NSA Spying Scandal – An Analysis

NSA Logo

NSA Logo

Like a lot of people, I’ve been following the NSA Spying Scandal closely. In fact, I’ve been following it for several years, since before I first ran into Barrett Brown. Seriously. The leaks about go back a long way, and most writers appear to have missed the implications.

When Did The Leaks Start?

Now that’s a damned good question. I’ve been hearing bits and pieces for a long time. I didn’t keep track of all of them, or when they hit, but the leaks about Internet spying go back to the middle Nineties.

In other words the leaks appear to have started just after the World Wide Web got popular, which also appears to be the time that the NSA started trying to vacuum up everything happening on the web.

Coincidence?

Probably not.

There were earlier leaks, about other programs. Information about Operation Ivory Bells, the tapping of Soviet telephone cables, has been covered in a variety of books. There’ve even been television shows covering how the NSA monitors telephone traffic on overseas cables.

Going further back, everyone knows about the Bletchley Park code breakers, and how they broke the German codes during World War II, while also getting information about German actions from the fact that there were radio transmissions from certain places. Think Metadata.

The Germans were doing the same, and attempted to limit the information that they were giving out by using wired communications whenever possible. During the Dieppe Raid, the telephone wires to the Pourville Radar Station were cut by RAF Flight Sergeant Jack Nissenthall, a radar specialist, to force the station to use radio transmissions to pass sightings. The information from the radio transmissions gave the British valuable information about German radar capabilities.

What the NSA has been doing is a logical extension of what the British were doing during World War II (along with the Americans, Germans, Italians, Canadians, and Japanese).

Whether or not the NSA’s actions are legal, is something that the American courts will have to decide. In my opinion the actions aren’t moral.

So Why Am I Just Hearing About It Now?

Because you haven’t been paying attention.

Think about what Google does, and tell me that you are surprised that a United States Government Agency, with more money, and no need to show a profit, can do the same thing only better.

What Are The Implications

Now we get into the fun stuff.

The leaks about the NSA programs have been going on for a long time. Edward Snowden is only 30 (born in 1983). He’s too young to have been involved in the earliest leaks.

Nor does he appear to be all that bright. He appeared to think that the United States Government would either ignore him, or give him a pat on the back. Yeah, right.

One thing that a lot of people have commented on. Snowden shouldn’t have been able to access this information. What if Snowden used the NSA’s own tools against it?

Then there’s the NSA claiming it can’t search its own emails… Gotta Lotta Gaul?

Let’s look at some possible situations.

  1. You are working on Industrial Espionage. You need access to your competitors emails, etc. Why not get someone working inside the NSA? Just think what Microsoft could do with an idea of what Apple is working on!
  2. You are working for the Deuxième Bureau, and need information on Libya. Get someone inside the NSA and voila!
  3. You are a politician, and need that extra edge to win an election. Get one of your workers inside the NSA… Remember Richard Nixon and the White House Plumbers?
  4. Just think of the blackmail possibilities, if you have someone inside the NSA. All you have to do is come up with some plausible way to have found the information off-line, and the target would never know what hit them.

The above might sound off the wall. Might. Think of Kim Philby. How about Jonathan Pollard? Or Vladimir Bogdanovich Rezun aka Viktor Suvorov? Never mind Richard Nixon.

The Americans have no way to know how many baddies have gotten into the system. They think that Snowden is bad. Well, he is. At least for the impact he is having on their spying scheme.

But Snowden didn’t try to use the information for his own benefit. There almost certainly are people who will use the information they are exposed to for their own benefit. The Washington Post claims that over 4,000,000 people hold Top Secret clearances in the United States. That’s about 1.3% of the American population, or 13 out of every thousand people!

There’s no way that the Americans can be certain that all 4,000,000 people who have been given a Top Secret clearance are reliable. In fact we know that there are a lot that aren’t reliable. Remember I mentioned that leaks had been going on since the Nineties, before Snowden hit puberty?

Most of these people holding Top Secret Clearances wouldn’t have access to the information Snowden leaked. Most of them probably have access to little more than the general public. Probably. Since the United States Government won’t even tell Congress the details, it is impossible to be sure. There could have been hundreds of huge leaks in the past, which the United States Government knows about, but which they aren’t talking about.

We know there were leaks. Consider H. B. Gary, and the information that Anonymous pulled from their mail server. What we don’t know is where all the leaks were, and the NSA won’t know that either.

Let’s say I’m doing a bit of Industrial Espionage, while working for the NSA. I get access to emails from the target company, then pass it along to my corporate handler, and that allows them to produce a product before the target company can get its product on the market! Will the NSA know what happened? Not if everything was handled off-line.

