Page 450

NSA Job Opening

The NSA is looking for a Civil Liberties & Privacy Officer. It appears to be an internal posting.

The NSA Civil Liberties & Privacy Officer (CLPO) is conceived as a completely new role, combining the separate responsibilities of NSA’s existing Civil Liberties and Privacy (CL/P) protection programs under a single official. The CLPO will serve as the primary advisor to the Director of NSA for ensuring that privacy is protected and civil liberties are maintained by all of NSA’s missions, programs, policies and technologies. This new position is focused on the future, designed to directly enhance decision making and to ensure that CL/P protections continue to be baked into NSA’s future operations, technologies, tradecraft, and policies. The NSA CLPO will consult regularly with the Office of the Director of National Intelligence CLPO, privacy and civil liberties officials from the Department of Defense and the Department of Justice, as well as other U.S. government, private sector, public advocacy groups and foreign partners.

EDITED TO ADD (9/23): Better link here that allows new registration for prospective applicants—it’s Job ID 1039797.

Tags: , , , , ,

Posted on September 23, 2013 at 1:14 PMView Comments

Metadata Equals Surveillance

Back in June, when the contents of Edward Snowden’s cache of NSA documents were just starting to be revealed and we learned about the NSA collecting phone metadata of every American, many people—including President Obama—discounted the seriousness of the NSA’s actions by saying that it’s just metadata.

Lots and lots of people effectively demolished that trivialization, but the arguments are generally subtle and hard to convey quickly and simply. I have a more compact argument: metadata equals surveillance.

Imagine you hired a detective to eavesdrop on someone. He might plant a bug in their office. He might tap their phone. He might open their mail. The result would be the details of that person’s communications. That’s the “data.”

Now imagine you hired that same detective to surveil that person. The result would be details of what he did: where he went, who he talked to, what he looked at, what he purchased—how he spent his day. That’s all metadata.

When the government collects metadata on people, the government puts them under surveillance. When the government collects metadata on the entire country, they put everyone under surveillance. When Google does it, they do the same thing. Metadata equals surveillance; it’s that simple.

EDITED TO ADD (10/12): According to Snowden, the administration is partially basing its bulk collection of metadata on an interpretation by the FISC of Section 215 of the Patriot Act.

EDITED TO ADD (10/28): this post has been translated into Portuguese.

Tags: , , , ,

Posted on September 23, 2013 at 6:21 AMView Comments

Friday Squid Blogging: How Bacteria Terraform a Squid

Fascinating:

The bacterium Vibrio fischeri is a squid terraformer. Although it can live independently in seawater, it also colonises the body of the adorable Hawaiian bobtail squid. The squid nourishes the bacteria with nutrients and the bacteria, in turn, act as an invisibility cloak. They produce a dim light that matches the moonlight shining down from above, masking the squid’s silhouette from predators watching from below. With its light-emitting microbes, the squid becomes less visible.

Margaret McFall-Ngai from the University of Wisconsin has been studying this partnership for almost 25 years and her team, led by postdoc Natacha Kremer, have now uncovered its very first moments. They’ve shown how the incoming bacteria activate the squid’s genes to create a world that’s more suitable for their kind. And remarkably, it takes just five of these microbial pioneers to start the terraforming (teuthoforming?) process.

As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Tags:

Posted on September 20, 2013 at 4:25 PMView Comments

Legally Justifying NSA Surveillance of Americans

Kit Walsh has an interesting blog post where he looks at how existing law can be used to justify the surveillance of Americans.

Just to challenge ourselves, we’ll ignore the several statutory provisions and other doctrines that allow for spying without court oversight, such as urgent collection, gathering information not considered protected by the Fourth Amendment, the wartime spying provision, or the president’s “inherent authority” for warrantless spying. Let’s also ignore the fact that we have general wiretaps ala the Verizon order on phone metadata and Internet traffic that we can fish through in secret. Let’s actually try to get this by the FISA Court under 50 U.S.C. §§ 1801-1805 for electronic surveillance or § 1861 for documents and records.

