"This morning I spent an hour in a closed room with six Members of Congress: Rep. Lofgren, Rep. Sensenbrenner, Rep. Scott, Rep. Goodlate, Rep Thompson, and Rep. Amash. No staffers, no public: just them. Lofgren asked me to brief her and a few Representatives on the NSA. She said that the NSA wasn't forthcoming about their activities, and they wanted me — as someone with access to the Snowden documents — to explain to them what the NSA was doing. Of course I'm not going to give details on the meeting, except to say that it was candid and interesting. And that it's extremely freaky that Congress has such a difficult time getting information out of the NSA that they have to ask me. I really want oversight to work better in this country." (Schneier on Security)
I found this story of Bruce Schneier's visit to Congress more interesting than President Obama's speech on NSA reforms. Does anyone else find it astounding that Congressmen have to ask someone who's viewed the documents stolen from the NSA by Snowden in order to find out what the NSA is doing? Does this make the NSA look like an imperious rogue agency with nothng but contempt for Congress, the American people and the Constitution? I got to know a lot of competent, caring and patriotic people at the NSA. They do an important job and they do it well. Those who insist on protecting the unconstitutional collection and surveillance activities of the NSA are doing us all a disservice, especially those good people I knew at the NSA.
Obama proposed some modest reforms to our signals/digital collection and surveillance activities. That's better than nothing and certainly better than totally dismantling the NSA. There's a lot more work to be done. The NSA and their misguided supporters are going to be dragged kicking and screaming into meaningful reform only by those who support both the NSA and the Constitution and know the technology like Bruce Schneier.
Thanks TTG! What do we know about NSA contracting out?
By labeling his effort SIGINT the President again sidestepped any discussion of Constitutional or statutory issues.
This President like many others loves secrecy and thinks he is the last bastion of thoughtful governance.
With over 2/3rds of all federal programs, functions, and activities immune to oversight by Congress or even FOIA requests, IMO we no longer have government of the people, by the people, for the people. Periodic corrupt elections controlled by the STATES and their local governments do not allow accountability for PUBLIC SERVANTS elected or appointed.
Plenty. All the intel agencies have been heavily reliant on contractors in their rapid expansion since 9-11. It’s an especially lucrative business at the top. Look at Clapper and McConnell before him. Tim Shorrock has been writing about this for years.
It seems the EU Parliament is getting the same kind of run-a-round from the ECB. Accountability?
TTG. I make it a point to read Bruce Schneier every day to keep abreast of the digital goings on with cryptography, cracking, exploits, and general security psychology.
The whole eavesdropping and interception business is a contractors gold mine. Not only is Uncle Sam’s check book totally being abused, all the massively expensive software failures are hidden, and the same rouges continue to plunder unabated by being awarded new contracts. A true used car salesman dream, customers keep coming back to buy more crap cars from you over and over.
What I feel is happening and or will happen, the primary job will turn inward to protect their domain from domestic control at all cost.
I have known Bruce Schneier and been an admirer of
his works for many years.On the topic of “security”
what it means and doesn’t mean, the extent to which
it can be achieved/not achieved,the technical, legal,
philosophical considerations, the trade-offs etc, he
is the finest mind of his generation and the most
It must have been a rare treat for a Congressional
committee to get accuracy,and clarity on the topic
This provision of vast sums to the intelligence community is turning out to be counter productive. My opinion is that budgets should be reduced to the point where decisions on where the true priorities lie have to be made. Cutting down on the empire building would be a plus. If Alexander wants to indulge his inner trekkie, he can go to a Con somewhere.
Did anyone notice this nugget from the latest issue of Schneier’s Cryptogram, found here: http://www.schneier.com/crypto-gram-1401.html?
Never mind the intelligence community, the war on drugs has you covered.
“For at least six years, law enforcement officials working on a counternarcotics program have had routine access,
using subpoenas, to an enormous AT&T database that contains the records of decades of Americans’ phone calls — parallel to but covering a far longer time than the National Security Agency’s hotly disputed collection of phone call logs. . . .
The Hemisphere Project, a partnership between federal and local drug officials and AT&T that has not previously been reported,. . . covers every call that passes through an AT&T switch — not just those made by AT&T customers — and includes calls dating back 26 years, according to Hemisphere training slides bearing the logo of the White House Office of National Drug Control Policy. Some four billion call records are added to the database every day, the slides say; technical specialists say a single call may generate more than one record. Unlike the N.S.A. data, the Hemisphere data includes information on the locations of callers.”
It’s been clear that the NSA has been withholding information from Congress, and that they have lied to Congress. This past week, they essentially admitted to targeting members of Congress.
The NSA is now expending significant resources to obscure its activities, and to try to assert that they have achieved significant successes. The results are less than compelling. The indiscriminate, widespread acquisition and retention of electronic data is proving to be an expensive, counterproductive distraction, which actively weakens the US.
Obama’s announced reforms are hardly equal to the damage done. At this point, the essential issue is how and whether the NSA can be brought under control, and can be made to operate without violating the Constitution.
