Better Than a Telescreen

The Guardian, as part of its ongoing program of weakening the West by revealing bit by bit the Snowden documents, released a new one a few weeks ago about a GCHQ program called Optic Nerve. GCHQ, Government Communications Headquarters, is the British equivalent of the NSA and because of the close relationship between the American and British Intelligence communities got caught in the Snowden web of stolen documents.  Optic Nerve was (or is?  Who knows?) a program for capturing video images from Yahoo video chats.

As The Guardian reports:

A model of the GCHQ headquarters in Cheltenham

A model of the GCHQ headquarters in Cheltenham (Photo credit: Wikipedia)

GCHQ files dating between 2008 and 2010 explicitly state that a surveillance program codenamed Optic Nerve collected still images of Yahoo webcam chats in bulk and saved them to agency databases, regardless of whether individual users were an intelligence target or not.

In one six-month period in 2008 alone, the agency collected webcam imagery – including substantial quantities of sexually explicit communications – from more than 1.8 million Yahoo user accounts globally.

The comparison that the paper immediately and obviously uses is the telescreen from Orwell’s 1984. Orwell’s telescreens were basically TV’s that worked both ways; while you’re watching a show calling for all praise to the State (think Hardball), the TV is watching you back, checking to see if you’re rolling your eyes when Chris Matthews praises Obama or if you are in a rapturous state at the mention of his name.  The totalitarian implications of both the technology and the program are obvious.

So when I saw the story, why did I think, “Man that’s freakin’ cool?”

Well the technology is pretty neat.  And I can hardly blame an intelligence agency for wanting to know everything.  It’s only what any intelligence agency has every wanted, to be able to know absolutely everything.  The thing is, our technology is rapidly reaching the point where it’s possible to know, if not everything, than almost every communication that you make that has some sort of electronic component.

I can even see why GCHQ would be interested in screen capturing people’s video chats.  Imagine a situation in which a terrorist event in the UK has a shot of a suspect on closed circuit cameras.  Facial recognition software on the usual government databases turn up nothing.  Wouldn’t it be nice to have another source of pictures to scan through?  More than that, if you get a hit on a Yahoo image, that brings along quite a bit of other metadata associated with the Yahoo account being used.  That, my friends, is neat!

Low probability of success you say?  I would agree.  The odds are not great that you could check all legitimate government databases but then get a hit on a Yahoo video chat database, but who knows?  If it helps you solve a terrorist event, it would be worth it and all would be forgiven.

Low probability searching is becoming more and more worthwhile as the capacity for computer processing and data storage increases.  You only need a human to take a look at something if you actually get a hit on your searches. So that makes it more worthwhile to expand intelligence gathering into every nook and cranny on the off chance that you can prevent, or help solve, a terrorist event.

But that brings us back to telescreens and Orwell in general.  Do we really want to be observed to that extent that you literally are on someone’s video, phone, or internet presence at all times?  The Western nations are having that conversation right now, but the problem isn’t the intelligence programs, it’s the technology itself.  You may not like the NSA or GCHQ having this technology, but eventually, the technology will spread out so that everyone can have it.  Would having Putin’s Russia or the Red Chinese looking in everyone’s video chat be any better?  How about Cuba, Iran, Venezuela, or North Korea?  There are real totalitarian regimes right now that would love to have this technology for nothing but nefarious purposes and eventually, they will be able to buy it or build it themselves.

In the Western countries we think we can reign in our intelligence services by passing a law or something, and we can.  I can see us returning to a pre-World War II political climate in which, “Gentlemen do not read each other’s mail.” But we can’t pass a law stopping the Russians or Iranians from doing the same thing.  Even if we legally denude the ability of agencies like NSA, CSE, or GCHQ to achieve some sort of total information dominance, we can’t stop the rest of the world that could care less about our concerns for privacy.  I think you can imagine the possibilities of foreign dictatorships using these technologies to blackmail and manipulate westerners.

Maybe I’m naive, but if these technologies have to exist, I would rather the NSA or GCHQ have them than the Russian FAPSI or China’s Technical Department of the Central Military Commission.  But we are not going to get a choice on that since the technologies exist now and will eventually be acquired and used by the baddest of the bad.  Even Edward Snowden may look back in nostalgia when only the Western intelligence agencies had these capabilities.

Enhanced by Zemanta

Arrogance of Trust

The news that Edward Snowden had somehow managed to persuade 20 to 25 of his fellow colleagues at the NSA to give up their passwords and login information has probably shocked IT professionals and corporate security types.  “What kind of slipshod IT security is the NSA running?”  Could the smartest guys in the room really be so dumb and trusting?  As Reuters reports:

Snowden may have persuaded between 20 and 25 fellow workers at the NSA regional operations center in Hawaii to give him their logins and passwords by telling them they were needed for him to do his job as a computer systems administrator, a second source said.

This may seem incredible to those involved in information assurance that a system administrator, who had only been at the job a few months, could talk that many people out of their passwords.  Don’t these people have any information security training?  Every company IT department  teaches its employees to never share their password information.  Didn’t these guys have any training?