Now just think of all the times when a couple of companies come out with similar products, at the same time. Some of them are coincidence. Some of them are based on listening at the right time. Some of them, well, maybe the NSA had a helping hand without knowing it.

Someone Always Cheats

Remember that. Someone always cheats. The NSA and its huge spying program is the most fantastic opportunity for cheats, ever. I can guarantee that there are a lot of people trying to use it, in ways that the United States Government would never approve. I can also guarantee that the United States Government hasn’t got a hope in hell of stopping them.

This was, and is, a spectacularly stupid program. Whoever approved it, should have been institutionalized. Because they are (and were) totally insane to even think of doing this.

That they have managed to enwrap most of Corporate America in their scheme, is even worse. Right now every other government on the planet has to be re-considering ever using American software FOR ANY REQUIREMENT. Every government on the planet has to be re-considering the use of any American web site FOR ANY REASON.

Corporations have to be doing the same thing. If the United States Government has managed to install back doors into Windows, which appears to be the case, then what if your competitor finds the back doors, and you don’t? Simple. Your company is dead.

Effectively the NSA may have killed Microsoft, Apple, Google, Yahoo, for that matter the entire American computer hardware and software industries.

Oh, it won’t happen overnight. But there are a lot of people looking at things right now, deciding what to do, and they aren’t at all happy.

The upside is that this is a huge opportunity for Free and Open Source Software. Richard Stallman looks ever more like a prophet whose time has come.

Regards

Wayne Borean

Monday September 9, 2013

 

About these ads
This entry was posted in Anonymous, Apple, Computers, Free Software, Groklaw, Justice, Law, Legal, Microsoft, Open Source, Politics, Privacy, Security, Technology, Windows and tagged , , , , , , , , , , , , , , . Bookmark the permalink.

14 Responses to NSA Spying Scandal – An Analysis

  1. tycheent says:

    Wayne,
    I’d tend to agree with most of what you said. One thing that I might insert is that ANYTHING you put on the Internet you have to consider will be taken by someone. There are some safeguards – corporate drawings, for example: Don’t include ALL the information and don’t do them to scale. That puts the idea out there, but not the actual implimentation. Schneler has suggested an ‘air gap’ between critical information and anything connected to the Internet, and in that I agree, entirely.

    However, the basis for the NSA vacuuming of everything is flawed from the beginning. If you don’t put it on the Internet, then it can’t be scooped up. And believe me, any but the dumbest of terrorists understand that. Hence the use of couriers and postal services – where messages are decoded by one-time pads. Examples of this can even be seen in fiction, such as the books by Tom Clancy.

    There is a lot to be said for ‘instant communication’. But security is NOT one of them. And that’s what the NSA is missing in their program. They’re relying on Signals Intelligence (SIGINT), where most of the real material that they want is being passed by Human Intelligence (HUMINT) methods. That is, IF their avowed purpose is actually to try to catch terrorist activities. IF, however, their purpose is more nefarious – that they’re actually trying to use their program as a method of controlling the population (American and other), THEN it makes sense.

    Craig
    Tyche

    • Wayne Borean aka The Mad Hatter says:

      I think you may have missed some points. Yes, keeping stuff off the internet is the only way to keep things private. Better yet, never write it down, and never tell anyone about it.

      And yes, I agree that the NSA program makes George Orwell’s 1984 look tame.

      The problem is that the program is going to have the opposite effect of what the NSA and the American Government wanted. It is going to kill American software development. It is going to kill American firms. It is going to drive Free and Open Source development to a level that will kill the program.

      Then what does the NSA do? When everyone is using 1,024,000 Key encryption for all communications, when everyone is using operating systems and application programs that are fully open and heavily checked for holes, the NSA is dead. I estimate no more than five years until security hits a point where no one can crack it.

      Just think of the number of bankruptcies we are going to see. Booz Allen Hamilton, Microsoft, Google, Apple…

      You can say bye bye, to the American economy.

      Wayne

  2. tycheent says:

    OK, I was thinking short term and defensive. Not that I missed the point, but that I saw it from the standpoint of how those that would do harm to the country would think – at least the smart ones.

    As to the government killing American software development, I don’t think so. There are too many ‘kids’ out there who are interested in programming, and they aren’t ALL going to move to another country. Besides, where would they go? NSA is America. But GCHQ is Britain. And many other countries that have programmers also have the equivallent problem. What I see is American programmers going underground a bit, and fixing up the NSA’s own SELinux so there aren’t any back doors or holes and using it agains them.

