Fire Your Congressperson
It’s 9 days to the screening exam, so I can’t write about this story yet (also here). But it deserves to be the top story, everywhere.
Bruce Schneier writes about it here, here, and here, and there’s a speculative technical version of the story here.
One of the recent bombshells regarding the documents leaked by Snowden is that the NSA had basically subverted large swaths of the Internet. Some important bits:
- A 10-year NSA program against encryption technologies made a breakthrough in 2010 which made “vast amounts” of data collected through internet cable taps newly “exploitable”.
- The NSA spends $250m a year on a program which, among other goals, works with technology companies to “covertly influence” their product designs.
- The secrecy of their capabilities against encryption is closely guarded, with analysts warned: “Do not ask about or speculate on sources or methods.”
- The NSA describes strong decryption programs as the “price of admission for the US to maintain unrestricted access to and use of cyberspace”.
- A GCHQ team has been working to develop ways into encrypted traffic on the “big four” service providers, named as Hotmail, Google, Yahoo and Facebook.
I need to be clear about this. This is irresponsible behavior on an incredible scale. This needs to be stopped. The potential for abuse by governments is enormous… but even if you trust the U.S. government you need to understand that the NSA is engineering weaknesses into the software that you use, every day, to enable them to possibly, maybe, someday, listen in on some bad actor’s communications.
They do this at the cost of fundamentally weakening the security in a way that can be exploited by other governments, or individuals.
If you put a back door in BitLocker, it’s only secret until somebody finds out about it. And as good as the NSA is, there are people with software skills and engineering chops and logic analyzers and lots of spare time on their hands who have a very large incentive to find these exploits.
Technical people see them, all the time. I’m on the security announce list for four major operating systems and numerous distributions, and there are security vulnerabilities announced every week. They’ve been announcing them for years.
It’s almost a statistical certainty that some of those exposed bugs weren’t mistakes, but deliberate attempts to engineer weaknesses into important pieces of software that have cost the information technology sector likely hundreds of millions of dollars of work-hours to bring down working systems, patch them (probably in many cases with software that has a new exploit in it), and put them back on the network.
I posted voting records about the Patriot Act and the NSA warrantless wiretapping program back at my old blog for years. As I mentioned before, here at the League, I’ve been following the story of the U.S. government’s sustained attack on the Internet’s security for a decade now. A lot of it has been speculation.
We now know that the speculation hasn’t even been the worst-case. As Matthew Green said in his blog post:
All of this is a long way of saying that I was totally unprepared for today’s bombshell revelations describing the NSA’s efforts to defeat encryption. Not only does the worst possible hypothetical I discussed appear to be true, but it’s true on a scale I couldn’t even imagine. I’m no longer the crank. I wasn’t even close to cranky enough.
I was crankier than Matt, and I *still* wasn’t cranky enough.
This is important. This is more likely to affect you – to already have affected you! – than you realize.
There’s not much to say, except to agree – this has to stop.Report
I would love to see the source code. Well… I’d love for a handful of people I know to see the source code.Report
But why would I want to fire my Congressperson? I like Rand Paul.Report
You can fire your congressperson, sure.
But is the next guy clean?
We’re talking “didn’t get an abortion” clean,
and we’re talking “no sexual perversions” clean too.
… because the NSA is stealing Hoover’s shtick.
The NSA has wrecked large portions of the American IT business.
Snowden did the whole “sunshine” thing, so the NSA isn’t
protecting him, like they did with everyone else who sold secrets.
Stuff like this is why Wikileaks exists.Report
Well, the most important thing Congress can do lies in the selection of the next NSA directory, who must be competent and trustworthy because he’ll wield the ultimate power in an information society, able to make and break Congressional candidates before their hardly out of college. I’m thinking someone like Karl Rove, who has the political wisdom and experience to make sure abuses don’t happen, or someone from completely outside the government arena like Charles G. Koch.Report
Now I know you’re just trolling.
I’ll refrain.Report
What, you’d prefer to turn control of the NSA over to Valerie Jarrett or Rahm Emanuel?
