Shadow Brokers Revisited

Almost three years ago a contractor for the NSA, Harold Martin was arrested for stealing classified information and possibly selling it.  As The New York Times wrote at the time:

“Investigators pursuing what they believe to be the largest case of mishandling classified documents in United States history have found that the huge trove of stolen documents in the possession of a National Security Agency contractor included top-secret N.S.A. hacking tools that two months ago were offered for sale on the internet.

They have been hunting for electronic clues that could link those cybertools — computer code posted online for auction by an anonymous group calling itself the Shadow Brokers — to the home computers of the contractor, Harold T. Martin III, who was arrested in late August on charges of theft of government property and mishandling of classified information.”

I wrote about the case at the time in this post, and noted some of the oddities involved in this case:

The hacking tools were reported to have “lost” several years earlier by being inadvertently left behind on a compromised computer.

The Intercept reported that a previously unpublished draft document from the NSA (probably from the Snowden leaks) describes the tools.

In 2016, 3 years after the hacking tools are supposed to have been ‘lost,’ Harold Martin is charged with stealing and selling them.

All of that made it odd that they were looking at Martin (publicly at least) as the thief who stole and sold the hacking tools.  Yet with all of the NSA’s capabilities, they couldn’t seem to find any evidence Martin had actually done that, which brings us to this week:

“…Yet none of that is likely to be mentioned at Martin’s July 17 sentencing. The hearing instead will turn on dramatically different depictions of the enigmatic Martin, a Navy veteran, longtime government contractor — most recently at Booz Allen Hamilton — and doctoral candidate at the time of his arrest.

… Martin was never charged with disclosing information and was accused only of unlawfully retaining defense information. The Shadow Brokers, which two weeks before Martin’s arrest surfaced on Twitter with the warning that it would auction off NSA hacking tools online, continued trickling out disclosures after Martin was in custody, a seeming indication that someone else may have been responsible.”

So either the government couldn’t come up with enough evidence to charge Martin with stealing and selling the hacking tools (the tools that had been lost years earlier), or it was a red herring and there was never real evidence that he was involved in the hacking tools theft in the first place.

When I wrote about this case two and a half years ago, I surmised both that Martin was innocent of selling hacking tools (but not of hoarding classified material at home-he seems guilty as hell of that) and that the Shadow Brokers were a front group possibly of the NSA itself.  My theory, as I stated at the time, goes like this:

“So the information on the hacking tools is out there, even if the tools themselves are not.  But there is no doubt enough technical data that would make it possible for a sophisticated intelligence service to perhaps identify and defend from those particular tools. So maybe, just maybe, the NSA wants to muddy the waters a bit by “losing” their tools, only to be found by a hacking group which then brags about having them and uses them to intrude into systems worldwide.

So…what if the tools were never lost, or stolen by Martin?  What if it’s an elaborate setup to create a black hat hacking group, that can be the fall guy for failed or identified computer systems intrusions?  Since the technical manual stolen by Snowden is out there, that means the useful shelf life of these hacking tools are limited, so an entirely new set of software has to be created, but that takes time.  In the meantime, there is a fall guy for failed or identified computer intrusion operations, the Shadow Brokers. “

So it looks like I was right that Martin wasn’t the source of the release of the hacking tools, but to my second point, are the Shadow Brokers actually a puppet group operated by the NSA?  In a world of perfect security, we would never know the answer to that.  However given the absolute security bungling that the government has been guilty of, it’s possible that The Intercept may one day have a scoop on that very issue.  Hopefully that won’t be for a very long time.

 

Who Watches the Intelligence “Experts?”

The other day my wife had me check out an interview she was watching on Hannity since she wanted my feedback.  The interview was with William Binney, a former NSA official who worked for the agency over 30 years.  You figure, a guy like that, with that kind of background, should have some sort of credibility right?

Maybe not.

Just a few observations, other than the obvious one that Hannity really should shut up for a second and let his guests speak.  At 6:20 Binney, in response to a question by Hannity, “so every phone conversation I’ve had in my life you believe has been taped?” Binney responds, “Without warrants, yes that’s right.”

Color me skeptical, but I find it hard to believe that a lifetime of Sean Hannity phone calls has been recorded and are sitting in storage out in Utah, or anywhere.  Maybe I’m naive, but that seems implausible to me.  I just can’t imagine that the technology and storage capacity was there, starting in the 1970’s to record and store every single phone call of a teenage Sean Hannity.  Now? Possibly, but going back decades?  Or maybe Binney didn’t really mean Hannity’s entire life and misunderstood the question.  Or maybe, since he has 30 plus years with the NSA I should shut up since he should know what he’s talking about.

