old order still to be fulfilled? Seven countries in five years?

In the special case of Syria: "Interdict the supply lines to terrorist organizations, including but not limited to those between Damascus and Beirut that permit Iran to use Lebanon as a terrorist base.

Torture MattersNovember 16, 2015 11:13 PM

The world would be a better, more peaceful place if Saddam were still alive doing his job.

It is remarkably difficult to laud the demise of "Saddam's Rape Rooms" after the revelations of how U.S. military authorities conducted themselves subsequently at Abu Ghraib and Guantanamo Bay.

US_cert_is_not_certNovember 16, 2015 11:17 PM

Very interesting that these countries have sweeping surveillance powers and computing power measured in acres yet can only catch the most rudimentary, ineffectual "threats."

In the U.S. the "experts" queued up at NPR were all marching to the same tune.... more surveillance, less freedom. Sick stuff all the way around.

Martin BonnerNovember 17, 2015 12:27 AM

I haven't read the Lawfare piece yet, but kudos for leaving the link in place, and explicitly naming the author that you felt you had misjudged. We all make mistakes, the difference is how we deal with them.

AnonNovember 17, 2015 2:39 AM

So, let me see if I have this right ...

If the government has backdoors to encryption, then the bullets and bombs of religious zeal are no longer able to harm people ?

Does this remind anyone else of a Monty Python skit ?

WinterNovember 17, 2015 2:54 AM

"Very interesting that these countries have sweeping surveillance powers and computing power measured in acres yet can only catch the most rudimentary, ineffectual "threats." "

We know the answer.

There is no science without peer review, no medical progress without trials, no food safety without tests. Volkswagen has showed the world that there is no regulation without good oversight and testing.

For quality of service in ANY of these areas, there are robust independent quality assessments. And where they are not robust, we see quality making a sky dive.

Still, we dump billions into the intelligence community, but there is absolutely no independent quality assessment.

As a result, we see a spectacular lack of quality where it counts.

ianfNovember 17, 2015 4:13 AM


Could you, "Name," please stop this mindless meme of hating Glenn Greenwald? Because “he has dropped the ball and you don't trust him at all” (BTW. WTF ball?)

Your liking or disliking him personally is neither here nor there… he is THE Conduit chosen by Ed Snowden to relay his data trove to the world, and not that blond TV bimbo you'd rather see deliver the goodies against the backdrop of the impressive rack with ample cleavage she's carrying (never did no journalist any harm). Deal with it, but preferably offline.

All that doesn't obliterate the fact, that we need someone like Bruce (ergo: why not the Bruce Himself question mark) to go to Moscow and conduct a lengthy interview with Edward Snowden, one of a more technical nature than other journos are capable of, and while the memory of his gradual counter-NSA awakening is still fresh. And then validate some red threads from that talk against the data trove, to underline the weight of Ed's (essentially) self-sacrifice for the benefit of the Western Humankind. Of which even you, the oh-so-creatively pseudonynamed Name, are a part of (unless you're a anti-GG netbot unleashed to spread that very meme, in which case I beg you to GTFOH).

ianfNovember 17, 2015 5:30 AM


@ WhiskersInMenlo “One interesting topic is the too quick identification of PlayStation 4 as a platform of interest.

I hear you're an avid PS4 user, who's gotten a whiff of a potential threat against his fave form of entertainment. In fact, were there voices to be heard to ban it "as a terrorist tool," this would be the best that could happen to counter the parallel idiot cries to ban encryption. Simply because there are far more games console users, ergo far more REALLY PISSED OFF users, than there are encryption "fanciers." So any calls to ban gaming consoles would backfire with far louder BANG! than we, the anti-anti-encryptioneers could ever muster.


@ rgaffWhat did Sony do to piss them off for them to be taking shots at the PS4?

In all probability the rumor started when some hack made the shaky connection between (being pissed off at) his overage kids playing but FPS games, and similarly aged attackers must've-been-computer-usage. PS4 et al games are an alien world to me, I don't have time to read all that I ought to, let alone what I'd want to, so I could understand such adverse feelings. Esp. because the guy reviewing "new computer games" on my telly is an overripe bleeding hippie who thinks FPS games the 9th Wonder of The World!


@ Dirk Praet (cc: @ tyr)

Today, Vladimir Putin at the G20 summit in Turkey said they knew of about 40 (fourty) different nations either directly or indirectly funding Da'esh, among which members of the G20.

Officially, no one is supporting Da'esh, but unofficially much of their oil exports are being channeled through Turkey with knowledge of the Turkish government. Quite some private parties in Saudi Arabia and the Gulf States are financing them too, but nothing is being done against them because the West simply can't afford to upset its two-faced allies in the region whose governments categorically deny all such allegations.

SANER WORDS ARE SELDOM HEARD HERE.

Taking out by air raids or cruise missiles the oil sites they control could deal a significant blow to them, but is a decision no western politician dares to make. The same goes for publicly holding accountable on the international stage those countries actively doing business with or quietly allowing the transfer of funds to them.

DITTO. One caveat though: let's not count too much on being able to deal with the delusions-of-superpower-grandeur Russia. By pure instinct, it seems that the West getting firmly behind creation of the state of Kurdistan (in places by and large formalizing the status quo), would be the best long-term solution. A country carved out of Syria, Irak, AND Turkey in the Middle East that's carving itself up anyway. The Kurds already fight for their freedom, and, being locals, have this enormous advantage of any Western boots on the ground, if by proxy.

Clive RobinsonNovember 17, 2015 5:53 AM

@ Ben Wittes made this statment,

The most one can blame Snowden for is making it far more likely that terrorists could undertake an attack like that in Paris without having their communications intercepted and decrypted.

Actually we can not go any where near that.

As Ben also points out we were warned about the "diabolical" nature of terrorists long before Ed Snowden. What he did not mention which is highly relevant is,

1, We know that in the not to distant past the Super Powers were training and arming those we now call terrorists to fight their proxy wars. Part of that training we know without doubt would have been in covert communications techniques and other OpSec / fieldcraft.

2, All and I do mean ALL the techniques and technical details that Ed Snowden's document trove revealed were known or easily deductible from well known information and first principles. All longterm readers of this blog can confirm this.

3, The only real revelations in the Ed Snowden document trove where the mainly irrelevant project code names and the eye opening scope of questionable behaviour by the IC with these projects.

Thus,

    The most we can blaim Ed Snowden for is "stating the bleeding obvious" that the majority of people did not want to face up to the reality of.

To say anything else is dishonest both intellectually and factually, and Ben Wittes should know this. If Ben disagrees I would be interested to see his rebuttal.

Dirk PraetNovember 17, 2015 8:46 AM

@ ianf

By pure instinct, it seems that the West getting firmly behind creation of the state of Kurdistan (in places by and large formalizing the status quo), would be the best long-term solution.

It's not going to happen. In the course of history, the Kurds have been betrayed time and time and again by the West and there is no way in hell Erdogan is ever going to allow the rise of an independent Kurdish state next to or even including parts of Turkey. And he's got the perfect leverage, i.e. the threat of flooding Europe with millions of additional refugees by making life in Turkey impossible for them. And for which not a lot is really needed.

As to Russia, The Assad regime is pretty much their only ally left in the Mediterranean, and Putin knows that they're not going to keep bases like Tartus when the country gets taken over by either Da'esh or a US puppet regime. Which explains their maverick attitude. They don't suffer from the same constraints the West does by not having to answer to the powers that be in Turkey, Saudi Arabia and the Gulf States. When you know you have everyone against you anyway, you just do what you need to do. Something the Israelis are not entirely unfamiliar with either.