Remember, when the NSA was secret, boring, and politically irrelevant, listening to phone calls between East Germans and Russians about vodka prices, nobody in Congress cared who ran it as long as they were a boring but effective administrator content to never be seen in public.
Now that job is the Iron Throne and whoever sits on it will hold the keys to the kingdom, as long as their someone strong enough to wield the power for good, bringing about the well-deserved destruction of the political influence and power of those whose ideologies make them unworthy of holding it.
Given how Congress operates, the nomination and approval of the next nominee to sit in that chair can produce nothing else.Report
George,
Neither Valerie Jarrett nor Rahm Emanuel are known blackmailers.
I’m not setting a particularly high bar here, nor is it a partisan one.Report
No, George, the right way to solve this problem is for the Court, or the Congress, to do their jobs and realize that this is clearly extra-Constitutional activity and it needs to be stopped.
The NSA needs to have their mandate revisited and de-scoped severely. They need to be forced, legally, to stop circumventing commercial equipment. They need to be forced, legally, to stop interfering with cryptographic product development.
The networking monitoring closets at the COs need to be removed. The Utah facility needs to be closed or completely repurposed. Companies need to have the law support their refusal to collaborate with the NSA, and they need to be punished with extreme prejudice when they do so anyway.
Really, people probably ought to go to jail, but I’m realistic enough to admit that won’t happen.
The NSA is a product of the cold war. “Blow up the entire agency and start over” is probably the least-bad option at this point.Report
Well gee, then what good are they? The Democrats will have to nominate someone else.
Leaks from former NSA officials have already said that they had lots of personal information on most of the judges sitting on the FISA court, at least one Supreme Court Justice, a black Senator from Illinois, and a host of powerful DC lawyers.
Other leaks indicate that when they want a high official burned the FBI just happens to stumble across a lead, such as happened with General Petraeus or many other cases, and that government agencies have to spend a lot of time creating a plausible investigative backstories to explain why they were even on a case, sometimes tipping off tabloids to scandals they were missing. This is similar to the IRS constantly leaking private financial information to favored parties, such as they did with Mitt Romney.
Grendel is already roaming the kingdom, devouring heroes and eating their flesh. The question is which group will be smart enough to get Grendel to attack and eat only their enemies instead of just eating people to feed Grendel’s own stomach.Report
Patrick, there’s just one problem with your wishes.
It’s exactly what the NSA would want, too.
The NSA works by remaining secret so nobody thinks they’re being monitored. Now that they’ve been outed by all the leaks, the best thing they can do is publicly destroy all their eavesdropping equipment – and keep right on eavesdropping from a different set of locations, using a different set of equipment, completely ignoring an even stricter set of guidelines.
Trapping Grendel back in its cave is harder than it appears.Report
George,
Two things that the NSA has been doing that they can’t get around.
1) Destroying research
2) Hacking the AES spec.
If they say that they’ve stopped it for good, and all, it’ll look mighty odd
if things still keep on exploding in the physics labs.Report
As well they should. Giving our enemies secure cryptographic communications isn’t really in our best interests. Getting them to refuse to use our own encryption schemes because they think all of them are internally compromised is brilliant.
Anyway, for a while I used Blowfish and Twofish (Bruce Schneier publishes the analysis and source code of many algorithms, so you can compile them yourself). But then I realized that I didn’t have anyone to send encrypted information to, and gee, isn’t the goal of getting on the internet to communicate with as many people as possible? On one level, the scheme is as daft as trying to build a major-circulation newspaper that nobody can actually read.
And remember, the unexamined life isn’t worth living. Obama has fixed that for you. Isn’t big government wonderful?Report
George,
Will you give me your credit card number?
Have I made my point?
Amazon depends on secure cryptographic protocols,
as does any other sane business online.
And you’ll be the first punk ass whiner when someone
steals your credit card and wipes out your account.Report
Kim: I find it more likely NSA has engaged in wide-spread key-theft (or fun little man-in-the-middle attacks using router backdoors) or certificate forgery, rather than outright broken AES or PK.