Headquarters of the NSA at Fort Meade, Marylan...

Headquarters of the NSA at Fort Meade, Maryland. Español: Instalaciones generales de la NSA en Fort Meade, Maryland. Русский: Штаб-квартира АНБ, Форт-Мид, Мэриленд, США (Photo credit: Wikipedia)

It turns out they do.  The Department of Defense, which the National Security Agency falls under, has extensive computer security training.  But that only begs the question further.  Snowden was so new at his base in Hawaii that he probably didn’t have any long term personal relationships to play on in order to trick people out of their passwords.  But I don’t think he needed to trick anyone.  And I think I know why.

I should preface this by saying this is just my personal opinion, but I think the popular idea of intelligence agencies and organizations, at least American ones, as a font of constant paranoia, looking over your shoulder at all times, and a lack of trust between co-workers, as depicted in movies and popular culture (think the Bourne movies) is totally opposite of the real situation.  I think the security problem in US intelligence organizations, which Snowden exploited, is that everyone trusts each other too much.

Security Clearances for Top Secret and above levels cost thousands of dollars and can take months to complete.  Once you have a security clearance, it’s not only a marketable item, but it’s sort of a short hand as to what kind of character you have.  Although it actually means you’ve mostly stayed out of trouble and have not screwed up too much, it’s taken as a certificate of approval that this person is trustworthy and of good character.  So if you work in a classified facility, surrounded by cleared people, some of them may strike you as crazy, or unpleasant, but not thieves, not crooks, and not traitors.  Why?  It’s nothing they did, it’s simply from the fact that they are working there; they’ve been vetted.

Once you are on the inside, you are part of special limited clique, in which everyone on the inside of the vault door holds secret knowledge that those on the other side of the vault door don’t know, and can’t know.  It’s like being part of Skull and Bones, only instead of knowing secret arcane nonsense; you know real things about the world that matter.  That dividing line between those on the inside of the door and those on the outside is huge.

One of the first things they teach you in Basic Training and Boot Camp is to keep you locker and money locked up and secure at all times. Even the camaraderie of military service isn’t enough to be sure your buddy won’t grab your wallet in an act of desperation. But like Singapore, if you decide to leave your wallet on your desk at work in your secured facility, you can mostly be assured that it will still be there, undisturbed, when you come back from break.  Having many roommates in the past with security clearances, I never worried for a second about leaving money or valuables around out in the open. I may have worried if they would clean up the kitchen after fixing dinner, or vanishing for days on end, but I never worried that they would steal from me.  I granted them an automatic level of trust that most keep within close family members.

And maybe that’s the problem.  In spite of all the security, and in spite of all the rules and security procedures, it doesn’t mean a thing unless people can operate with even a normal level of caution.  In my corporate environment I would never turn over my password to anyone, system administrator or otherwise.  But if I was back in the classified world, inside that insular level of trust, I can’t be sure how I would react.  And the fact that I would even question that is the problem.

Enhanced by Zemanta

Snowden’s Snow Job and Left-Right Inconsistency

Well it looks like the government finally went ahead and filed charges against Edward Snowden under the Espionage Act.  To me, that’s good news, although I think the odds of the US ever getting its hands on Snowden again are vanishingly small.  I’m pretty sure that Snowden will get to stay somewhere, whether it’s in China,  Iceland, or  Russia, where he is now.  Putin made a sanctuary offer to Snowden.  I’m pretty sure there are plenty of folks in Russia’s intelligence services that would love to sit down with Snowden and have a chat.

When I wrote about Snowden’s release of classified information a few weeks ago, I was reveling in the liberal hypocrisy that saw nothing wrong about these NSA programs, even though similar disclosures during the Bush era sent the left into a state of rage overload.  But I shouldn’t have laughed so quickly. As more information about Snowden came out, the right began to anoint him a hero.  How could the same people who (rightly) called Bradley Manning a criminal now call Snowden a hero and patriot?

Snowden violated his nondisclosure agreement, released classified documents to a foreign newspaper, and then promptly fled to Red China, where he revealed the extent of US spying on China, and then off to Russia.  That sort of description usually describes a hero to the left, not the right.  But I was pilloried on political forums for simply pointing out that Snowden betrayed his country…by the right.

That could have just been my own anecdotes that have no bearing on the national conversation, except the switcheroo is made clear in polling.  More Democrats support the phone metadata program than Republicans.

That tracks pretty closely to whether Americans think Snowden was right or wrong to release information on the NSA programs.  Democrats think Snowden was wrong by 49% to 39%.  Republicans?  They think Snowden was right 49% to 38%. Besides the embarrassment I have that most of the right now supports a traitor, it makes clear that for most people, they are supporting their team, not necessarily their principles.  I’ve always prided myself on my consistency, but I didn’t really think I was that unique in being supportive of principals rather than whether the other guy was wearing a red shirt or a blue one.

I will have to reconsider that.

Enhanced by Zemanta