    Will it affect commercial software development? You bet your britches it will. Some, like Microsoft and Apple will go down. Others will see the handwriting on the walls and deside to play a different game. Red Hat has shown them how to make money off of support. Google has shown them how to make money off of advertising, and using open source software as the backbone of it.

    And as far as the American economy – or the world economy, for that matter – it’s already in the trash can, thanks to the manipulation of banks and corporations. It’s not going to recover until lobbying is made illegal, corporations are taken off the ‘same as a natural born human’ status (personhood), and banks and the stock market are brought under control.

  3. Wayne Borean aka The Mad Hatter says:

    As to the government killing American software development, I don’t think so. There are too many ‘kids’ out there who are interested in programming…

    You’ve missed the point. It doesn’t matter how many kids are interested in programming, if the rest of the world boycotts American software. The United States has about 330,000,000 citizens, out of a world population of 7,000,000,000 people. It is a tiny market.

    Besides, a lot of American companies will boycott American software too. Remember Google banning Microsoft Windows for internal use? Think Google knew about the NSA backdoors? You really have to wonder…

    Add this to the banking problems, and the economy is really wrecked. That doesn’t even take into account the lack of participatory Democracy in the USA.

    Wayne

    • tycheent says:

      “. . . if the rest of the world boycotts American software.”

      That’s a BIG ‘if’. It could go the other way, IF enough software corporations wise up to what’s happened, and decide that NSA is not the only game in town. And . . . I’ll admit that that, also, is a big ‘if’. Which leads to:

      “Besides, a lot of American companies will boycott American software too.”

      Yes, some American software will be boycotted. Like Microsoft. Like Apple. Like those that are married to the old formula of ‘make it proprietary and people will have to pay a premium to use it’. But the ones that change their methods (remember, IBM did that, way back when) will continue and flourish. And those are the ones that will drive the software industry in the future.

      Banks – well, financial institutions – drive the stock market. The stock market drives major corporations. Major corporations drive the politicians. As long as the whip is in the hands of the financial institutions – banks, hedge funds and private equity – AND the corporations are allowed to buy politicians and elections the economy will remain wrecked. The use of computer buys and sells should be outlawed. The use of ‘campaign contributions’ should be declared as bribing politicians. These aren’t the only connections in society that are bad – religions getting into politics and news media being bought are another factor. But certainly, closing the loopholes that allow the indiscriminate manipulation of the American and world economy HAS to stop before the rest can be addressed.

      • Wayne Borean aka The Mad Hatter says:

        That’s a BIG ‘if’. It could go the other way, IF enough software corporations wise up to what’s happened, and decide that NSA is not the only game in town.

        Ah, so you are suggesting that they break the law? Because they are legally required to include those backdoors. They don’t have any choice.

        Banks – well, financial institutions – drive the stock market. The stock market drives major corporations. Major corporations drive the politicians. As long as the whip is in the hands of the financial institutions – banks, hedge funds and private equity – AND the corporations are allowed to buy politicians and elections the economy will remain wrecked. The use of computer buys and sells should be outlawed. The use of ‘campaign contributions’ should be declared as bribing politicians. These aren’t the only connections in society that are bad – religions getting into politics and news media being bought are another factor. But certainly, closing the loopholes that allow the indiscriminate manipulation of the American and world economy HAS to stop before the rest can be addressed.

        This is a separate issue. It could probably be fixed by simply making campaign contributions from non-voters illegal, with non-voters being defined as those who are not eligible to vote. That limits campaign contributions to legal citizens only.

        Of course that’s too simple an answer…

        Wayne

        • tycheent says:

          “Ah, so you are suggesting that they break the law? Because they are legally required to include those backdoors. They don’t have any choice.”

          There comes a time, in the life of a human, when it is necessary to stand . What you refer to as a law is illegal and unconstitutional. It may also not actually be a law, but an ‘edict’ handed down by a court (and courts are not supposed to create new law).

          And, there’s a way of dealing with that problem of their wanting a back door. Create a ‘honey pot’ and allow them into that. It could even be baited with some interesting files, encrypted with AES 256, which, when unencrypted, are nothing more than the complete Constitution and Bill of Rights. It might reming them of what they’re supposed to be doing.