(I’m sure they can brute force AES, at least under 1k in key size, but not trivially).
The fact that the NSA seems focused on hardware backdoors seems to support the notion that they can’t break AES or PK trivially, so have gone for stealing the keys.Report
Now that they’ve been outed by all the leaks, the best thing they can do is publicly destroy all their eavesdropping equipment – and keep right on eavesdropping from a different set of locations
Yeah, uh, it doesn’t work that way, George.
I suppose they could continue to fund clandestine attempts to insert bad code into individual software packages.
But they couldn’t continue to slurp up all the traffic on the Internet without the collusion of the telecommunications companies. You need to be able to tap into the network, topologically speaking, between the points that are communicating.
Without suborning every host on the ‘net, that means putting taps on the big backbone pipes. That’s how we found out about this whole shindig in the first place.Report
morat20,
go pull the spec. the NSA broke the fucking spec, not AES itself. The standard is broken, and the standard is wrong. Actual AES is not supposed to have fields always set to zero, like the NSA sponsored spec has it.Report
It is unlikely that the NSA has in fact broken AES. That “breakthrough” bullet point is old news.
It is possible that they can brute-force a RSA-1024 bit key.
It is unlikely that they can break AES, itself.
Based upon this report, I’d guess that it is very likely that most commercial implementations of AES are broken, but not at the level of the math.Report
go pull the spec. the NSA broke the fucking spec, not AES itself. The standard is broken, and the standard is wrong. Actual AES is not supposed to have fields always set to zero, like the NSA sponsored spec has it.
No, they didn’t break the spec. They tried hard to weaken it, and still suggest ridiculously small ‘effective’ keys, but AES is perfectly acceptable as long as you utilize a key of a given effective length.
They have pushed — and some companies have folded — to have ‘default’ AES with effective key lengths as low as 24 (but claimed to be 256 or even 512), but again — that’s social engineering type stuff. They’ve suborned companies.
But AES is solid. PK is solid. You can implement anything crappily, which the NSA seems to be happily trying to convince businesses to do.
Again — they are focused on key theft and hardware backdoors and weakening AES implementation which is heavily suggestive that AES and PK implemented properly are not trivial obstacles.Report
You can implement anything crappily, which the NSA seems to be happily trying to convince businesses to do.
Absolutely wrong.. The NSA would appreciate it if you would tighten up your security. Every line of SELinux is open source. They’re not hiding anything from you.Report
I’m at the point where anyone saying that they’ll disassemble the NSA would get my vote (for president at least. not gonna vote the mayor in…)Report
NSA has some fine mathematicians. They’ve probably gotten into RC4 but I don’t think they’re into AES256.
Here’s the problem. RC4 is a stream cipher. It has to be fast. It’s also trivial. Anything still reliant upon RC4 can be pwned. But it’s still around, precisely because it is simple and fast. As the more mathematical / software oriented among us can attest, “random numbers” generated by a computer usually aren’t as random as you might think. Any cipher reliant upon them is suspect. If you understand how the “random” numbers are generated, they’re not random any more.
But there are ways to generate truly random numbers
When I teach software application security, I use the story of the Three Little Pigs. We can fast forward past the first two pigs and examine the brick house. Though the Big Bad Wolf huffed and puffed (brute force attacks) he couldn’t blow the house down.
Here the story gets interesting. The wolf climbs up on the roof and starts coming down the chimney. The pigs light a fire and burn the wolf. The pigs were not saved by the brick-ness of the house. They were saved by being observant, knowing if the wolf was on the roof, he was headed for the chimney. There’s always a chimney. You can’t close all the openings, much as you might wish it were possible.
If the NSA is doing anything, they’re looking at all these cheap-ass encryption methods coming down the wire, observing each one. These busted-ass ciphers are everywhere. No cipher lasts very long, maybe five years at most. Good encryption is available.