But then at 6:28 he blows any credibility I might have given him when he references the story of former military linguists Adrienne Kinne and David Faulk, “whistleblowers” who made the claim that the US Intelligence Community was deliberately targeting US military and civilians working in Iraq.  This blew up into a big national story for a few days in 2008. And although it’s mostly forgotten now, every so often it’s trotted out in the media as an example of the US Intelligence Community spying on innocent civilians as a routine fact of life and this incident just happened to have been outed by brave whistleblowers speaking truth to power.

I happen to have some peripheral knowledge of that incident and know that the media narrative of it is false.  So why should I trust Binney if he’s bringing that issue up?  More to the point, Binney was out of government by then, so what particular insider knowledge would he have of that incident?

This of course, is just one example of a problem I’m seeing with National Security and Intelligence experts, who go on cable news and, depending on the network, take totally opposite positions on an issue from other National Security and Intelligence experts. It’s by no means unusual for commentators to disagree on cable TV.  I mean, that’s the business model right?  But unlike other commentators and so called experts, commentators on Intelligence issues are trading on their exclusive access to the Intelligence Community and their access to classified information.  But rather than being honest brokers of that kind of access and expertise, they seem to be doing the same thing other cable news talking heads do: exploit their credibility to please the host of whatever show they’re on, in order to get more bookings.

Another “National Security Expert” guest of Hannity’s is LTC Tony Shaffer. Shaffer seems to be more of a wild card than Binney.  He’s claimed that President Obama watched the attack on the consulate at Benghazi from the situation room.  Explosive news if true, but how would Shaffer had known?  It sounds like something he just blurted out.  But Shaffer’s most recent wild eyed claim was that retired NSA and other IC types did the actual hacking of the DNC and gave the information to Wikileaks. Another earth shaking claim if true, but where’s the evidence?  What’s even the basis of the claim?

Another one who plays that game is Malcom Nance, a former Naval Cryptologic Technician and Arabic linguist.  He is also billed as an all-around National Security expert.  He actually has an impressive resume, but when you want to be called to be on panels on MSNBC or the BBC, you have to pick a side, which lead to this tweet a few months ago after the Wikileaks release of John Podesta’s emails:

Official Warning: #PodestaEmails are already proving to be riddled with obvious forgeries & #blackpropaganda not even professionally done. https://t.co/UuJZrurHAA

— Malcolm Nance (@MalcolmNance) October 7, 2016

Now there were no “obvious forgeries” in the Podesta emails.  Even months later, all the information we have on them is that they are authentic. But if a “National Security Expert” tells you they’re “obvious forgeries,” why wouldn’t the average person just accept that? But calling them forgeries, backed up by Nance’s resume, makes good copy; particularly on MSNBC.  That was the kind of national security expertise they want on that network.

Like Nance, John Schindler got his start in the Navy as a Cryptologic Warfare Officer and was a professor of National Security Affairs at the Naval War College until yada yada yada, and now he runs a National Security blog The XX Committee. Schindler isn’t a cable news whore, but he uses social media in much the same way.

Now we go nuclear. IC war going to new levels. Just got an EM fm senior IC friend, it began: "He will die in jail."https://t.co/e6FxCclVqT

— John Schindler (@20committee) February 15, 2017

Now…is this just an old friend who is a crusty old liberal and hates Trump, or is this an indication of some cabal in the Intelligence Community that has the goods on Trump and is just waiting for their moment to strike?  Clearly Schindler wants us to think the latter, but who knows?

My point is, I’m not sure that we can take these Intelligence and Security experts at face value.  They all seem to have agendas, whether commercial or personal, and because of the nature of their expertise, they are more or less unchallenged.  They are usually the only ones on a cable news panel that have held a security clearance so it makes them hard to challenge.  And frankly, that even goes for me too.  I dismissed Binney because of his take on the Kinne and Faulk story but I’m not willing to share anything about my issues with it.  So why trust me?

Don’t trust me, but you’re better off not trusting any of these “experts” until you can discern their real motives and agendas. And even then…

Shadow Brokers

 

ABC News had an interesting story yesterday about a hacker group called “Shadow Brokers” releasing information related to the National Security Agency loss of some of it’s most closely guarded hacker tools.

OK maybe not that closely guarded. Per the article:

“A group calling itself “Shadow Brokers” says it has released another gem from its trove of high-level hacking tools stolen from the U.S.’s National Security Agency, potentially offering added insight into how America’s spies operate online.

The leak discloses NSA-style codenames — including “Jackladder” and “Dewdrop”— and carries internet protocol information about scores of organizations, many based in Japan, China and South Korea, according to several experts who have examined the data.”