When you come to think of it, teaming up with Putin is actually the logical thing to do if we really want to get rid of Da'esh. Officially, no one will complain, and unofficially the West can blame the Russians for any unwanted side effects or collateral dammage. The only problem here is the perceived loss of face for the US that it took the Russians to step in and a delay in the removal of Assad. The proponents of the surveillance state even in this scenario can then still further their plans by setting up a couple of patsies for a false flag operation which "anonymous officials" with the help of mainstream media can then link to Da'esh sleeper cells or a hitherto unknown AQ affiliate.

B613November 17, 2015 9:34 AM

The Disturbing Trend of Western Intelligence Leaders Not Listening to Intelligence

re:

http://www.nytimes.com/2015/11/17/us/after-paris-attacks-cia-director-rekindles-debate-over-surveillance.html
http://www.nytimes.com/2015/11/17/world/europe/encrypted-messaging-apps-face-new-scrutiny-over-possible-role-in-paris-attacks.html

the attack:

On Monday, in unusually raw language, John Brennan, the C.I.A. director, denounced what he called “hand-wringing” over intrusive government spying and said leaks about intelligence programs had made it harder to identify the “murderous sociopaths” of the Islamic State.

the attack:

Michael V. Hayden, a former director of both the N.S.A. and the C.I.A., said collecting phone logs did no harm and might, in the rare event of a major plot, have done good. The program was designed, he said, to foil a Paris-style plot — “unknown people inside the homeland who are communicating with terrorists abroad.”

the attack:

Jan Jambon, Belgium’s federal home affairs minister, told a public audience last week that “PlayStation 4 is even more difficult to keep track of than WhatsApp,” a popular messaging system owned by Facebook.

the defense, against the Belgian:

But if that was the case, it would undermine the argument that end-to-end encryption allowed the Paris terrorism plot to go undetected. While PlayStation and Xbox deploy encryption to protect customers’ personal data like credit card information, it leaves their communications open to government interception in ways that WhatsApp and iMessage do not.


the defense, against the Americans:

So far, Mr. Obama has been reluctant to insist on a back door into the systems. He rejected the argument of the F.B.I. director, James B. Comey, that the United States should require any company that provides encrypted software and hardware to engineer a way for the government, armed with a court order, to get access. That decision came after a year of study led by the White House counterterrorism adviser, Lisa Monaco, and the head of the White House cybersecurity office, Michael Daniel.

The White House ultimately adopted a view put forth by 14 of the world’s top cryptographers and computer security experts who wrote, in a white paper, that weakening the encryption of American technology sold by companies like Apple, Google and Facebook would only render confidential data and critical infrastructure more vulnerable to criminals and national adversaries, and push terrorists to adopt encrypted services sold overseas. As a result, when companies like Apple and Facebook are issued court orders to help governments monitor their customers’ messages, all they can do is turn over a stream of unintelligible code.


This is a very bad trend in Western intelligence. Where the pundits, the intelligence leaders, do not listen to their own experts.

All of their intelligence resources: human power, electronic, everything under them -- is useless if they refuse to heed it.

They are being shown up by NY Times reporters.

NY Times reporters have better intelligence then all of them collectively.

Should this still be a trend post-Iraq War disaster? Post OPM hack?

They are showing, for whatever reason, they do not have the capacity to honestly reason.


Who?November 17, 2015 10:18 AM

Intelligence agencies blame strong cryptography and Snowden for the Paris attacks? I blame intelligence agencies of conducting economic spying and blindly collecting information about innocent citizens instead of focusing on what really matters: tracking terrorists.

Don't worry about demanding back doors. I would say France will solve this soon. It is just a matter of time for France signing an European-flavour of the Patriot Act. Let us see...

CallMeLateForSupperNovember 17, 2015 10:21 AM

Wittes, in lawfareblog:
"Evidence that terrorists were, in fact, using strong end-to-end encryption to kill people could be game-changing in a debate that has heretofore been defined by anxieties about NSA."

Possibly, but there is no natural imperative that that path must be taken. Bad Guys learn and adapt over time, just like everyone else. New tools and methods become available over time. I opine that The Terrorists would have adoped e.g. WhatsApp A DECADE OR MORE AGO, had it existed then. It didn't then; it does today; apparently they use it. They simply are doing their job, as nasty as that job is. I don't believe for a second that The Terrorists needed a boot in the butt from Snowden to peruse new COMSEC tools and try out a few.

TLAs and certain retired has-beens are using Paris to (1) stoke the flames of demonization under Snowden (2) reintroduce the tired claim that America cannot be safe unless and until TLAs can Read Everything and (3) deflect attention from themselves for having once again failed to prevent killings by The Terrorists

Have a look at DIA's annual budget, and weep. Despite the money, the world has endured Spain and London, and France (twice), and on and on. In every case, police and intelligence moved quickly ... but always after the gunfire and explosions, after the terror, after citizens became statistics. Tapping the internet and filtering the intake isn't working. You want a game-changer? Put a full-court press on a debate about *that*.

NotYouAgainNovember 17, 2015 10:41 AM

Not to lower Glenn Greenwald's article - it is brilliant and very well researched - but _this_ is the discussion we should be having instead of whether or not Snowden/encryption/whoever is to blame for this shameful attack on Parisians.

http://www.theguardian.com/commentisfree/2015/nov/16/isis-bombs-hostage-syria-islamic-state-paris-attacks?CMP=share_btn_tw
"While we are trying to destroy Isis, what of the 500,000 civilians still living and trapped in Raqqa? What of their safety? What of the very real prospect that by failing to think this through, we turn many of them into extremists? The priority must be to protect these people, not to take more bombs to Syria."

Clive RobinsonNovember 17, 2015 10:44 AM

@ Dirk Praet,

Like you I deam it unlikely that the Turks will alow a Kurdish state.

Not just politicaly but economicaly. Turkey is "sucking of the teat of terrorist oil" and geting fat by it.

For some reason the press are not overly big on this effective "sanctions busting", but some business analysts are asking the question of "If oil is flowing out, what is making the return journey and who is supplying it?". There have been several suggestions of "what" but the "who" in most cases is "The Chinese"...

@ B613,

Speaking of off hand business analyst chat...

A question that was realy more of a statment that went around the "standing room only liquid lunch stop" as it were, "If the OPM hack was a significant knock back for the US encryption front door lobby, just how convenient for them has the Paris attacks been?"... One reply was "Apart from it was in the wrong country, it could not have gone better if they had planned it." Another voice suggested that in fact France was actually the ideal country even including their more oppressive surveillance, because "... it gives a free get out of jail card for the failure of less oppressive surveillance, thus an easy in for an even bigger budget allocation". The conversation moved on to who would best benifit from such largesse and the attendent investment opportunities in secondary suppliers... Perhaps oddly one name that came up was one that has been closely associated with Apple products in the past...

NotYouAgainNovember 17, 2015 10:47 AM

One more quote and then I'll stop. It is from the same article by Nicolas Hernin, a French journalist who was held hostage by ISIS for ten months and released last year in April.
"Central to their [ISIS] world view is the belief that communities cannot live together with Muslims, and every day their antennae will be tuned towards finding supporting evidence. The pictures from Germany of people welcoming migrants will have been particularly troubling to them. Cohesion, tolerance – it is not what they want to see."

Who?November 17, 2015 11:06 AM

...food for thought: if Paris attacks can be blamed on strong cryptography and Snowden leaks... what happened on Boston marathon bombing one year earlier?

GrauhutNovember 17, 2015 11:10 AM

@Snowden: "European sources" said they were blind. They have to, because otherwise they would have had to say "We knew them but civil rights and laziness kept us from acting in time".

"European officials said they believed the Paris attackers had used some kind of encrypted communication, but offered no evidence. “The working assumption is that these guys were very security aware, and they assumed they would be under some level of observation, and acted accordingly,” said a senior European counterterrorism official who spoke on the condition of anonymity to discuss confidential information."

https://www.bostonglobe.com/news/world/2015/11/15/paris-attackers-communicated-with-islamic-state-officials-say/OSMOkugPRwuECW0UroND2J/story.html


"Working assumption some kind of encryption" means all that sniffing did not work. And crypto is already banned in France.