NSA is not the villain here. NSA would very much like you to use their SELinux contribution and secure your damned box more effectively. You are not on the NSA’s shit list. They’re listening for the Big Bad Wolf on your roof, too. You do have real enemies out there, criminals who would like to host a bot on your machine and control it from anywhere in the world. Who do you think NSA is trying to attack here? You, taxpaying American citizen? Don’t be so stupid. We are being protected from threats we can’t even imagine, most of us. If NSA has gone overboard, the courts have let them.Report
You are not on the NSA’s shit list.
You can’t weaken fundamental protocols… and not simultaneously *also* increase security vulnerability attack space, Blaise.
Essentially, the NSA is making a massive security trade-off decision, on your behalf… where “you” is “well, everybody”.
A weakness in, say, SSL puts potentially *everybody* on the Internet on the “potential collateral damage list”. Because the NSA cannot guarantee that these backdoors that they create won’t be found by somebody else and leveraged, possibly into a class break.
Remember the Sony Rootkit debacle? Where Sony warezed everybody who stuck one of the Sony BMG audio CDs into their autoplay-enabled CD drive and installed, effectively, a rootkit? The security community was in an uproar over that not because Sony was trying to protect their IP… but because the rootkit could be trivially leveraged by hackers.
This is woefully horrible security practice. You do *not* weaken domain-wide security protocols in order to make it easier for you to crack them when you feel you might need to do so, some day. The unintended consequences are enormous (and, in the case of the NSA… the consequences are almost entirely borne by… hey, US. As in, you and I).Report
Nobody weakened RC4. It was examined and it’s broken. Yet TLS still uses it. Why is this so? Because NSA inserted something into the Confungulator Algorithm?Report
R2D2 is not weak. That little dude kicked my ass once. Mean drunk. Mean, mean drunk.Report
Don’t take it personally. R2-D2 was just pissed at that robotist Mos Eisley bartender who wouldn’t serve your kind, and needed to take his aggression out somewhere.Report
And probably people from other countries as well. I use Amazon and Paypal as well. I don’t want people hacking card detailsReport
And I’ll tell you something else for free, the communications between Google, Microsoft, et al, are not one-way traffik into the Central Scrutinizer. It’s two-way. NSA is acutely aware of the threat posed by an attack on the Microsoft ecosystem and has taken measures to deal with it. Apple, too, more than likely. The cell phone infrastructure, routers — do you really think your crummy ISP will defend you? They can’t even keep spam out of your inbox most of the time.
Other nations have the luxury of authoritarian governments which build massive firewalls. A firewall can do more than block requests for photos of Tank Man. It can stifle inbound attacks as well. We don’t have such firewalls in the Land of the Free. The Internet was not designed with security in mind. It was dreamed up by a bunch of idealists who wanted a better way to footnote scientific papers.
All the grumbling, suspicious hobbits out there might not like the idea of Rangers on the borders of the Shire. Those Rangers are needed, nonetheless. I do not like the idea of NSA trawling the communications infrastructure willy-nilly. The judiciary ought to rein them in and keep them on a short leash. But we face real enemies as a people and a nation. As surely as we need police and firefighters, we need something like the NSA to keep a watchful eye on our chimneys. You can’t do it. Your ISP can’t do it. You have a role to play in this, yourself.Report
This is not Rangers. This is the freaking Watchers at Cirith Ungol. This is the Eye of Sauron. This is the government having the capacity to know everything you say and do online, and deliberately making it easier for anyone else who understands computers to get that information too.
This is dystopia, and most people don’t even CARE any more – and since we live in democracies, if the preponderance of people don’t care about it, then there’s nothing we can do to stop it.Report
But we face real enemies as a people and a nation.
Well, let’s say one of these bugs leads to something like this.
Are you statistically more likely to be killed by a power outage or a terrorist?
As surely as we need police and firefighters, we need something like the NSA to keep a watchful eye on our chimneys. You can’t do it. Your ISP can’t do it. You have a role to play in this, yourself.
Let’s say my role to play in this would be a lot easier if the government wasn’t going around making it harder.
If you want to talk about the woeful state of host security on the Internet, let’s talk about that.
If you want to talk about providers getting their shit together, we can talk about that, too.