It looks like yet another embarrassment for the NSA, which seems to have generated plenty over the past few years.  When hacker groups get to troll the NSA with their own hacking tools, it’s like getting a wedgie and being stuffed in a locker for that most secret of American spy agencies.  This caught my eye:

“The Intercept, an investigative publication with access to NSA material leaked by former intelligence contractor Edward Snowden, later confirmed Shadow Brokers’ tools were really from the NSA by cross-referencing the leaked data with information held in a previously unpublished top secret manual.”

That seems to tell me that intimate knowledge of these hacker tools have been out there since Snowden defected.  Glenn Greenwald may not have published the details in The Guardian, but I’m sure whatever laptop he kept Snowden’s data on was a target of every intelligence agency in the world, so the entire worldwide intelligence community must have been aware of some of the specifics of these hacker tools for years.

And then, somehow, these tools got released.

At some point.

That gets kind of cloudy.  It was revealed publicly a few months ago that not only had the hacking tools been leaked, but that it may have been due to carelessness.

“Embarrassingly, an investigation into the matter has revealed that a NSA operative may have inadvertently left the hacking tools in question on a remote computer, effectively leaving it behind as a gift to whomever discovered it.”

At this point, maybe it’s time for the NSA to wear a dunce cap and sit in the corner?

But wait, there’s more:

“Interestingly enough, a U.S. operative is said to have left the hacking tools behind about three years ago.”

Now I wonder what else happened in the intelligence community three years ago?  That’s right, that’s when Snowden defected.  Now at seems a bit of a coincidence to me that at about the same time Edward Snowden began his ‘round the world defection tour that in a totally unrelated incident, some random NSA employee loses a laptop containing some of the most valuable hacking software in the world.

Now here is where I get confused.  Harold Martin III, an NSA contractor employed by Booz Allen Hamilton was arrested in August for pilfering an unbelievable amount of classified material that he had stolen from work and was keeping at home.  Per The New York Times:

 “Investigators pursuing what they believe to be the largest case of mishandling classified documents in United States history have found that the huge trove of stolen documents in the possession of a National Security Agency contractor included top-secret N.S.A. hacking tools that two months ago were offered for sale on the internet.

They have been hunting for electronic clues that could link those cybertools — computer code posted online for auction by an anonymous group calling itself the Shadow Brokers — to the home computers of the contractor, Harold T. Martin III, who was arrested in late August on charges of theft of government property and mishandling of classified information.”

So this is why I’m confused.  The FBI is trying to make a case that Martin sold or tried to sell NSA hacking tools to the Shadow Brokers hacking group; the same hacking tools that were inadvertently lost three years ago?

“But so far, the investigators have been frustrated in their attempt to prove that Mr. Martin deliberately leaked or sold the hacking tools to the Shadow Brokers or, alternatively, that someone hacked into his computer or otherwise took them without his knowledge.”

The tools were lost three years ago.  The FBI thinks that Martin sold them to the hacker group, and per the ABC article, everyone agrees that the hacker group Shadow Brokers does have the hacking tools right?

Somebody can’t keep their story straight.  Did the Shadow Brokers get the tools from the loss from three years ago or from Martin more recently?  And is Martin that good that if he did sell the tools, he left no tracks, including payment?  Since he’s sitting in jail, facing a lifetime of more of the same, it would seem that he would have an incentive to cut a deal.

Let me posit an alternative explanation.  I won’t even call it a theory since I have no evidence or no knowledge one way or the other.  But try this on for size:

When the after action on Snowden’s stolen material was reviewed, it becomes clear that a technical manual that has specific information about the NSA hacking tools was part of Snowden’s stolen intelligence material.  Greenwald never published it, no doubt because it was technical and he had no idea what it was, but just having it in his possession made the material vulnerable since Greenwald became a target for every intelligence agency in the world once it went public that Snowden gave him all of his ill gotten gains.

So the information on the hacking tools is out there, even if the tools themselves are not.  But there is no doubt enough technical data that would make it possible for a sophisticated intelligence service to perhaps identify and defend from those particular tools. So maybe, just maybe, the NSA wants to muddy the waters a bit by “losing” their tools, only to be found by a hacking group which then brags about having them and uses them to intrude into systems worldwide.

So…what if the tools were never lost, or stolen by Martin?  What if it’s an elaborate setup to create a black hat hacking group, that can be the fall guy for failed or identified computer systems intrusions?  Since the technical manual stolen by Snowden is out there, that means the useful shelf life of these hacking tools are limited, so an entirely new set of software has to be created, but that takes time.  In the meantime, there is a fall guy for failed or identified computer intrusion operations, the Shadow Brokers.  Wouldn’t it be ironic if the Shadow Brokers are nothing but a creation of the Shadow Factory?