Seems the western IC wants to get rid of encryption because it means too much work and costs for them.

CallMeLateForSupperNovember 17, 2015 12:35 PM

@Anon "Does this remind anyone else of a Monty Python skit?"

Heh! Are you accessing my daydreams? Stop that!

Truth be told, each time the tired refrain makes-our-job-harder or if-you-have-nothing-to-hide or front-door-access-can-be-managed revisits us like a bad cold, I am put in mind of the Norwegian Blue (dead parrot) skit. Empirical evidence versus unsubstantiated claims.

John E. QuantumNovember 17, 2015 12:37 PM

A potential solution to the issue of terrorists using strong encryption that should appeal to all politicians and law enforcement agencies- require anyone engaging in terrorism to first obtain a permit from a world-wide consortium of intelligence agencies. Issuance of the permit would come with a private key to be used in encrypting all the terrorist group's communications. This would solve many problems and the fees generated by the permits could fund research into why people can't just get along.

patrickNovember 17, 2015 12:47 PM

this has probably been said here before, but I do not think the issue is just about cryptography.

On a higher level it is about the government's right to spy and create dossiers on anyone and everyone as they deem fit and necessary.

As such this modern spying is more like a version from ye old Soviet Union.

@ianf


All that doesn't obliterate the fact, that we need someone like Bruce (ergo: why not the Bruce Himself question mark) to go to Moscow and conduct a lengthy interview with Edward Snowden, one of a more technical nature than other journos are capable of, and while the memory of his gradual counter-NSA awakening is still fresh

I for one would like to see a deeper technical analysis of NSA's supposed capabilities.

For now it just looks like we have been given the sort of introductory power-point slides that are used for informing management-type folks.

If Snowden actually even has any really technical documents then it would be great to see an analysis on those.

B613November 17, 2015 12:54 PM

@Clive Robinson

I had not looked at polling, that is disappointing to hear that this will actually really give them traction. But, their message gains ground by fear, not by truth and reason. So what can one expect from unreasonable people?

I just watched Fargo on my lunch break, and there was this perfect line, "You know, they won't stop until your dead". That is the exact same situation here, and these leaders know it. ISIS won't stop committing terrorism abroad until they are dead.

But understanding that requires people who are interested in listening to fair and honest reasoning.

And they won't do it. They won't strike ISIS hard and fast, now. It would interfere with their plans. They need that terrorism to fuel their agenda. They have it guaranteed by letting ISIS fester.

It looks like a 'no lose' for them. They can just claim they did not know, or could not do anything. I think, however, they will get shown up for exactly what they are.

B613November 17, 2015 1:11 PM

@patrick


this has probably been said here before, but I do not think the issue is just about cryptography.

On a higher level it is about the government's right to spy and create dossiers on anyone and everyone as they deem fit and necessary.
As such this modern spying is more like a version from ye old Soviet Union.

That is everyone's underlining concern, I believe.

It does aid terrorism, because they are putting their resources into these systems, instead of targeted strategies.

They also aid terrorism by creating and maintaining conditions ripe for terrorism to fester. Good example is how they created the conditions for ISIS, and have let ISIS fester and ripen. They are doing that right now. ISIS is an iron hot to strike, but if they strike it, it will mean less terrorism and so less budget for their dreams of power.

Total surveillance gives total control. Politicians, law enforcement, intelligence, corporate, military... everything.

Stalin or Hitler never could have had it so good.

And these Western nations are hot vehicles. How they would love to own them.

Destabilizing Iraq, Libya, Egypt... these are not moves you make to win. They are cutting open sores so they can fester and bleed.

Technically, their ideas are painfully stupid and unreasonable.

But, what is important is that they are continuing on such a consistently strong destructive path without altering course.

I do not believe anything will divert their path, however. They won't be satisfied just as ISIS won't be satisfied. One can observe and look closely to watch the dominoes tumble. One can look about and see where they will tumble below. But, there is nothing anyone can do about it at this juncture, except to continue to judge rightly and speak as they believe.


Distributed DissentNovember 17, 2015 1:43 PM

@ianf

Could you, "Name," please stop this mindless meme of hating Glenn Greenwald? Because “he has dropped the ball and you don't trust him at all” (BTW. WTF ball?)

Your liking or disliking him personally is neither here nor there… he is THE Conduit chosen by Ed Snowden to relay his data trove to the world, and not that blond TV bimbo you'd rather see deliver the goodies against the backdrop of the impressive rack with ample cleavage she's carrying (never did no journalist any harm). Deal with it, but preferably offline.

Way to dismiss a real subject of discussion at the same time as bringing up the subject of bimbos. You reak of fascism. 'The Ball' was the exfiltrated data. That ball got handed off YEARS AGO.

All that doesn't obliterate the fact, that we need someone like Bruce (ergo: why not the Bruce Himself question mark) to go to Moscow and conduct a lengthy interview with Edward Snowden,

Yes, we all know the quality of journalistic excellence coming from the warm and fuzzy free speech friendly environment of Russia.

It's not that Glenn Greenwald dropped the ball. It's that he's hogging the ball, when we need a much more distributed dissent. Distributed Dissent is what prevents the unlikableness of Greenwald, or any individual for that matter, from screwing up an issue of tremendous importance.

Dirk PraetNovember 17, 2015 3:02 PM

@ NotYouAgain

"Central to their [ISIS] world view is the belief that communities cannot live together with Muslims"

It's actually the other way around. What they believe is that "real" Muslims cannot live together with kafirs and apostates, and that they should all convert to the religion of the one true God or be killed. The way Hernin is putting it is the standard story used by hate preachers and on social media to recruit disenfranchised, gullible youths suffering from victimisation syndrome and a general lack of purpose or perspective in their lives.

While we are trying to destroy Isis, what of the 500,000 civilians still living and trapped in Raqqa?

The nail on the head. Absent boots on the ground, there's only two options: accepting massive civilian casualties or allowing the Da'esh C&C centres in Raqqa and Mosul to survive and thrive. Air raids alone cannot solve the situation. Everyone in the military knows that. It's gonna be a very tough call no politician at this time is willing to make for fear of going down in history the same way as Bush, Blair, Cheney and Rumsfeld. So they just stall, which has now been going on for about five years.

@ Grauhut

“The working assumption is that these guys were very security aware, and they assumed they would be under some level of observation, and acted accordingly,”

But that is ... pure GENIUS! Any twelve year old with half a brain could probably have come to the same conclusion.

@ Clive

There have been several suggestions of "what" but the "who" in most cases is "The Chinese"...

Not just the Chinese. Some trails are also leading to Lebanon, Iran and even Western companies using Turkish and other front-ends.

GrauhutNovember 17, 2015 3:46 PM

@vas pup: "Directly on subject: http://www.bbc.com/news/technology-34842854"

Funny, either the BBC reporters are dead stupid and did not check what they were told or they willingly dropped that bad "Surespot advice". :)

Surespot is canary dead.

https://www.techdirt.com/articles/20150610/15150231298/encrypted-messaging-service-stops-answering-warrant-canary-questions-suggesting-fbi-others-are-seeking-user-info.shtml


Peter Sommer, the interviewed specialist, does a lot of .gov cyber work, so its imho fair to assume he knew about this broken canary.

http://www.pmsommer.net/page9a.html

GrauhutNovember 17, 2015 3:57 PM

@Dirk: "But that is ... pure GENIUS! Any twelve year old with half a brain could probably have come to the same conclusion."