But seriously, Blaise, there’s now a documented track record of the NSA inserting vulnerabilities into software to make their job easier. That makes my job harder.
Putting in a vulnerability that enables you to do a man-in-the-middle attack on an SSL implementation running on IIS so that you can eavesdrop on communications between “somebody” and Citibank’s web site also enables anybody who tries hard enough to use that same attack vector.
The U.S. technology industry has a terrible track record of keeping up with security problems. Introducing more security problems (or failing to announce ones that you find) because they might be useful to you someday completely ignores how many people are in the black hat community.
It’s not helping protect the Internet.Report
The government is making it harder — how? Which part of government? Your complaint is not with NSA but SCOTUS. Get them to overturn Smith v Maryland. I’m really getting sick of repeating it: NSA is doing its job. Don’t like them doing it? Get the courts to tell them to do it differently.
For all the horrors of Mordor and the great battles of Minas Tirith and Helm’s Deep, the destruction of the Ring and all that, the Scouring of the Shire awaited the noble hobbits upon their return. For Sauron’s Eye was not the only one distracted by the war. Nobody was paying attention to the Shire, which was the entire point of the Lord of the Rings, not that many people get that point, especially not in that idiot Jackson’s movie. The story did not end with the downfall of the Dark Lord. The danger was rather closer to home, as Samwise Gamgee saw in Galadriel’s mirror. I will not be hectored on the subject of Tolkien.Report
Yes, it would be nice if the Court would do its job, here. Since I can’t get a case in front of the court because they have rejected every attempt by the ACLU and the EFF to do so, I’m not going to vote for people who will give this authority to the NSA in the first place.
For what it’s worth, though…
I don’t see how you can compare what the NSA is doing, right now, with a pen register.
Because when I make a phone call, you can make the claim that I’m trusting the phone company, and thus have no expectation of privacy, from back in the day where a telephone exchange actually had an operator plugging cable A into slot B and she (usually she) could listen in by jacking her headset in there.
Okay, I think this is dubious (honestly, outright terrible presumption actually), but at least it’s an arguable position.
When I open an SSL connection on the Internet, assuming the connection hasn’t been suborned at the endpoints, the ISP cannot tell what I’m saying. The operator can’t listen in to the phone call. If I didn’t have an expectation of privacy, I wouldn’t be managing my retirement account through it.
If we have no expectation of privacy on the web, then financial companies are actually in violation of SOX. Every hospital is in violation of HIPAA. Every university is in violation of FERPA. Because we have laws that forbid those institutions from handling our data unless it’s reasonably secure.
Well, duh, it’s not reasonably secure if the NSA has carte blanche to read it.
Hey, maybe that’s the track the ACLU should take. Start a class action suit with every hospital, university, and financial institution and demand they take all this stuff off the web if the NSA can snoop on it.Report
The comparison between phone numbers from a pen register and tracking IP headers from a router is exact. I know you understand it. Wherein lies the discongruence? You have not exactly made your case that NSA is dicking with ciphers, I’m waiting for some evidence supporting that claim.
I have considerable truck with these guys.
When you open an SSL connection, you are reliant upon a stream cipher dating back to 1987. It’s been cracked open like a walnut. Nobody has furnished an iota of proof that RC4 was weakened. It was already weak. It’s not the USA gone soft on the technology front. It’s a handful of major hardware manufacturers, almost none of them American, who’ve gotten lazy.
Your expectation of privacy is nil. Get that straight. If you want privacy in a world of open protocols, you will implement it yourself. Any other conclusion is the laziness against which you so fervently speak. My clients, who include banks and insurance firms and US government agencies, know this to be true. HIPAA and SarbOx are my bread and butter. I’m not reliant upon SSL to encrypt and decrypt because I know better and if memory serves, as a computer scientist, you should know it too.Report
You have not exactly made your case that NSA is dicking with ciphers, I’m waiting for some evidence supporting that claim.
That’s a specific claim, made in those linked articles, by people who have seen more of the Snowden material than I, including at least one person who I trust not to mis-report what they have seen.