Do I think this is likely?  Sadly no.  It’s more hope than anything else. Or it’s a good episode of The Blacklist or Scorpion.  But I would rather believe that as opposed to the alternative public explanation that not only did the NSA lose information on almost every major intelligence program to Snowden, but that it lost the US technical edge in cyber warfare to an accident.

 

Administration Spies on Congress: No one cares

When it comes to writing headlines, well talk about burying the lead!

U.S. Spy Net on Israel Snares Congress

It seems to me the proper headline should be, “U.S. Spies on Congress!”

From the article:

“President Barack Obama announced two years ago he would curtail eavesdropping on friendly heads of state after the world learned the reach of long-secret U.S. surveillance programs.

But behind the scenes, the White House decided to keep certain allies under close watch, current and former U.S. officials said. Topping the list was Israeli Prime Minister Benjamin Netanyahu”

Not really much of a surprise.  President Obama breaks another promise?  That barely qualifies as news these days.  Particularly from an administration that regards Israel a bigger threat than Iran.

“The National Security Agency’s targeting of Israeli leaders and officials also swept up the contents of some of their private conversations with U.S. lawmakers and American-Jewish groups. That raised fears—an “Oh-s— moment,” one senior U.S. official said—that the executive branch would be accused of spying on Congress.”

Now I have no problem with the US spying on allies.  Unless we have some sort of non spying pact, I would say that’s fair game.  But what isn’t fair game is “US Persons” particularly when they are US Congressmen.  One would expect that the Obama administration would be a bit more circumspect when it comes to spying on Americans.

“White House officials believed the intercepted information could be valuable to counter Mr. Netanyahu’s campaign. They also recognized that asking for it was politically risky. So, wary of a paper trail stemming from a request, the White House let the NSA decide what to share and what to withhold, officials said. “We didn’t say, ‘Do it,’ ” a senior U.S. official said. “We didn’t say, ‘Don’t do it.’ ””

So the intention of the spying wasn’t some rubric of US national security, it was blatantly political. And the White House wouldn’t even draw the line on spying on Americans.

In an objective sense, this scandal is bigger than Watergate. But in a 21^st Century news media sense, it’s a yawner.  After all, what legitimate news source wants to run a story critical of Obama?

Not many apparently.  I was particularly disappointed in Meet The Press, which I watched yesterday hoping for some tidbit on what should be one of the biggest scandals of the Obama administration…

Not a single mention.

Someone remind me again why we were supposed to be all freaked out about the NSA having a database of phone metadata information…basically a phone bill?

Honestly, someone remind me.

 

Zombie TV

Like any other fan of the Walking Dead, I’m looking forward to the Season 5 premiere tonight.

I’m expecting excitement, danger, fear, death, pathos, blood, gore, and lots and lots of zombies.  I’m also expecting big ratings.  Walking Dead has been somewhat of a phenomenon in that regard, as a cable show that is regularly beating network television.

So why has it taken so long for TV to come up with a knock off?  I don’t know but the Syfy Channel finally came up with its own zombie show, Z Nation.  The show premiered last month, and based on the first five episodes, I think I can place the show firmly in the middle of the Zombie-verse.  With Walking Dead at the top, and multiple horrible zombie movies at the bottom, Z Nation is probably a cut above your typical zombie movie; particularly if it’s produced by Syfy or if you find it on Netflix and it’s never had a US theatrical release.

Walking Dead appeals to a fairly large audience, based on its ratings, and there are plenty of fans of that show who have no interest in horror movies in general and zombie movies in particular.  But Walking Dead has managed to capture the current appeal of dystopian fiction, and adult drama where damaged people deal with loss and hopelessness.  A Walking Dead episode doesn’t end with the whole gang laughing, then freeze frame and credits.  It’s relentlessly hopeless, which for some reason people are attracted to.

Z Nation, in contrast, is fun.  Sure, the apocalypse has hit, civilization is destroyed, and things look bad, but this show has hope.  The premise of the show is that due to an experimental vaccine, there is a cure for the zombie plague in the bloodstream of one ex convict that a group of survivors are trying to get across the country to a government lab.  This is a post zombie America in which there are plenty of survivors and not every human survivor is out to get you.  Some are just trying to get along.  That’s unlike the America that Rick Grimes woke up to from his coma.  That was an almost empty world, where human survivors were often more dangerous than the walkers.