Of cause. Even terror sheik OBL knew a decade before the Snowden affair what to let be. :)

rgaffNovember 17, 2015 5:25 PM

@Grauhut

No no no... OBL's avoidance of all technology was JUST BECAUSE of Snowden... didn't you know he built a time machine and traveled to the future to figure it out? There's no way he could have known anything except via Snowden... er... um... I mean... wait... Snowden is not a god... hm.....

ianfNovember 17, 2015 6:02 PM


@ Dirk Praet

By pure instinct, it seems that the West getting firmly behind creation of the state of Kurdistan (in places by and large formalizing the status quo), would be the best long-term solution.

    I's not going to happen. In the course of history, the Kurds have been betrayed time and time and again by the West and there is no way in hell Erdogan is ever going to allow the rise of an independent Kurdish state next to or even including parts of Turkey.

You're right—but then comes the but…

• I said it was instinct, the heart talking.

• Kurds HAVE been betrayed, yet persist.

• Erdogan & his party aren't eternal

• The Turks as a nation may wise up & make up their collective mind if they want to keep the Atatürk ideas alive, or de-secularize further still.

• It may come to the West's AND Russia's needing to choose between obstinate two-faced Turkey unable to contain Da'esh, and the Kurds holding it at bay & willing to expand the ops IN EXCHANGE for U.N.-mandated statehood. Stranger things have happened… so, are you absolutely certain this simply can't happen?

If you still are, add this highly speculative, but not unthinkable factor: faced with Da'esh territorial successes, Israel reaches out to the Kurds in both covert and overt ways, and puts all its Washington D.C. weight behind their statehood aspirations. Stranger things have happened inside the Beltway, and the Kurds, like the Muslim Druses, are not a threat to the Israelis. I repeat the RHETORICAL question: are you absolutely certain this simply couldn't happen?

Erdogan's got the perfect leverage, i.e. the threat of flooding Europe with millions of additional refugees by making life in Turkey impossible for them. And for which not a lot is really needed.

For now, yes. Should that happen & the Fortress Europe already is under way, however, the Europe may go for Tony Abbott's simpleminded offshore solution, albeit [perhaps] one with a military twist to it: EU leases a few Greek islands near the coast of Turkey, ships Syrian refugee mothers and children to some of them, and all able-bodied men and women to another island-giant military boot camp for Syrian freedom fighters. You want a free, democratic country? Fight for it, don't expect us to do it for you.

If it comes to that, do you really think that, faced with such newly-belligerent West + Kurds in the east + Israel down south scenario, the Erdogan/post-Erdogan Turks will sleep soundly at night, knowing well how easy that newly-trained guerrilla forces can spill over their borders? It's a fine balance, and they'd better not overplay their hand when dangling the continuing flood of refugees over Europe (once bitten, twice shy).


@ Distributed Dissent: […] “Way to dismiss a real subject of discussion [=harping away at Greenwald] at the same time as bringing up the subject of bimbos. You reak of fascism.

For consistency's sake accuse me of (ræking of) fæscism, but, before that, perhaps you could look it up in Wikipedia? WAIT! I'll prelink it for your convenience, done, save your fingers some walking. After familiarizing yourself with that concept, would you like some time off to come up with a new ad-hoc descriptor of humble me?

we all know the quality of journalistic excellence coming from the warm and fuzzy free speech friendly environment of Russia.

WTF is that supposed to mean? All the interviews that I've read or seen on TV were done by Western journos who either went there to do Snowden face to face, or talked to him over Skype. Ed himself regularly lectures at American universities in this fashion, and so far I haven't heard a bad word against that from anyone. Both CIA & FSB know what he's saying, and he's pretty straightforward on Russia not being his choice billet. But of course, there always have to be one iconoclast somewhere, to cut down a celeb to size.


@ patrick […] “it looks like we have been given the sort of introductory [Snowden-data trove] power-point slides that are used for informing management-type folks.

There's nothing preventing you, or any dissenting can't-wait besserwisser, from convicting GG of your expertise and willingness to study the papers to speed up their disclosure. It's only the imaginary entitlement brigade here like that "Name," and "Distributed," that chose to harp on GG because, see, they'd do it SO MUCH BETTER. Well, tough titty they weren't around when Ed Snowden went shopping for a conduit.


If Snowden actually even has any really technical documents then it would be great to see an analysis on those.

Repeating the obvious. Noted.

Dirk PraetNovember 17, 2015 7:36 PM

@ ianf

are you absolutely certain this simply couldn't happen?

With the exception of death and taxes, there are no certainties in life. But no, I still don't think it's going to happen.

In the light of the recent election results, Erdogan is now free to further reform Turkey, drawing ever more power to himself and continue on the path of de-secularisation. He doesn't care about Da'esh as long as they don't threaten Turkeys borders and is even more than happy to do business with them. On top of that, they keep the Kurds busy, so what's not to like?

The man and his party have been in power for quite a while now and with his new mandate, it doesn't look like the Turks are going to "wise up" anywhere soon.

As to Israel, it really is not in anyone's interest that they would get dragged into the ongoing conflicts in any way. I wouldn't even be surprised if the US are paying them off big time to certainly not intervene anywhere in any way. If ever Da'esh would make it to their borders, US boots on the ground would be there in a jiffy for fear of Bibi Netanyahu taking matters into his own hands. US help is always only a phone call away, so why would they bother with the Kurds as a middle man?

however, Europe may go for Tony Abbott's simpleminded offshore solution

Abbott's plan is so completely braindead that it may actually work. But not in its current incarnation. The majority of Syrian refugees are families who've seen enough war and bloodshed and where little enthusiasm can be found. It would make much more sense to enlist Afghans, Iraqis, Somalis, Pakistanis and Africans, most of whom are single and able-bodied young men in search of a brighter future. Instead of turning them down and being stuck with them anyway because their countries of origin refuse to take them back, I'm pretty sure many of them could be recruited for such a task in exchange for a resident permit in Europe or somewhere else.

It's kinda funny you mention it as I was actually discussing the very subject with a an old friend of mine in the British military over a couple of drinks a little while ago.

HenryNovember 17, 2015 7:47 PM

@ Grauhut

"Of cause. Even terror sheik OBL knew a decade before the Snowden affair what to let be. :)"

I think this is what pisses off security pro's because it took away fall sense of security under which they operate. Many pissed off, by Snowden, people out there and it shows in their commentations. Binny also appear miffed by this and for good reasons.

No FilterNovember 17, 2015 8:13 PM

@DP

Absent boots on the ground, there's only two options: accepting massive civilian casualties or allowing the Da'esh C&C centres in Raqqa and Mosul to survive and thrive. Air raids alone cannot solve the situation. Everyone in the military knows that. It's gonna be a very tough call no politician at this time is willing to make for fear of going down in history the same way as Bush, Blair, Cheney and Rumsfeld. So they just stall, which has now been going on for about five years.

Thing is though, Obama is black. I think it matters.

Dirk PraetNovember 17, 2015 8:14 PM

@ Henry

I think this is what pisses off security pro's because it took away fall sense of security under which they operate

I don't think you quite got @Grauhut's sarcasm here. AQ & co. were well-aware of their communications being listened into way before Snowden. As your statements reveal little understanding of the issue, please tell us what line of work you're in. I somehow doubt it's got anything to do with security.

OutspelledNovember 17, 2015 10:21 PM

@ianf


“we all know the quality of journalistic excellence coming from the warm and fuzzy free speech friendly environment of Russia.”

WTF is that supposed to mean? All the interviews that I've read or seen on TV were done by Western journos who either went there to do Snowden face to face, or talked to him over Skype. Ed himself regularly lectures at American universities in this fashion

It means that regardless of everything I've heard from Snowden in the past 26 months, if France were to grant him asylum, and Russia cooperated thusly with its 'ally', I would listen very closely to what he says once no longer under the jurisdiction of Moscow.

JonNovember 17, 2015 11:42 PM

@ Dirk Praet y ianf

The terrorists may have used encryption. They certainly used guns.