Now, you can choose not to accept that as sufficient evidence, but if you so choose, it’s unlikely that I’ll be able to pass any credibility bar that you set, unless/until the rest of Snowden’s stuff is available on the Internet, or I break into the NSA.
I choose not to go the second route, if that’s okay.
TLS 1.1 has been around for six years. You don’t have to use RC4 any more. You can use mod_ssl with Apache and use TLS v 1.1 or 1.2.
For laughs, I’ll go ahead and run a Nessus scan on a few places today and we’ll see what that turns up. If a financial institution is running SSL 2.0, knowing that it is broken, I would be surprised.
Your expectation of privacy is nil. Get that straight.
This is a very odd blanket position for a programmer who works in making secure applications for his clients to make, Blaise. Do you tell that to the people that hire you?Report
Do the majority of people care? There is a vocal group on both sides of the political spectrum that expresses genuine concern but partisan politics still plays a role. Outside the Internet, there is probably a large number of people are concerned but as far as I can see, the average American has little to no opinion about the NSA scandal or might even support it. Its irrelevant to them.Report
It amazes me that people argue against a federal gun registry because it might be misused, and then say this is perfectly okay because “terrorism”.
Because I want to grab them and shake them and scream into their faces, “There probably already is a federal gun registry! It’s in Utah, and the NSA owns it! They have a record of every financial transaction between a licensed FFL holder and the general public! If you bought a gun in the last five years with a credit card, guess what??”Report
I see it as closer to what McCarthy and HUAC were doing in the 1950s. Obviously unconstitutional, freedom of speech and association and all that, but most Americans still supported it to an extent because “Communists are bad, anti-American people.” Same principle.Report
I suddenly have a strong urge to start paying cash for my guns…Report
The internet isn’t a truck; it is a series of tubes.
And somewhere in those tubes, there are cat videos and pornography streaming all over the earth.
The government can look in the tubes, and at which cats and naked people you are tubing to yourself, which is bad.
But there is judicial oversight of the tube lookers, which is good. But the judicial oversight is weak, which is bad. But there is congressional oversight of the judicial oversight, which is good. But the congressional oversight is weak, which is bad. But the people will oversee the legislature, which is good. But the oversight of the people is weak because they are apathetic, and because the government is not being transparent, which is bad. But then again, if the problem gets more harmful to people in a tangible way, the government will have to come around, which is good.
Am I missing anything?Report
Just the latest iteration,
“Experience should teach us to be most on our guard to protect liberty when the government’s purposes are beneficial. Men born to freedom are naturally alert to repel invasion of their liberty by evil-minded rulers. The greater dangers to liberty lurk in insidious encroachment by men of zeal, well-meaning but without understanding.”
– Justice Louis Brandeis,
Olmstead v. United States
1928Report
This seems disturbing, although I don’t understand the technicalities. At any rate, good luck on your exams!Report
Fire your congresscritter? Even prior to this disclosure, the reelection rate for those guys was like 99.1 percent. THERE IS NO WAY that’s gonna happen.
There’s no way that’s gonna happen now that it’s come out that the NSA shares raw data it sweeps up with the Isrealies either.
No, America got the “system they deserved” and they are going to get it good and hard. Then maybe they’ll wake up, but I’m not putting good money on it.Report
Why would I want to fire her? She has done a great job not giving into the Dems. I’ll have to send her an email asking her to make sure we get Snowden.Report
If you’re going to participate in the comment threads on my posts, please contribute constructive comments.
If you disagree with the O.P., feel free to explain why. If you don’t believe that widespread surveillance of the domestic populace represents a problem, flesh that out. That’d be great, actually. Submit a guest post. If you think that the government collecting widespread data nets on the populace is fine and dandy, because you believe the tradeoff is worth it, go ahead and stick that stick in the sand and stand by it.
Because then if you show up three months from now on a thread about how a gun registry is a huge imposition on liberty, I’d like to link to your comment and ask you to explain the discrepancy.
If you’re just here to throw partisan grenades around, you can skip my posts and comment elsewhere on the blog.Report