The Z Nation group is under the direction of “Citizen Z,” played by the fantastic genre actor DJ Qualls.  Any show that Qualls is in is worth taking a look (Legit exempted).  Qualls plays the last survivor of an NSA outpost in some unidentified Arctic location. From his base he can control satellites, radio and television, computers, and remote cameras; with or without electricity.  Clearly the post Snowden era has left the public with some unrealistic expectations of the NSA’s capabilities.  The lesson should have been the opposite. But it’s an overall fun show that will appeal to fans of the genre, if not to the larger Walking Dead audience.  It even gave a wink to the Syfy audience with last Friday’s episode, “Home Sweet Zombie,” which included a zombie spewing tornado and a character saying, “well at least it ain’t sharks.”

But AMC is giving another try at the Walking Dead audience with a Walking Dead companion series.  Again, why so late?  They could have started the ball rolling on this show years earlier to capitalize on the Walking Dead popularity.  But work is ongoing and a list of characters has already been released.  Not much is known about the new series other than rumors that it’s to be set at an earlier point than the current Walking Dead show is at and it’s going to be somewhere else other than Georgia.  I for one, welcome a new series set in the Walking Dead universe.  Like any fan, I have my own wish list of what I would like to see.  The character list released seems rather lackluster.  I would have preferred at least one Prepper.  Then he could die early to show the futility of preparations.  I would also like to see an emergency room doctor, since if they start on day one of the Zombie Apocalypse (which I would prefer), they can show the utter confusion and disbelief of not believing what they are seeing, the dead coming back, with an appetite.

So I would love to see a companion series timeline that in the first season runs from day one to a few weeks later when it’s effectively over, about the time Rick wakes up in his hospital bed.  What happens to the world while Rick is in his coma?  I’d like to know. But in the meantime, I do have the original Walking Dead to welcome back and fairly decent copy cat.  That’s more zombies on TV than I’m used to.

Snowden the Liar

I really wanted to ignore NBC’s Edward Snowden interview last week.  I didn’t think I would learn anything new except self serving excuses for his criminal behavior, and that was basically what NBC provided.  In fact, I was so confident in NBC’s inability to ask a tough interview question that I didn’t even plan to watch it.  But I was also confident any high points would hit the news and sure enough, they did.  In my opinion, Snowden damaged his credibility even further by this interview, but it doesn’t seem it was reported that way.

Edward Snowden – Booz, Allen, Hamilton Name Tag (Photo credit: DonkeyHotey)

1.  “I was trained as a spy in sort of the traditional sense of the word –” I don’t doubt that Snowden was “undercover” when he worked for the CIA in Switzerland, but that’s a far cry from being a spy.  Unless we are redefining spy from Sidney Riley and James Bond to overweight middle aged analysts and Magic: The Gathering playing IT guys.  That is not, as Snowden would say, “in the traditional sense of the word,” being a spy. Show me that Snowden trained on Camp Peary at The Farm and I might change my mind.

 

2. “I have raised the complaints not just officially in writing through email to these offices and these individuals but to my supervisors, to my colleagues, in more than one office…”  Did he?  The NSA has released one email that Snowden sent to the General Counsel Office, asking if Executive Orders take precedence over Federal law. Snowden received a reply 3 days later stating that no, they do not override federal law.  So that’s it?  That doesn’t even address the legality of the programs Snowden released.  Now, a Snowden apologist may argue that of course the NSA wouldn’t release all of the emails, they’re all in on it man!  OK, let’s say there is doubt if the NSA released all the emails.  Maybe they didn’t.  But if that’s the case, why didn’t Snowden release his emails?  I mean, the guy was bright enough to download information of hundreds of classified programs from secure servers but somehow neglected to download from his own email account emails that could have backed up his side of the story?

 

Of course the wild claim about raising his concerns is a red herring anyway.  Snowden took the Booz Allen Hamilton contractor job with the NSA with the express purpose gathering “evidence” of the NSA surveillance programs as he told a Hong Kong newspaper.  So that contradicts his story going through the channels and stealing secrets as a last resort.

Snowden intended espionage and to damage the United States from the very beginning.  How does running to the Chinese and telling them that the US hacks Chinese computer networks square with a patriot trying to reveal NSA spying of Americans?  Or that Norway shares intelligence with the US on Russia?  What possible benefit to American privacy could come from that?

Snowden’s story stinks and has from the beginning, and as I suspected, NBC wouldn’t bother asking any of the real penetrating questions.  They don’t want us to come to any conclusions about Snowden, they just want a Snowden story.  I’ve gotten into debates online about Snowden, and the basics of the “Patriot or Traitor” issue boils down to this:  I understand the 4^th Amendment concerns about the NSA metadata program.  I don’t agree with those concerns and wrote about them last year.  But I at least understand the argument.  What I don’t understand is; what is the argument for releasing information about every other foreign intelligence program?  None of those have anything to do with American privacy, the 4^th Amendment, or US law.