I'm in the USA. There will be (already have been) cries to ban or severely limit encryption. Think there will be similar cries about firearms?

Heh heh heh.

J.

WinterNovember 18, 2015 5:00 AM

@DP
"Absent boots on the ground, there's only two options: accepting massive civilian casualties or allowing the Da'esh C&C centres in Raqqa and Mosul to survive and thrive. Air raids alone cannot solve the situation. Everyone in the military knows that. It's gonna be a very tough call no politician at this time is willing to make for fear of going down in history the same way as Bush, Blair, Cheney and Rumsfeld. So they just stall, which has now been going on for about five years."

Have you considered the fact that it was "boots on the ground" in Iraq that created ISIL?

http://www.todayszaman.com/diplomacy_isil-top-command-dominated-by-ex-officers-in-saddams-army_396071.html

It is the willful destruction of the Iraqi state, the firing of all the civil servants, and the decommissioning of the Iraqi army, followed by the Shiite oppression of Sunnite people that created the ISIL armies and state.

After the utter failures (and hundreds of thousands of deaths) of the "boots on the ground" in Iraq and Afghanistan, the "American People" demand more of it?

How was it about people who think repeating the same same thing over and over again expecting different results?

GrauhutNovember 18, 2015 5:34 AM

@Henry: "I think this is what pisses off security pro's because it took away fall sense of security under which they operate."

OBL is an enigma yet to be solved by historians.

If OBL once was an asset, maybe he knew too much because snooped evidence was presented to him.

Marcos El MaloNovember 18, 2015 8:30 AM

Disclosure: as some of you already know, I'm far from a professional security practitioner. I'm an interested layman with mostly a humanities/liberal arts background. I'd like to think I'm a quick study however.
------–---------
@Dirk Your recruitment idea reminds me of that Elvis Costello song, Oliver's Army. Just substitute "sand" for "white" maybe?

@Jon I think we might make some progress if we frame encryption as a 2nd Amendment right issue. There is already the precedent of it being classified as a weapon (for purposes of export control). Using encryption certainly falls within the spirit of the 2nd Amendment.

----------------
Other stuff: Does anyone deny that for most practical purposes, the Republic (or what have you) of Kurdistan exists? UN/International recognition and formal diplomatic ties might be a long time coming, but the essential elements of nationhood are already in place and operational, and taken as a unified whole (which maybe we shouldn't, more on that in a moment), they already have implicit unspoken recognition. Depending on how things shake out in Syria, it could happen a bit sooner than we think. Now, regarding Turkey, it gets more Byzantine (pun intended). The Kurds are not really completely unified; there are rival political factions each with their own militia. I could see Turkey cutting a deal with one group to betray the PK faction in exchange for formal recognition. Continuing in this speculative mode, we could see an airlift (or truck lift, as it were) of Turkish Kurds to the now recognized Kurdish homeland. Echoes of Israel, no? Stranger things have happened.

Regarding Snowden, he confirmed what many already suspected or operated with as an assumption. As for myself, I had to stop rolling my eyes at what I used to think as the paranoid fantasies of the tinfoil hat crowd. Turns out they were right about a lot of things and it behooves me to keep an open mind. I will still roll my eyes at those that believe the WTC was packed with explosives on 9/10. I'll entertain the idea that it was a "false flag operation by inaction", however.

Dirk PraetNovember 18, 2015 9:32 AM

@ Winter

Have you considered the fact that it was "boots on the ground" in Iraq that created ISIL?

No argument whatsoever there. If you go back on this blog, you'll see that's what I've been saying all along. And despite frantic opposition by our man @Skeptical who has been persistently absolving the US and its minions from any wrongdoing, laying the full blame with the Maliki government and Europe's colonial past in the area instead.

So let me be very clear: the Iraq war was started under false pretext by the war criminals Bush, Blair, Cheney and Rumsfeld with regime change and control over Iraqi oil fields as its sole purpose. The invasion was a disaster from the onset till the end and left the entire country in shambles, giving rise to Da'esh both in Syria and Iraq. Having learned exactly nothing, the scenario was then repeated in Libya.

We should however not be blind: contrary to Saddam, Da'esh today does constitute a real and imminent danger - another point I totally disagree with @Skeptical about - that, if left alone, will continue to spread throughout the Middle East and Africa. And contrary to Iraq, there's an entire population - millions of which on the run - screaming for the international community to intervene.

None of my military contacts believe a war against Da'esh can be won in the traditional sense of the word, but most of them are convinced they can be significantly weakened by destroying their C&C structure, taking out the leadership, cutting off their supply lines, taking back their principal strongholds and bleeding them dry financially. Unfortunately, this is not going to happen without forces on the ground.

As no single nation - and for good reasons - is willing to take that decision, the only way forward is by a UN-sanctioned intervention by an international coalition involving all stakeholders, and for which everyone will have to put aside his or her "national interests". The Franco-Russian collaboration is a good start. If only we can now get the US to play ball too and abandon its stupid regime change doctrine, then maybe we can finally get somewhere and after the defeat of Da'esh bring Syria under UN control until such a time that all factions have laid down their arms and have agreed upon a workable balance of power between all domestic parties involved.

Dirk PraetNovember 18, 2015 9:47 AM

@ Marcos El Malo

Your recruitment idea reminds me of that Elvis Costello song, Oliver's Army.

I know the song. Read up a bit on the history of the French Legion. In a distant past, many enlisted because they were on the run or had nowhere else to go. Which is the same for many economic migrants today that do not fall under the Geneva Refugee Convention. As long as nobody's forcing them, it could be a valid way out. I know I'd consider it.

Walks With CrowsNovember 18, 2015 10:25 AM

@Marcos El Malo

Regarding Snowden, he confirmed what many already suspected or operated with as an assumption. As for myself, I had to stop rolling my eyes at what I used to think as the paranoid fantasies of the tinfoil hat crowd. Turns out they were right about a lot of things and it behooves me to keep an open mind. I will still roll my eyes at those that believe the WTC was packed with explosives on 9/10. I'll entertain the idea that it was a "false flag operation by inaction", however.

For every person there is: 'what you *can* believe', and then there is 'what you *want* to believe'. Understanding this and learning to get around it is a truly daunting task. It is most important, however, for those who take very seriously 'what they believe'.

The story of the secrets of mass surveillance are not that difficult to believe. Evidence was already out there, Snowden was not the first whistleblower. But, the previous whistleblowers were discussing the matters in more technical ways, so that material was more 'arcane', 'obscure'. Difficult to find, difficult to understand. And then, there was the plethora of circumstantial evidence one would have to be familiar with: US government historical relationships with telcos; US government domestic and foreign intelligence histories; current top secret US government layouts, budgets, behaviors; and, so on.

To even get close you have to dig into a bunch of really obscure material.

There are a lot of good released material out there. But, where is it?

"Conspiracies", so what the CIA calls "tradecraft", the KGB (SVR/FSB) calls "maintaining the conspiracy". Intelligence, like organized crime, is actually all about conspiracies. But, what is realistic? What is possible? How do these normally work? You would have to scour the non-fiction section for that. There is a lot of great material out there, as long as you avoid the sensationalist, highly biased crap.

The best is in autobiographies. There are a lot of solid ones from Cold War spies, from both sides of the fence. Perhaps, especially, on the other side, as they felt freer to come forward. So much of that is gone. And they give a lot of details about this side of the fence. Because it isn't top secret for them.

Then, there are hard cases, where spies have been caught, operations revealed, or information finally declassified.

A lot of this makes it into fiction, and into cinema. So, it can be difficult to navigate, because legends, myth, fictional stories loosely spread about tiny bits of truth mixed with fiction in order to try and tell the story. Or a story.

Often, even the best true stories which have made it into film has had to have facts changed to make it believable. Because the truth would sound too implausible, too difficult to believe.

All that said, never assume that there is nothing out there which does not go on which is well beyond your capacity to believe it, even if you were told.