Tags: , , ,

Posted on September 20, 2013 at 12:01 PMView Comments

Google Knows Every Wi-Fi Password in the World

This article points out that as people are logging into Wi-Fi networks from their Android phones, and backing up those passwords along with everything else into Google’s cloud, that Google is amassing an enormous database of the world’s Wi-Fi passwords. And while it’s not every Wi-Fi password in the world, it’s almost certainly a large percentage of them.

Leaving aside Google’s intentions regarding this database, it is certainly something that the US government could force Google to turn over with a National Security Letter.

Something else to think about.

Tags: , , , , , , ,

Posted on September 20, 2013 at 7:05 AMView Comments

Yochai Benkler on the NSA

Excellent essay:

We have learned that in pursuit of its bureaucratic mission to obtain signals intelligence in a pervasively networked world, the NSA has mounted a systematic campaign against the foundations of American power: constitutional checks and balances, technological leadership, and market entrepreneurship. The NSA scandal is no longer about privacy, or a particular violation of constitutional or legislative obligations. The American body politic is suffering a severe case of auto-immune disease: our defense system is attacking other critical systems of our body.

Tags: , , ,

Posted on September 18, 2013 at 7:06 AMView Comments

The Limitations of Intelligence

We recently learned that US intelligence agencies had at least three days’ warning that Syrian President Bashar al-Assad was preparing to launch a chemical attack on his own people, but wasn’t able to stop it. At least that’s what an intelligence briefing from the White House reveals. With the combined abilities of our national intelligence apparatus—the CIA, NSA, National Reconnaissance Office and all the rest—it’s not surprising that we had advance notice. It’s not known whether the US shared what it knew.

More interestingly, the US government did not choose to act on that knowledge (for example, launch a preemptive strike), which left some wondering why.

There are several possible explanations, all of which point to a fundamental problem with intelligence information and our national intelligence apparatuses.

The first possibility is that we may have had the data, but didn’t fully understand what it meant. This is the proverbial connect-the-dots problem. As we’ve learned again and again, connecting the dots is hard. Our intelligence services collect billions of individual pieces of data every day. After the fact, it’s easy to walk backward through the data and notice all the individual pieces that point to what actually happened. Before the fact, though, it’s much more difficult. The overwhelming majority of those bits of data point in random directions, or nowhere at all. Almost all the dots don’t connect to anything.

Rather than thinking of intelligence as a connect-the-dots picture, think of it as a million unnumbered pictures superimposed on top of each other. Which picture is the relevant one? We have no idea. Turning that data into actual information is an extraordinarily difficult problem, and one that the vast scope of our data-gathering programs makes even more difficult.

The second possible explanation is that while we had some information about al-Assad’s plans, we didn’t have enough confirmation to act on that information. This is probably the most likely explanation. We can’t act on inklings, hunches, or possibilities. We probably can’t even act on probabilities; we have to be sure. But when it comes to intelligence, it’s hard to be sure. There could always be something else going on—something we’re not able to eavesdrop on, spy on, or see from our satellites. Again, our knowledge is most obvious after the fact.

The third is that while we were sure of our information, we couldn’t act because that would reveal “sources and methods.” This is probably the most frustrating explanation. Imagine we are able to eavesdrop on al-Assad’s most private conversations with his generals and aides, and are absolutely sure of his plans. If we act on them, we reveal that we are eavesdropping. As a result, he’s likely to change how he communicates, costing us our ability to eavesdrop. It might sound perverse, but often the fact that we are able to successfully spy on someone is a bigger secret than the information we learn from that spying.

This dynamic was vitally important during World War II. During the war, the British were able to break the German Enigma encryption machine and eavesdrop on German military communications. But while the Allies knew a lot, they would only act on information they learned when there was another plausible way they could have learned it. They even occasionally manufactured plausible explanations. It was just too risky to tip the Germans off that their encryption machines’ code had been broken.