NSA has become such an uncontrollable behemoth, the only way to rein it in is to dismantle it completely, and its external monitoring and security programs be re-absorbed by DoD, and the portion of The National Security Act of 1947 that created NSA be rescinded.
While I sympathize with the poster, who wishes to “save the NSA from itself” and keep the best parts to fight terrorism, he is living in an Alternate Reality.
The “useful parts” of the NSA, those that provide mass data suitable for blackmail, extortion, libel, fraud and theft of anyone, anywhere, any time, going back for YEARS, are perfect for suppressing political dissent and social activism, not to mention what it does to our allies overseas.
NSA hasn’t done anything (and they admit it) to fight terrorism.
“mass data suitable for blackmail, extortion, libel, fraud and theft of anyone, anywhere, any time, going back for YEARS, are perfect for suppressing political dissent and social activism, not to mention what it does to our allies overseas.” Firstly – you don’t actually know that the meta data has been used for any of that. Secondly – foreign leaders should be targets. you cannot know what they are doing by simply asking them. they lie. it is part of their job description. pl
Syrian National Coalition agrees to go to Geneva II
Thanks TTG for the great links!
Demeter and PL,
I thought it was preposterous that Obama singled out foreign leaders for protection from NSA collection while continuing to justify mass collection of US person data. It should have been the other way around. PL, you’re right, foreign leaders should be targets. They should be priority targets. The only question should be risk vs. gain. It’s up to their governments to try to stop us… if they can.
Schneier’s essay on “How the NSA is Threatening National Security” is well argued and devoid of histrionics. I heartedly recommend it. Thanks for the link.
As for the DEA, AT&T and the Hemisphere Project, I don’t have a problem with it. It seems to be driven by ongoing criminal investigations and court orders/subpeonas. This just represents a hazard of engaging in criminal activity. It’s the same hazard of conducting clan intel ops. Remember how the Italians convicted 23 CIA officers for the kidnapping of Osama Mustafa Hassan in 2003? It’s the same thing.
I’ve always assumed all my electronic communications were subject to collection and scrutiny and I think anyone who assumes otherwise is kidding themselves, no matter what Congress or the President or any other world leader says.
Even Forty years ago when I had to discuss considerably sensitive matters with my ex intelligence Father, he always wanted to do it outdoors face to face (never on any telephone) in a reasonably secure area where eavesdropping was unlikely to be easily arranged. Such was his understanding of electronic capabilities even then.
No, I’m not paranoid and neither was Dad. Bugging stuff is pretty easy.
This is a bit off topic but can
you imagine the kind of novel George Orwell would write about this subject
A big question beyond the interception of both foreign and domestic intel is the A 76ing of federal programs. Every few years contracts will change, people will be shuffled, cross contamination will take place. Also, whatever happened to compartmentalization and need to know, morphing into mashing up and making so much available to clerks.
This conversation is not taking place, the mechanisms of privatization on National Security, especially signals interception.
In addition to privatization of cyber, it appears humit is an A76 type target. The use of Cyber, space thingy is technically difficult, but is solved making those methods popular over real humit. Takes both. With our frenimies, enemies, and general need to know what is going on cyber capabilities front page news, what was relatively easy to intercept will become more difficult as people adapt to the need to not put anything in digital form, but go back to paper and face to face to keep the most sensitive aspects of their intentions hidden, thus the need for better humit moving forward. Will the IBM selectric make a comeback??
“Will the IBM selectric make a comeback??” the emanations from such an instrument can easily be read at a distance. pl
Schneier’s a great mind I have enjoyed for both the intel/security coverage as well as his endlessly amusing and disturbing accounts of high tech meets clever, sometimes antisocial humans.
IMHO I don’t think the wholesale collection and decades decades long maintenance of 4 billion hits day qualifies as targeted investigation upon reasonable grounds, subpoenas or not.
I note here my bias- my notorious aversion to the war on drugs on personal, political and practical grounds and legal grounds. Legally, I don’t see how the sovereign right to self abuse by intoxication can justify the entire edifice on any rational ground, other than we now by prohibition have created a cash/violence/politics nexus so threatening and opportune that it must perforce be manipulated and confronted whatever the gross domestic absurdities and contradictions at enormous cost.
According to something I encountered in Counterpane some encryption can now be cracked merely by listening to the noise generated by a cpu as it works on it.
PL, Tempest reads the background RF emanated by unshelled computers as well.
sometimes walking around outside isn’t even safe. You might like my story, “Unter Vier Augen.” It’s available in that list over on the right under Basilisk.
And computer monitors and display screens, and printers, and cables attaching them.
A friend flew over North Vietnam during the war scooping up conversations from walkie talkies on the ground, counting and differentiating trucks by gathering the electrical “signals” coming from a running engine, and other such things.
An interesting movie is “The Conversation” (1974), one of Francis Coppola’s early films, about a private surveillance man (played by Gene Hackman) who is given the job of capturing a conversation that takes place outside between two people walking in a fairly busy plaza.