I’ve been waiting almost a year for an answer to that one.  In the meantime, the NBC interview did show the near uselessness of having interviews with Snowden that will only be self promotion pieces.  Snowden doesn’t’ need interviews, he needs to be interrogated.

 

 

Better Than a Telescreen

The Guardian, as part of its ongoing program of weakening the West by revealing bit by bit the Snowden documents, released a new one a few weeks ago about a GCHQ program called Optic Nerve. GCHQ, Government Communications Headquarters, is the British equivalent of the NSA and because of the close relationship between the American and British Intelligence communities got caught in the Snowden web of stolen documents.  Optic Nerve was (or is?  Who knows?) a program for capturing video images from Yahoo video chats.

As The Guardian reports:

A model of the GCHQ headquarters in Cheltenham (Photo credit: Wikipedia)

GCHQ files dating between 2008 and 2010 explicitly state that a surveillance program codenamed Optic Nerve collected still images of Yahoo webcam chats in bulk and saved them to agency databases, regardless of whether individual users were an intelligence target or not.

In one six-month period in 2008 alone, the agency collected webcam imagery – including substantial quantities of sexually explicit communications – from more than 1.8 million Yahoo user accounts globally.

The comparison that the paper immediately and obviously uses is the telescreen from Orwell’s 1984. Orwell’s telescreens were basically TV’s that worked both ways; while you’re watching a show calling for all praise to the State (think Hardball), the TV is watching you back, checking to see if you’re rolling your eyes when Chris Matthews praises Obama or if you are in a rapturous state at the mention of his name.  The totalitarian implications of both the technology and the program are obvious.

So when I saw the story, why did I think, “Man that’s freakin’ cool?”

Well the technology is pretty neat.  And I can hardly blame an intelligence agency for wanting to know everything.  It’s only what any intelligence agency has every wanted, to be able to know absolutely everything.  The thing is, our technology is rapidly reaching the point where it’s possible to know, if not everything, than almost every communication that you make that has some sort of electronic component.

I can even see why GCHQ would be interested in screen capturing people’s video chats.  Imagine a situation in which a terrorist event in the UK has a shot of a suspect on closed circuit cameras.  Facial recognition software on the usual government databases turn up nothing.  Wouldn’t it be nice to have another source of pictures to scan through?  More than that, if you get a hit on a Yahoo image, that brings along quite a bit of other metadata associated with the Yahoo account being used.  That, my friends, is neat!

Low probability of success you say?  I would agree.  The odds are not great that you could check all legitimate government databases but then get a hit on a Yahoo video chat database, but who knows?  If it helps you solve a terrorist event, it would be worth it and all would be forgiven.

Low probability searching is becoming more and more worthwhile as the capacity for computer processing and data storage increases.  You only need a human to take a look at something if you actually get a hit on your searches. So that makes it more worthwhile to expand intelligence gathering into every nook and cranny on the off chance that you can prevent, or help solve, a terrorist event.

But that brings us back to telescreens and Orwell in general.  Do we really want to be observed to that extent that you literally are on someone’s video, phone, or internet presence at all times?  The Western nations are having that conversation right now, but the problem isn’t the intelligence programs, it’s the technology itself.  You may not like the NSA or GCHQ having this technology, but eventually, the technology will spread out so that everyone can have it.  Would having Putin’s Russia or the Red Chinese looking in everyone’s video chat be any better?  How about Cuba, Iran, Venezuela, or North Korea?  There are real totalitarian regimes right now that would love to have this technology for nothing but nefarious purposes and eventually, they will be able to buy it or build it themselves.

In the Western countries we think we can reign in our intelligence services by passing a law or something, and we can.  I can see us returning to a pre-World War II political climate in which, “Gentlemen do not read each other’s mail.” But we can’t pass a law stopping the Russians or Iranians from doing the same thing.  Even if we legally denude the ability of agencies like NSA, CSE, or GCHQ to achieve some sort of total information dominance, we can’t stop the rest of the world that could care less about our concerns for privacy.  I think you can imagine the possibilities of foreign dictatorships using these technologies to blackmail and manipulate westerners.

Maybe I’m naive, but if these technologies have to exist, I would rather the NSA or GCHQ have them than the Russian FAPSI or China’s Technical Department of the Central Military Commission.  But we are not going to get a choice on that since the technologies exist now and will eventually be acquired and used by the baddest of the bad.  Even Edward Snowden may look back in nostalgia when only the Western intelligence agencies had these capabilities.