The fourth possibility is that there was nothing useful we could have done. And it is hard to imagine how we could have prevented the use of chemical weapons in Syria. We couldn’t have launched a preemptive strike, and it’s probable that it wouldn’t have been effective. The only feasible action would be to alert the opposition—and that, too, might not have accomplished anything. Or perhaps there wasn’t sufficient agreement for any one course of action—so, by default, nothing was done.

All of these explanations point out the limitations of intelligence. The NSA serves as an example. The agency measures its success by amount of data collected, not by information synthesized or knowledge gained. But it’s knowledge that matters.

The NSA’s belief that more data is always good, and that it’s worth doing anything in order to collect it, is wrong. There are diminishing returns, and the NSA almost certainly passed that point long ago. But the idea of trade-offs does not seem to be part of its thinking.

The NSA missed the Boston Marathon bombers, even though the suspects left a really sloppy Internet trail and the older brother was on the terrorist watch list. With all the NSA is doing eavesdropping on the world, you would think the least it could manage would be keeping track of people on the terrorist watch list. Apparently not.

I don’t know how the CIA measures its success, but it failed to predict the end of the Cold War.

More data does not necessarily mean better information. It’s much easier to look backward than to predict. Information does not necessarily enable the government to act. Even when we know something, protecting the methods of collection can be more valuable than the possibility of taking action based on gathered information. But there’s not a lot of value to intelligence that can’t be used for action. These are the paradoxes of intelligence, and it’s time we started remembering them.

Of course, we need organizations like the CIA, the NSA, the NRO and all the rest. Intelligence is a vital component of national security, and can be invaluable in both wartime and peacetime. But it is just one security tool among many, and there are significant costs and limitations.

We’ve just learned from the recently leaked “black budget” that we’re spending $52 billion annually on national intelligence. We need to take a serious look at what kind of value we’re getting for our money, and whether it’s worth it.

This essay previously appeared on CNN.com.

Tags: , , , , , ,

Posted on September 17, 2013 at 6:15 AMView Comments

Surreptitiously Tampering with Computer Chips

This is really interesting research: “Stealthy Dopant-Level Hardware Trojans.” Basically, you can tamper with a logic gate to be either stuck-on or stuck-off by changing the doping of one transistor. This sort of sabotage is undetectable by functional testing or optical inspection. And it can be done at mask generation—very late in the design process—since it does not require adding circuits, changing the circuit layout, or anything else. All this makes it really hard to detect.

The paper talks about several uses for this type of sabotage, but the most interesting—and devastating—is to modify a chip’s random number generator. This technique could, for example, reduce the amount of entropy in Intel’s hardware random number generator from 128 bits to 32 bits. This could be done without triggering any of the built-in self-tests, without disabling any of the built-in self-tests, and without failing any randomness tests.

I have no idea if the NSA convinced Intel to do this with the hardware random number generator it embedded into its CPU chips, but I do know that it could. And I was always leery of Intel strongly pushing for applications to use the output of its hardware RNG directly and not putting it through some strong software PRNG like Fortuna. And now Theodore Ts’o writes this about Linux: “I am so glad I resisted pressure from Intel engineers to let /dev/random rely only on the RDRAND instruction.”

Yes, this is a conspiracy theory. But I’m not willing to discount such things anymore. That’s the worst thing about the NSA’s actions. We have no idea whom we can trust.

Tags: , , , , , ,

Posted on September 16, 2013 at 1:25 PMView Comments

Reforming the NSA

Leaks from the whistleblower Edward Snowden have catapulted the NSA into newspaper headlines and demonstrated that it has become one of the most powerful government agencies in the country. From the secret court rulings that allow it to collect data on all Americans to its systematic subversion of the entire Internet as a surveillance platform, the NSA has amassed an enormous amount of power.

There are two basic schools of thought about how this came to pass. The first focuses on the agency’s power. Like J. Edgar Hoover, NSA Director Keith Alexander has become so powerful as to be above the law. He is able to get away with what he does because neither political party—and nowhere near enough individual lawmakers—dare cross him. Longtime NSA watcher James Bamford recently quoted a CIA official: “We jokingly referred to him as Emperor Alexander—with good cause, because whatever Keith wants, Keith gets.”