  4. tycheent says:

    Wayne,
    Your link to the National Post (http://fullcomment.nationalpost.com/2013/09/10/jesse-kline-the-nsas-undemocratic-push-toward-a-digital-surveillance-state/) was interesting. I’ve read something similar, recently, though I can’t remember where. They do make a good point, though. The NSA needs to go away. I’d add that such laws that were passed that allowed the NSA to at least THINK they were acting legally also need to go away. And yes, American companies need to take a stand – starting by acknowledging that they made a mistake by putting Americans at risk by allowing the back doors for the NSA, and then doing something about it by switching to open source software without the back doors. They also need to stand up to the NSA and whoever they use as a cutout (I’m talking about you, FBI), by telling them that the National Security Letters are an illegal document, and doing that telling publicly. One court has already declared that they are unconstitutional and unenforcable. Their argument is that it’s a war on terror. Well, it is, and they’re providing the terror.

  5. BentFranklin says:

    Whether your bogeyman of choice is George Soros or the Koch brothers, that kind of money buys you private security with ex-mililtary personnel who have ties to people in positions to get information NSA has collected. Is that what we want?

  6. KG says:

    Nor does he appear to be all that bright. He appeared to think that the United States Government would either ignore him, or give him a pat on the back. Yeah, right.

    One thing that a lot of people have commented on. Snowden shouldn’t have been able to access this information.

    I just want to point out that neither of these claims about Snowden are correct, and are easily refuted by reviewing his public statements, etc. When Snowden’s identity was first revealed his words made very clear that he understood the legal risks, the expected vilification and character attacks, and possibility of his assassination or rendition. See the first Guardian video.

    Secondly, Snowden was a systems administrator (that means he’s responsible for the security and upkeep of systems holding classified information) and infrastructure analyst (that means he’s responsible for thinking of ways to break into enemy systems and ways that the enemy can break into ours). Systems administrators of all people traditionally have the most access. If he had the clearance, then why shouldn’t he have been able to access this information? It was part of his job description.

    Otherwise, good post. =)

    • Wayne Borean aka The Mad Hatter says:

      It has been an interesting couple of months. Since more information has come out, on what Snowden did, I’ll agree with you. His position put him in a position where he had access. Whether he should have been in that position – whether a contractor of any sort should have that sort of position, is another issue.

      As to my comment on him not expecting the level of response from the U.S. Government, it still doesn’t look to me that he really understood how bad things could get.

      Still, it took a lot of courage to stand up, and follow what he thought was the moral path. Courage that most people wouldn’t have had.

      Wayne

  7. jon jones says:

    BOYCOTT USA

    ALL PRODUCTS NOT JUST TECH

    WAKE UP WORLD THIS PROBLEM IS HUGE

    It is very simple to fix this whole problem, and that problem seems to always be the USA. Everyone in the world and even the USA needs to boycott itself. They also need to know where there data is going and ensure servers that do not touch USA. This is very simple to do but does have a cost.

    The alternative, do nothing. If you do nothing, you may ask what is the USA doing with your data. They are using it to make money plain and simple. It is not for terrorism or any other grand adventure. It is to take the worlds money plain and simple just like playing poker and knowing your opponents hand. If a company is ignorant enough to not secure their business without the USA and NSA spying, then using them is a sure fire way of destroying your business by espionage and stealing.

    Microsoft has back doors to all its products. This includes getting rid of all microsoft products like windows and replacing it with Linux. People around the world should start writing for open source code to help linux work for the world. All companies should provide tech support and drivers for Linux.

    Cisco routers have back doors to all their products and allow the USA companies in the know to learn secrets to your business.

    This does not mean simply just use new encryption software. These companies built back doors and even your best encryption is not safe. Worse anyone can access your networks once the back-doors are released to the hackers.

    Once trust is lost it is lost forever, and these corrupt American companies do not deserve another penny. They got funding from the USA government to take your information, and what should piss you off is they have it all right now. You have to change the game of your world business today.

    Educate the next generation and your business partners. No companies in the USA on your servers period. Boycott Microsoft, Skype, XBOX, Verizon, Google, Cisco, Apple, Facebook, Yahoo, AOL, Level3, Paltalk and there are 50 companies total so far look them up.

    Follow the work of the BRICS nations (Brazil,Russia,India,China,South Africa) and Europe and start to build a wall around the USA. Even Australia, you need to switch sides and abandon the USA for good. For every dollar you refuse the greater the world becomes and the more money you keep in your pocket. This includes, don’t forget, boycotting the rest of all businesses in the USA. Make the USA hurt until it turns against itself and stops screwing with the world.

    Sincerely,

    Pissed On So Many Levels

    • Wayne Borean aka The Mad Hatter says:

      It isn’t just Windows – MAC OSX also has NSA backdoors.

      You’ve got to consider this the greatest FL/OSS developmental program ever. That may not have been the American Government’s intentions, but it is the obvious response.

      Wayne

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s