Double negative there, intentional.

GrauhutNovember 18, 2015 12:07 PM

@Jacob: What a lyar! :)

"First, ISIS went to school on how we were collecting intelligence on terrorist organizations by using telecommunications technologies. And when they learned that from the Snowden disclosures, they were able to adapt to it and essentially go silent … And so, part of their rise was understanding what our capabilities were, adjusting to them so we couldn’t see them. No doubt in my mind. And the people who say otherwise are just trying to defend Edward Snowden."

OBL knew a decade before the Snowden affair how to behave in communications in order not to get get captured.

But IS/Daesh had to learn it from Snowden, OBL was unable to teach them! :)

Clive RobinsonNovember 18, 2015 12:12 PM

@ Dirk, Jacob,

The rise of IS is something that happens every century or so, it's the old Caliphate con, the equivalent of the old European King game of absolute power direct from God through a single individual, thus not capable of wrong etc etc no matter what the actions may be.

To any psycho/sociopath it's a heady drug, as it is to those who serve faithfully without question.

The problem is the "I'm a jealous God and will not abide any other to exist", which is a licence to kill unbelivers and earn not just a place in heaven but immortality of name and action in the memory of generations to come.

In the past any such uprising was swiftly put down and shown to be a sham / false belief by the untimely exit from the mortal coil of the faux godhead. Either by others of the same sect or other sects of the faith, or by non believing infidels.

Part of the reason the put downs could be fairly easily accomplished was the lack of technology, not just to spread the word but to carry out the supposed "Command of God" through the emissary on earth, but in weaponary, transport, logistics etc. After all there is only so far you can travel with a sword, pockets of dates and skin of water, before even the effects of hashish can nolonger help thin your blood sufficient to flow in your veins.

Every act of agression non believers take makes for more martyrdom, thus more stories to addle the brains of those lacking a moral compass. Every non believer that exists is an afront to the godhead, a challenge that must not nor can not be ignored.

Thus bombing is contra indicated not just now but for all future reoccurring apperances of the Caliphate idea. Anything more forcefull will not be acceptable to the citizens of much of the rest of the world, which is problematic as those of the caliphate will view it not as moral strength but pathetic weakness, which almost certainly embolden them to further acts of barbarity.

The solution is I suggest difficult, but history gives us leasons. In the past the effective issolation and denial of resources served to limit what a Caliphate could accomplish.

Thus destruction of all communication both electronic and physical will close down their reach and thus influence. Destruction of docks, ports, runways and roads in or out of the area and "salt the earth" for a hundred miles around. Likewise all radio, cables etc, it will be to their benift, they do after all wish to live in a pre-medieval idil of their own imaging. Thus give them there wish and any others who are enthralled by them a one way ticket to join.

Perhaps of more relavence is the issue of the "moral compass" the lack of which in the young makes for their easy radicalization. The route cause is unfortunately down to a strongly patriarchal society, where choice is accept the patriarch's edict or be effectively cast out. Rather than go through the pain of developing a moral compass it is easier to supplicate to another strong leader, with tales of wrongs to feel hate and thus vengence for and thus to the ideas of making a difference via martyrdom...

It is a mess the resolution of which needs to start with recognition of the problem. Something the Wests politicians give every appearance of not wanting to happen, nor to allow to happen in those closest to the problem. History teaches us social change is rarely rapid, but with support and buyin can happen within a lifetime.

What is without doubt is that the old military "quick fixes" nolonger work, and can not work in a modern integrated society, where interdependence is global not national in scope.

JacobNovember 18, 2015 1:39 PM

Got to comment on the following news item from The Telegraph:

----------------------------
" Cousin of Abdelhami Abaaoud, the suspected mastermind of 13 November's Paris attacks, reportedly blew herself up on 18 November in a police raid on a flat in Saint-Denis.

Aitboulahcen had been under "triple surveillance" from French intelligence, judges and the police for drugs running and terror activities, according to police sources. Detectives reportedly swooped on the Saint-Denis flat after listening in on her communications. "She had offered her services to commit terror attacks in France," but had never travelled to Syria or Iraq," sources told French TV channel iTele. Aitboulahcen was the director of a building firm called Beko Construction, set up in 2011 at Épinay-sur-Seine. The firm went into liquidation in 2014"
-----------------------------------------------------------

What we have here is a woman who was in the business of "Terrorist-For-Hire", with a substantial experience in illicit activities (being surveilled by 3 agencies is not something to sneeze at).
So this professional, who also had a suicide belt hanging in her closet in case this newly formed business would also get liquidated, but now by a SWAT team, did her communication *unencrypted*.
I just can't reconcile this with the claims by the DNI/NSA/CIA /FBI heads saying that after Snowden everybody went "dark".

Bible BurnerNovember 18, 2015 1:44 PM

"Thus destruction of all communication both electronic and physical will close down their reach and thus influence."

Cheeky. The War On Badthink.

SteveNovember 18, 2015 1:51 PM

From NYT, http://www.nytimes.com/2015/11/19/world/europe/paris-attacks.html

"A French official who was briefed on the investigation but was not authorized to discuss it said that a cellphone found in a trash can near the Bataclan concert hall, where 89 people died on Friday, had led the police to the Alfortville hotel. The phone contained a text message — “on est parti on commence’’ — that loosely translates as “here we go, we’re starting” or as “we have left, we’re starting.”

Looks like they weren't (were not) using encryption.

ianfNovember 18, 2015 2:50 PM


@ Dirk Praet (cc: @ Marcos El Malo)

You can't be serious with this as a solution to defeat Da'esh in Syria.

In a distant past, many enlisted [in Legion Étrangere] because they were on the run or had nowhere else to go. Which is the same for many economic migrants today that do not fall under the Geneva Refugee Convention [your "Afghans, Iraqis, Somalis, Pakistanis and Africans, most of whom are single and able-bodied young men in search of a brighter future”]

First of all: that was then, this is now.

Secondly: these are the people that you'd expect to fight for native Syrians' freedom, when their own countries are just as unfree as today's war-torn ME? Or do you mean that EU would underwrite a soldier of fortune army for each of the affected regions.

There's no point in us speculating over possible FUTURE development scenarios in Turkey and in (the de-facto state of) Kurdistan, but let me just tell you that I keep hearing more and more of individual Western countries debating AND then abetting the Kurds with ordnance, training advisors & health infrastructure/ field hospitals personnel (then again, I wonder who's learning from whom there). Because, warts 'n all, perhaps they seem like the more hardy and dependable future bulwark-ally against the encroaching East of the two. They're enough of a thorn in Turkey's side to keep it in NATO, rather than ally itself with "their Arab brethren."

Also, remember this: Erdogan is not the colossus he thinks he is, may be here today, gone tomorrow. Stranger things have happened in the past. As Jack Nicholson said at the end of the movie, here paraphrased: "Don't go there. It's Levant-town."


Abbott's plan is so completely braindead that it may actually work. But not in its current incarnation. The majority of Syrian refugees are families who've seen enough war and bloodshed and where little enthusiasm can be found.

Well, tough luck. It's either fight for your country with our training and support, or you can take the 14:30 boat back to the mainland under armed escort. It is actually more preposterous to think that Europe can take and resettle all 4M or whatever the number of Syrian refugees, than such a Plan L-for-Liberation.


It would make much more sense to enlist Afghans, Iraqis, Somalis, Pakistanis and Africans

You already quoted one song. Let me quote you another one, by some "Tiny Turner" “What's sense got to do with it got to do with it…


@ Outspelled […] were France to grant Snowden asylum, and Russia cooperated thusly with its 'ally', I would listen very closely to what he says once no longer under the jurisdiction of Moscow.