I was speaking of tempest. pl
So, the way out, back to relatively better safety, would be to go back to mechanical typewriters and have couriers deliver copies and burn them after reading?
Maybe. This is a duck duck go hit I got on “mechanical typewriter surveillance:
O/T, on space exploration, this is what I’m monitoring today.
Mission home page:
As you say, “… back to relatively better safety, would be to go back to mechanical typewriters and have couriers deliver copies and burn them after reading?”
Yes, and become familiar with the one-time pad method of encryption, the effectiveness of which was shown by the great Claude Shannon, who does not get anywhere near the recognition he deserves. Bruce Schneier would be familiar with him.
Shannon laid the foundation of what we are doing right now with computers, showing it with Boolean algebra (two states — true or false, on or off, 0 or 1) and the behavior of circuits. He worked at Bell Labs for a while, and wrote a paper, “The Mathematical Theory of Cryptography”, which was then classified but later declassified. Also critical to the development of our digital age was his work on “information theory”.
This tribute to Shannon, who passed away in 2001, is from the American Mathematical Society (AMS), and one contributor talks about his work in cryptography, beginning on page 13–
Shannon showed that a properly created one-time pad was unbreakable without knowing the key, but depended also on a properly functioning random number generator.
This brings us to the recent revelation that the NSA was (wrongfully, in my opinion) trying to get companies and people to put flawed random number generators in computer software programs. If your random number generator does not work in the proper and “pure” way, any encryption based on it becomes more likely to be broken.
Shannon also developed and invented devices, both for fun and related to his work, as he was not just interested in theory. The behavioral psychologist B.F. Skinner also put together devices both with which to do experiments and for the outside world.
The AMS puts out a book as a more general introduction to encryption–
P.S. Do not encrypt anything on a computer connected to the Internet. Do it on a separate machine that has not been and transfer the file to the other one to send it, as William Binney advises.
I much enjoyed the ‘Unter Vier Augen’ story. However, the reference to Gorbachev having ‘come, as far as we were concerned, out of nowhere’ brought back memories. There were a number of experts on Soviet military strategy, working entirely – or at least largely – from open sources, who at the time were busily explaining to anyone who would listen where Gorbachev was coming from.
Prominent among these were the Brookings duo of Ambassador Raymond Garthoff and Commander Michael MccGwire – to give him his Royal Navy title. The head of the Soviet Studies Research Centre at Sandhurst, Christopher Donnelly, was less iconoclastic, but still very illuminating. To my lasting sorrow, at the time I did not know about the Soviet Army Studies Office at Fort Leavenworth, founded by the then head of TRADOC, General William Richardson, in 1986.
Among its very fine analysts was Dr Jacob Kipp, who had immense knowledge not only of current Soviet developments but of past debates which sometimes put what was happening now in a completely new context.
Only years later did I learn from Dr Kipp’s writings that the military figure most closely identified with the ‘new thinking’, General-Mayor Valentin Larionov, who we interviewed in Moscow in February 1989, had earlier compiled and co-authored the classic statement of the strategy of nuclear pre-emption.
Had I known about Kipp’s work at the time, moreover, I would have grasped the significance of Larionov’s discussion of the ideas of a Soviet theorist of the Twenties, Alexander Svechin. As I later learned when I followed up leads from Kipp, on that day in Moscow, I had been in the orbit of arguments that could be traced right back to Clausewitz.
Practically the first thing General Larionov said to us was that, to understand the ‘new thinking’, one had to go back to the realisation by Soviet planners, back in the Seventies, that it was not possible to win a nuclear war. According to Pipes, this kind of talk was bluff. As Garthoff, MccGwire and Kipp very well knew, it wasn’t.
It now seems to me that figures like Pipes were actually gullible dupes of a ‘Potemkin village’ element which the Soviets inherited from their Tsarist predecessors. To hold a rickety empire together, it is necessary to make impressive displays of power – and to obscure the underlying sense of weakness and fragility.
Throughout the Cold War, very few in the United States realised how terrified the Soviets were of the striking power of the Strategic Air Command. Accordingly, the fact that this terror was, on the one hand, a possible asset to be exploited, and, on the other, a potential source of dangers of catastrophic misunderstanding, was never adequately appreciated.
These clowns, from the top clown down, particularly and especially including military officers, have all taken an oath to protect and defend the constitution. They have NOT taken an oath to protect and defend the people, which is the excuse they use for not protecting and defending the Constitution.
Therefore they are criminals.
For me the two things are indistinguishable. pl
This is way OT for encryption, but could some knowledgeable soul provide one or more pointers to what “protect and defend the constitution” means in the context of military service? Is there some guidance provided to service members as to what their oath to do so does and doesn’t encompass?
TTG! Apparently GAO about to release a report on IC contracting efforts. Behind the scenes reports that the keys to federal fisc turned over to contractors by IC and little or no enforcement of federal financial conflict of interest regulations. Result many deliverables [goods and services] never received by Uncle Sugar.