Possibly the best evidence for this position is how well Alexander has weathered the Snowden leaks. The NSA’s most intimate secrets are front-page headlines, week after week. Morale at the agency is in shambles. Revelation after revelation has demonstrated that Alexander has exceeded his authority, deceived Congress, and possibly broken the law. Tens of thousands of additional top-secret documents are still waiting to come. Alexander has admitted that he still doesn’t know what Snowden took with him and wouldn’t have known about the leak at all had Snowden not gone public. He has no idea who else might have stolen secrets before Snowden, or who such insiders might have provided them to. Alexander had no contingency plans in place to deal with this sort of security breach, and even now—four months after Snowden fled the country—still has no coherent response to all this.

For an organization that prides itself on secrecy and security, this is what failure looks like. It is a testament to Alexander’s power that he still has a job.

The second school of thought is that it’s the administration’s fault—not just the present one, but the most recent several. According to this theory, the NSA is simply doing its job. If there’s a problem with the NSA’s actions, it’s because the rules it’s operating under are bad. Like the military, the NSA is merely an instrument of national policy. Blaming the NSA for creating a surveillance state is comparable to blaming the US military for the conduct of the Iraq war. Alexander is performing the mission given to him as best he can, under the rules he has been given, with the sort of zeal you’d expect from someone promoted into that position. And the NSA’s power predated his directorship.

Former NSA Director Michael Hayden exemplifies this in a quote from late July: “Give me the box you will allow me to operate in. I’m going to play to the very edges of that box.”

This doesn’t necessarily mean the administration is deliberately giving the NSA too big a box. More likely, it’s simply that the laws aren’t keeping pace with technology. Every year, technology gives us possibilities that our laws simply don’t cover clearly. And whenever there’s a gray area, the NSA interprets whatever law there is to give them the most expansive authority. They simply run rings around the secret court that rules on these things. My guess is that while they have clearly broken the spirit of the law, it’ll be harder to demonstrate that they broke the letter of the law.

In football terms, the first school of thought says the NSA is out of bounds. The second says the field is too big. I believe that both perspectives have some truth to them, and that the real problem comes from their combination.

Regardless of how we got here, the NSA can’t reform itself. Change cannot come from within; it has to come from above. It’s the job of government: of Congress, of the courts, and of the president. These are the people who have the ability to investigate how things became so bad, rein in the rogue agency, and establish new systems of transparency, oversight, and accountability.

Any solution we devise will make the NSA less efficient at its eavesdropping job. That’s a trade-off we should be willing to make, just as we accept reduced police efficiency caused by requiring warrants for searches and warning suspects that they have the right to an attorney before answering police questions. We do this because we realize that a too-powerful police force is itself a danger, and we need to balance our need for public safety with our aversion of a police state.

The same reasoning needs to apply to the NSA. We want it to eavesdrop on our enemies, but it needs to do so in a way that doesn’t trample on the constitutional rights of Americans, or fundamentally jeopardize their privacy or security. This means that sometimes the NSA won’t get to eavesdrop, just as the protections we put in place to restrain police sometimes result in a criminal getting away. This is a trade-off we need to make willingly and openly, because overall we are safer that way.

Once we do this, there needs to be a cultural change within the NSA. Like at the FBI and CIA after past abuses, the NSA needs new leadership committed to changing its culture. And giving up power.

Our society can handle the occasional terrorist act; we’re resilient, and—if we decided to act that way—indomitable. But a government agency that is above the law… it’s hard to see how America and its freedoms can survive that.

This essay previously appeared on TheAtlantic.com, with the unfortunate title of “Zero Sum: Americans Must Sacrifice Some Security to Reform the NSA.” After I complained, they changed the title to “The NSA-Reform Paradox: Stop Domestic Spying, Get More Security.”

Tags: , , , , , , , , , , ,

Posted on September 16, 2013 at 6:55 AMView Comments

← Earlier EntriesLater Entries →

Sidebar photo of Bruce Schneier by Joe MacInnis.