Related articles

• Has the internet dream become an Orwellian nightmare?

Arrogance of Trust

The news that Edward Snowden had somehow managed to persuade 20 to 25 of his fellow colleagues at the NSA to give up their passwords and login information has probably shocked IT professionals and corporate security types.  “What kind of slipshod IT security is the NSA running?”  Could the smartest guys in the room really be so dumb and trusting?  As Reuters reports:

Snowden may have persuaded between 20 and 25 fellow workers at the NSA regional operations center in Hawaii to give him their logins and passwords by telling them they were needed for him to do his job as a computer systems administrator, a second source said.

This may seem incredible to those involved in information assurance that a system administrator, who had only been at the job a few months, could talk that many people out of their passwords.  Don’t these people have any information security training?  Every company IT department  teaches its employees to never share their password information.  Didn’t these guys have any training?

Headquarters of the NSA at Fort Meade, Maryland. Español: Instalaciones generales de la NSA en Fort Meade, Maryland. Русский: Штаб-квартира АНБ, Форт-Мид, Мэриленд, США (Photo credit: Wikipedia)

It turns out they do.  The Department of Defense, which the National Security Agency falls under, has extensive computer security training.  But that only begs the question further.  Snowden was so new at his base in Hawaii that he probably didn’t have any long term personal relationships to play on in order to trick people out of their passwords.  But I don’t think he needed to trick anyone.  And I think I know why.

I should preface this by saying this is just my personal opinion, but I think the popular idea of intelligence agencies and organizations, at least American ones, as a font of constant paranoia, looking over your shoulder at all times, and a lack of trust between co-workers, as depicted in movies and popular culture (think the Bourne movies) is totally opposite of the real situation.  I think the security problem in US intelligence organizations, which Snowden exploited, is that everyone trusts each other too much.

Security Clearances for Top Secret and above levels cost thousands of dollars and can take months to complete.  Once you have a security clearance, it’s not only a marketable item, but it’s sort of a short hand as to what kind of character you have.  Although it actually means you’ve mostly stayed out of trouble and have not screwed up too much, it’s taken as a certificate of approval that this person is trustworthy and of good character.  So if you work in a classified facility, surrounded by cleared people, some of them may strike you as crazy, or unpleasant, but not thieves, not crooks, and not traitors.  Why?  It’s nothing they did, it’s simply from the fact that they are working there; they’ve been vetted.

Once you are on the inside, you are part of special limited clique, in which everyone on the inside of the vault door holds secret knowledge that those on the other side of the vault door don’t know, and can’t know.  It’s like being part of Skull and Bones, only instead of knowing secret arcane nonsense; you know real things about the world that matter.  That dividing line between those on the inside of the door and those on the outside is huge.

One of the first things they teach you in Basic Training and Boot Camp is to keep you locker and money locked up and secure at all times. Even the camaraderie of military service isn’t enough to be sure your buddy won’t grab your wallet in an act of desperation. But like Singapore, if you decide to leave your wallet on your desk at work in your secured facility, you can mostly be assured that it will still be there, undisturbed, when you come back from break.  Having many roommates in the past with security clearances, I never worried for a second about leaving money or valuables around out in the open. I may have worried if they would clean up the kitchen after fixing dinner, or vanishing for days on end, but I never worried that they would steal from me.  I granted them an automatic level of trust that most keep within close family members.

And maybe that’s the problem.  In spite of all the security, and in spite of all the rules and security procedures, it doesn’t mean a thing unless people can operate with even a normal level of caution.  In my corporate environment I would never turn over my password to anyone, system administrator or otherwise.  But if I was back in the classified world, inside that insular level of trust, I can’t be sure how I would react.  And the fact that I would even question that is the problem.

Related articles

• Snowden Reportedly Used Others’ Login Info To Get Secret Data
• NSA Snowden Leaks Show Why Passwords Should Be Strictly Protected

Snowden’s Snow Job and Left-Right Inconsistency

Well it looks like the government finally went ahead and filed charges against Edward Snowden under the Espionage Act.  To me, that’s good news, although I think the odds of the US ever getting its hands on Snowden again are vanishingly small.  I’m pretty sure that Snowden will get to stay somewhere, whether it’s in China,  Iceland, or  Russia, where he is now.  Putin made a sanctuary offer to Snowden.  I’m pretty sure there are plenty of folks in Russia’s intelligence services that would love to sit down with Snowden and have a chat.