WTF do you mean, Russia would coöperate to what—"release Snowden"? He's not a prisoner in Moscow and, as he's of no operational use to FSB whatsoever, he's free to go any time. I'd actually imagine they steer clear of him knowing full well, that, once he leaves to some Western asylum, he'll be debriefed by the opposition there about things the FSB might have wanted to know. That's how it works. Snowden told them exactly what he's saying publicly about the NSA etc. Hence his sole use to the Russians is of the underhanded propaganda variety—and THEY ARE RIGHT: unlike in the USA, where he'd be sent to Gitmo and held incommunicado in a hole until his dying days, Edward Snowden is FREE TO LIVE in Russia within the letter of the law. So, in all probability, you wouldn't have anything to listen to once ES were out of the dreaded "jurisdiction of Moscow."


@ Steve […] “The phone [found near the Bataclan] contained a text message — “on est parti on commence’’ — that loosely translates as “here we go, we’re starting” or as “we have left, we’re starting.”

Looks like they weren't (were not) using encryption.

Why would one encrypt a SMS which could have been some agreed upon plaintext code (BBC pre D-Day: “Jean has a long mustache”). Also the find is largely conjecture, could have been something entirely unconnected. I seem to remember that at least Al Qaida was pretty good on not leaving such easily identifiable items behind, took all SIMs with them when fleeing Tora-Bora in 2001, but perhaps the illogic is different in case of a mass-suicide machine-gunning/ bombing "event." Because—fuck do they care?

Thought PoliceNovember 18, 2015 3:19 PM

@Steve

Looks like they weren't (were not) using encryption.

Yeah, that sounds like a pretty stupid conclusion to draw from the pool of evidence you cited.

OutspelledNovember 18, 2015 3:27 PM

@ianf

Edward Snowden is FREE TO LIVE in Russia within the letter of the law. So, in all probability, you wouldn't have anything to listen to once ES were out of the dreaded "jurisdiction of Moscow."

Because nobody that is "FREELY LIVING" in Russia has ever wisely chosen to not utter their wisdom for fear of being thrown off a multi-story building. Riiiiigggghhhhtttt.....

SteveNovember 18, 2015 3:29 PM

@ianf - The point is they are not using encryption to communicate!

It didn't take long? It took a few minutes for the intelligence community pundits to hit the deck with their going dark/encryption talking points:

http://www.cbs.com/shows/48_hours/video/yQ_QCyEYN6yBhhWHmaI3fnY4_4qApTFD/encrypted-messaging-apps-helping-terrorists-go-dark-/

Norah O'Donnell: ...How could attacks with this level of coordination and lethality go virtually undetected?
John Miller (NYPD Deputy Commisioner of Intelligence): Norah, what I think you're seeing here is what FBI Director Jim Comey calls "going dark" and that is, in the, in in kind of the time following the Snowden debate about privacy anbd government overreaching and all of those allegations, a series of apps have come out that are encrypted, that self destruct, set to a timer, that can hold group chats that are completely protected from surveillance for up to 200 people, and the terrorists have found these apps and they're using it, and, Norah, what I'm talking about is you can walk in the door with a court order from a federal judge, hand it over to the company and say we need to see what's inside, just like we did after Mumbai, just like we did after 9/11, and they'll tell you, "we can't see what's inside here, we designed it to be uncrackable", that's a real challenge.
Norah O'Donnell: Scary.

"virtually undetected" Norah? Miller fed you that question.

SteveNovember 18, 2015 3:32 PM

It's becoming apparent that they were planning and plotting within the comfort of rented apartments in Brussels and Paris and using text messaging, That all seems to be in the news right now.

ianfNovember 18, 2015 4:17 PM


@ you, who are soooo Outspelled,

S-p-e-l-l  i-t  o-u-t  what YOU would have said out loud about Russia if you were in Edward Snowden's shoes. Because, apparently, he's either muzzled by his hosts, or self-censoring about the country that he knew nothing about, only heard unfavorable things, of, but which granted him a place to stay in peace until he finds some other place.

    Go ahead, play “Snowden in Moscow for a day,” be as unflinching of the no-feeedoms there as you want, nobody will come after you. Or are you just some latter-day Big Mouth from Winnetka, Illinois?


@ Steve […] “It took a few minutes for the intelligence community pundits to hit the deck with their going dark/ encryption talking points

Well, can you blame them for being opportunists? The Paris "event" was like Answered Legislative Prayers for them, and the Anglos & the Frogs are not alone about that. A few hours ago Sweden announced raising their "terror threat level" to 4 (out of 5), issued a warrant for some individual, and right on heels of that a Swedish Police Intel honcho said on camera that they'd now seek "Skype etc intercept & decryption powers" - which up to now they apparently have not had. If Sweden gets it, Denmark, Norway and Finland are bound to follow (unless they already have such powers - it's hard to get a grip on it from daily mainly English language dispatches).


they were planning and plotting within the comfort of rented apartments in Brussels and Paris and using text messaging

No shit, Sherlock ;-)) Perhaps we should grant the police the right to preliminarily bug all apartments for rent, on the odd chance they could be used for plotting terror acts AND/OR other nefarious activities such as… I dunno, fornication in unauthorized non-missionary positions?

SteveNovember 18, 2015 4:36 PM

...and using rental cars. The interesting thing to note is Miller's statements, "after Mumbai, after 9/11" So back doors are a reactive tool (not proactive) to be used after something bad happens with apparently no preventative value. These guy's were on the "radar". As things exist, the current surveillance framework is extensive with massive amounts data collected and stored, graph theoretic analysis capabilities (which seem effective in profiling my buying habits and perhaps predicting them, but not terrorist plots). We have the "haystack" and advanced warnings (ignored) - ask the Russians about the Tsarnaev's, John P. O'Neill about the flight schools. Yet intelligence failure after failure. The solution? Just let us invade your ordinary lives ever more.

SteveNovember 18, 2015 4:39 PM

@ianf - again the point is they are using old fashioned cloaking technology (private meetings etc) as opposed to encryption.

Clive RobinsonNovember 18, 2015 5:39 PM

@ Bible Burner,

Cheeky. The War On Badthink.

You might want to trade mark that.

I Don't know if you can get the UK BBC iPlayer downloads where you are, but on BBC Radio 4 they have a progrm on in the evening called "The Moral Maze". This evening they were discussing ways of dealing with IS, one of the "witnesses" is a Journalist called "Simon Jenkins" who writes for the right leaning "London Evening Standard" currently owned by a Russian oligarch (known as "two beards" for various reasons).

Any way Simon Jenkins, much to my surprise put up a very similar argument that IS are most definitely not an existential risk, and that they actually produce nothing, so cutting off their supply of technology and even food would fairly soon render them impotent.

@ Jacob, ianf, steve,

Firstly using "encryption" in an open channel is bad OpSec, because "It stands out like a spare udder on a bull".

Secondly it's a real hassle even if you are stupid enough to use a computer or smart phone app to do the encryption. Which makes it slow and unreliable.

Thus using simple verbal obfuscation with prearangrd phrases words or word, is both simpler and more secure.

Especially if you can route the message through innocent third parties. So you might send bill a text that says "Hey bring the crew over for lunch Im buying" would get mentioned in bill's office where dave works. Dave does not attend the lunch but insted goes to the local cafe/bar/eatery at eight in the evening where you just happen to come in for a takeaway or some such where you pass a visual que.

Such fieldcraft is old enough to have not just collected it's pension but it's grand children are now pensioners... It works and will always work into the future irrespective of tehnology.

The CIA taught this stuff to OBL, the Russians taught it to others abd it got passed on in training camps etc as well as appering in the likes of "spy thriller" books written by old MI6 spys etc.

For the current "idiot in charge" at the CIA and other agencies and LEOs to claim "it's Ed Snowden's fault" or "he has blood on his hands" is very bad lying because the CIA OBL and others link up is a matter of public record...