When I wrote about Snowden’s release of classified information a few weeks ago, I was reveling in the liberal hypocrisy that saw nothing wrong about these NSA programs, even though similar disclosures during the Bush era sent the left into a state of rage overload.  But I shouldn’t have laughed so quickly. As more information about Snowden came out, the right began to anoint him a hero.  How could the same people who (rightly) called Bradley Manning a criminal now call Snowden a hero and patriot?

Snowden violated his nondisclosure agreement, released classified documents to a foreign newspaper, and then promptly fled to Red China, where he revealed the extent of US spying on China, and then off to Russia.  That sort of description usually describes a hero to the left, not the right.  But I was pilloried on political forums for simply pointing out that Snowden betrayed his country…by the right.

That could have just been my own anecdotes that have no bearing on the national conversation, except the switcheroo is made clear in polling.  More Democrats support the phone metadata program than Republicans.

That tracks pretty closely to whether Americans think Snowden was right or wrong to release information on the NSA programs.  Democrats think Snowden was wrong by 49% to 39%.  Republicans?  They think Snowden was right 49% to 38%. Besides the embarrassment I have that most of the right now supports a traitor, it makes clear that for most people, they are supporting their team, not necessarily their principles.  I’ve always prided myself on my consistency, but I didn’t really think I was that unique in being supportive of principals rather than whether the other guy was wearing a red shirt or a blue one.

I will have to reconsider that.

Related articles

• Edward Snowden’s a Hero, All Right – to China and Russia

Can You Hear Me Now? The NSA Can

This week’s revelation that the NSA was collecting telephone external data from Verizon, and apparently the other phone carriers as well seems to have freaked both the left and the right.  I didn’t exactly find myself shocked and surprised, or at least no more than Captain Renault was shocked to find out there was gambling going on at Rick’s.  James Bamford’s The Shadow Factory has been out for years so Glenn Greenwald’s article in The Guardian really shouldn’t have been that surprising.  The outrage is another matter.

I’ve no doubt that Greenwald was outraged and incensed, however Greenwald is that rarest of creatures, a consistent and honest leftist.  As a frequent participant on political web forums, I got a great deal of entertainment from the more common type of leftist: the partisan hack.

Usually when a media story is broken with the shocking news that President Obama has not only continued President Bush’s national security policies, but has built upon them, the typical reaction of the left is either dead silence or mumbling.  This story was unique in that it was too big a story for our media gatekeepers to sit on.  However it’s hard not to notice that this story came out of a British newspaper, not an American one.  Did the whistleblower try shopping this to an American news outlet only to be met with a lack of interest in anything that might demonstrate the hypocrisy of Obama?

So when the story is too big to be ignored, how does the typical leftist partisan hack react?

Blame Bush.

Now the program did begin in 2006, well into the Bush administration, but it wasn’t an out of control railroad, that Obama was helpless to stop.  The legal basis is the Patriot Act, which has been renewed twice during the Obama administration, in 2009 and 2011, and the actual program is renewed by the FISA Court every 3 months. For those leftists who voted for Obama expecting him to immediately roll back the Patriot Act; well sorry to disappoint.   But more than disappointment is the inability to accept that their guy is supporting this program.

For the conservative side, there is a tear (as is often the case in these instances) between the libertarian side and the national security side.  But this is exacerbated by the timing.  The revelation of this NSA program is on the heels of three administration scandals in a row, Benghazi, the bugging of AP and Fox reporters, and worst of all, the IRS scandal.  I say worse because the IRS scandal feeds directly into people’s fears of the legitimate arms of government being usurped for illegitimate ends.  In the same way that the IRS targeted Tea Party groups, their donors, and gave protected information to other adversarial political groups for the purpose of intimidating opponents, it’s easy to see how the phone metadata for every American could be misused if the administration wanted to use that information against their political opponents.  I think the reaction on the right would have been much more subdued if there were no IRS scandal currently in the news pot.

For myself, I don’t find myself bothered by this program at all.  The information we are talking about is basically everyone’s phone bill, which is information that most Americans invite the garbage man to read every month. Within the political class, there is little taking advantage of the revelation of this program to cull some sort of political advantage.  The Senate Intelligence Committee seems united in supporting the program.

For people who are outraged that their privacy is being violated, well come back to me when you have a similar outrage against Google Earth or the Income Tax.  We routinely detail much more personal and private information every year and send it to the government than is available in these phone records.  I think it’s a far greater invasion of privacy for the government to know where every single penny I earn comes from than if I called Papa Johns to order pizza 4 times in the same week.

Now Prism?  That’s another story…

Related articles

• George W. Obama Photo Goes Viral: Mocks Obama For NSA Scandal, Executing Bush-Era Domestic Spying Tactics
• NSA surveillance scandal: Barack Obama’s credibility under scrutiny like never before