Thus you have to consider it's for the benifit of congress critters come appropriations time. The MIC gets a nice big tax dollar injection and at some point in the future when these idiots take early retirment etc they get a nice consulting gig etc for eye watering amounts of money as a nest feathering thank you from the fat cat industrialists...

Dirk PraetNovember 18, 2015 5:59 PM

@ ianf

You can't be serious with this as a solution to defeat Da'esh in Syria.

You brought up the Abbott plan, I replied to it. Do I really see this as a feasible solution? No, I don't. It's called entertaining theoretical solutions that in practice are hard or impossible to implement. Let me give you another one we in some distant past had concocted for the Israeli-Palestinian conflict: importing a couple of million Chinese there at which point both Israelis and Palistinians would band together immediately to get rid of the newcomers.

these are the people that you'd expect to fight for native Syrians' freedom, when their own countries are just as unfree as today's war-torn ME?

Given their ineligibility for refugee status and the incentive of legal passage to Europe if they want to fight for it? Yes.

Well, tough luck. It's either fight for your country with our training and support, or you can take the 14:30 boat back to the mainland under armed escort.

For which you would either have to reject or change the Geneva Refugee Convention. Good luck with that.

They're enough of a thorn in Turkey's side to keep it in NATO, rather than ally itself with "their Arab brethren."

The latter is exactly the course Turkey has been on ever since Erdogan came to power. Short of a coup, his position, especially after the recent elections, is undisputed. I'm surprised there's still so many people that underestimate the man and his resolve not only to eradicate the secular heritage of Kemal Ataturk but also to ever prevent a Kurdish state from happening.

When push comes to shove, Turkey is going to be one of the hardest obstacles to defeat Da'esh on the ground, as quite well explained in this here Guardian article. And there's exactly zilch the US and the EU can do about it with them being a NATO member and the EU under threat of Erdogan flooding Europe with even more refugees, as I explained last time. It's just one of several reasons I welcome Russia's intervention on the stage, as Erdogan has far less leverage on Putin than he has on the West.

For several years now, the US and some allies have been engaging in air raids that have proven largely inefficient. Their attempts at creating a US-sponsored Syrian rebel army has been an abysmal failure. With the French and the Russians now teaming up against Da'esh and reports of Da'esh leadership abandonning Raqqa, Obama and Kerry are just looking plain stupid on the international stage. And deservedly so. If you can't lead the way, then at least get out of the way.

OutspelledNovember 18, 2015 6:57 PM

@ianf

Go ahead, play “Snowden in Moscow for a day,”

Sure, let's play a game. Maybe I'd say "I heard Obama tell Hillary that he had seen intercepts revealing that Oswald was a patsy".

I mean, I guess that might be my first move in the stupid game you suggested.

OutspelledNovember 18, 2015 7:26 PM

@ianf - OK, you really want to play that game? Here would be my more serious first move-

Snowden: "Go read the wikipedia page titled 'List of journalists killed in Russia'. The subject of journalists needing protection from superpower states in the form of unbreakable encryption and other security technology is crucially related to an intellectually honest assessment of the entirety of our human society. Including an in depth focus specifically on that list of journalists killed in Russia. To debate the subject while dancing around that reality, is intellectually dishonest"

Your move.

The dangers to journalists in Russia have been well known since the early 1990s but concern at the number of unsolved killings soared after Anna Politkovskaya's murder in Moscow on 7 October 2006. While international monitors spoke of several dozen deaths, some sources within Russia talked of over two hundred fatalities.[1] The evidence has since been examined and documented in two reports, published in Russian and English, by international organizations. These revealed a basic confusion in terminology that explained the seemingly enormous numerical discrepancy: statistics of premature death among journalists (from work accidents, crossfire incidents, and purely criminal or domestic cases of manslaughter) were repeatedly equated with the much smaller number of targeted (contract) killings or work-related murders.

https://en.wikipedia.org/wiki/List_of_journalists_killed_in_Russia

ArturNovember 19, 2015 4:28 AM

Thanks for sharing that idea.

From my point of view that is more important that we find at the first glance. All is about the two sides of the same coin:
"obverse" is about how we obtain information and who we trust when gather the information -we should be more careful when information is about terror act and early consequences -mostly they are simply uncovered ideas about, not facts
"reverse" is about how we will remember the story and what we will do with it, and more specific how we pass that story to others - this is our opinion and reflection that we are terrorized or refuse to it.

Obviously that is easy to say "refuse" and way of harder to do it, but if you start to questioning the "media truth" it's easier and easier with time.
One advice: stop trusting in all the sources, ask your peers, family and friends what they think about it, but not what they read -what they decide to do with that information.

dc0deNovember 19, 2015 11:58 AM

U2FkbHksIGluIHRoZSBzdGF0ZSBvZiBvdXIgY29tbW9uIGtub3dsZWRnZSBhYm91dCB0aGVzZSB0aGluZ3MsIGl0J3Mga2luZCBvZiBzdHJhbmdlIHRvIHRoaW5rIHRoYXQgbWFueSBwZW9wbGUsIGluY2x1ZGluZyBtb3N0IG9mIHlvdXIgcmVhZGVycywgd29uJ3QgYmUgYWJsZSB0byByZWFkIHRoaXMgc2ltcGxlIGVuY29kaW5nIG1ldGhvZCwgYW5kIHdpbGwgbm90IGV2ZW4gdHJ5IHRvIHJlYWQgaXQgYmVjYXVzZSBpdCBhcHBlYXJzIHRvIGJlIGdpYmJlcmlzaC4gIFRob3NlIHBlb3BsZSwgd2lsbCBmYWxzZWx5IGNhbGwgdGhpcyBlbmNyeXB0aW9uLg0KDQpUaGUgcHJvYmxlbSBpcyB0aGF0IHBlb3BsZSBhcmVuJ3QgZXhwb3NlZCBlbm91Z2ggdG8gdGhlIGRpZmZlcmVuY2VzIGluIGVuY29kaW5nIHYuIGVuY3J5cHRpb24sIGhvdyBtYWNoaW5lcyBwcm9jZXNzIGRhdGEsIGhvdyBkYXRhIGlzIHNoYXJlZCBhbmQgbWFuaXB1bGF0ZWQsIGFuZCBqdXN0IGJlY2F1c2Ugc29tZXRoaW5nICJhcHBlYXJzIiB0byBiZSBjb21wbGljYXRlZCwgdGhhdCBpdCBzb21laG93IGEgbWFnaWMgYm94LiAgDQoNCkFueXdheS4gIEhvcGUgeW91IGFsbCBoYWQgZnVuIHJlYWRpbmcsIGFuZCBpZiB5b3Ugd2lzaCwgcmVzcG9uZCBpbiBraW5kIQ==

D.B.November 19, 2015 2:08 PM

Snowden disclosures? Aren't they of such nature that one could hire a reasonably educated powerpoint-specialist in India to create in large quantities?

Then just say that "there are thousands more, I just have not desired to release the rest of them yet".

In fact how come we have not heard anything about any further Snowden documents?

Walks with Black EaglesNovember 19, 2015 5:46 PM

@D.B.

Snowden disclosures continue to come out. There is a site somewhere that keeps track of them. There was another one last week or two or so weeks ago.

Google News search: snowden document

Might be one search.


I do not think any of the systems exposed anyone outside their groups have said, "This is an effective system", however, if that is what you mean.

Not for stopping terrorism anyway.

They are very effective systems for blackmailing corporate, intel, leo, political leaders, etc.

CallMeLateForSupperNovember 20, 2015 11:13 AM

@D.B.
"In fact how come we have not heard anything about any further Snowden documents?"

Help us out here; since what date?

@Walks with Black Eagles
"There is a site somewhere that keeps track of them."

You might be thinking of https://cryptome.org/
From that site:
"NSA Snowden Releases Tally Update - *6,198 Pages November 20, 2015"

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.