NSA Tapping UN Isn't A Huge Surprise -- But Ability To Crack Video Conferencing Encryption Raises Questions
from the yay! dept
Over the weekend, Der Spiegel broke the somewhat unsurprising news that the NSA had bugged the UN and various EU embassies in the US and had hacked into the UN's videoconferencing software to be able to get access to such calls. On a first pass, this isn't all that surprising. As we noted with some earlier leaks, spying on foreign diplomats is just something that countries do. Spying on foreign government officials is very different than spying on the public. Of course, since the NSA insists that it does everything to avoid intercepting communications of people inside the US, I wondered how they could make that claim while directly tapping conference calls from the UN in NY. The answer is likely to be yet another classic NSA twisting of the words to find a loophole. While the UN headquarters are in NYC, "technically" the headquarters are outside of the US and in the control of the UN itself, but with an agreement that it abides by all local laws. This is similar to embassies, which are often treated as if they are the territory of the country that uses them. I'm wondering if the NSA is using that to argue these are fair game, since they're "outside" the US.There's also the issue, as noted in the article, that President Obama has insisted that the spying on people was only done to prevent terrorism -- and spying on EU diplomats seems unlikely to have anything to do with terrorism prevention. But, again, spying between government officials is kind of expected, and not quite a huge deal, even if it may present a diplomatic problem for the US.
Much more interesting to me, however, is the snippet claiming that the NSA had figured out how to hack into the UN's video conferencing software, allowing them to record internal video conferences. In fact, after this was cracked just a year ago, a document was sent around, "celebrating" this:
Furthermore, NSA technicians working for the Blarney program have managed to decrypt the UN's internal video teleconferencing (VTC) system. The combination of this new access to the UN and the cracked encryption code have led to "a dramatic improvement in VTC data quality and (the) ability to decrypt the VTC traffic," the NSA agents noted with great satisfaction: "This traffic is getting us internal UN VTCs (yay!)." Within just under three weeks, the number of decrypted communications increased from 12 to 458.Yay! We can spy on more things! Yay! Either way, I'm curious if anyone knows who provides the UN's video conferencing technology, because that's now a much more interesting issue. The suggestion being made that the NSA "cracked" the encryption that was being used could have much wider implications if true -- so it would be nice to know what kind of encryption, and what sort of system is being used. Either way, I'm guessing that many in the UN will be seeking out alternative communication methods shortly.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: diplomacy, encryption, espionage, eu, nsa, nsa surveillance, spying, un, video conferencing
Reader Comments
Subscribe: RSS
View by: Time | Thread
To me the amazing thing is that anyone is surprised that countries are trying to spy on UN communications. This is like Captain Renault being shocked to learn that there was gambling going on in the casino.
I agree that it is troubling to know that they could break the encryption. I would like to know the method they used. It could be that the encryption was based on codes burned into the hardware. In that case it is logical that the Chinese got in because the chips were manufactured in China and there are rumors that the Chinese have been getting copies of encryption keys at the time of manufacture. I suspect that the US used methods more similar to the methods used to crack the DVD encryption key.
I wonder what encryption system will fall next, or perhaps has already fallen and we don't know about it yet. I think it is reasonable to suspect any proprietary system that relies on a single master key is already compromised. The NSA seems to have been able to put pressure on most companies to compromise their secrets and then shut them up about it with gag orders. Any system based on data burned into a chip is probably already open to the Chinese. This would include TPM chips in Windows 8 systems and Chromebooks.
I wonder if the NSA got the keys to just about every DRM system ever created and the Obama administration is worried that Snowden got that information. That would explain why the US and UK administrations are so insanely over the top on their responses to Snowden.
[ link to this | view in chronology ]
Outside the U.S.?
They may also have decided that eavesdropping on non-citizens within the U.S. is fair game!
[ link to this | view in chronology ]
Re: Outside the U.S.?
> government agencies treat the U.N. and embassies
> as "outside the U.S.".
That's certainly the way the UN treats US officials. Every time I've been there, I've gotten the haughty speech about how everything inside the fence is sovereign UN territory, not US territory, and I have no legal jurisdiction or authority, blah, blah, blah.
They've flouted the NYC building code laws (based on their "soveriegn jurisdiction") so thoroughly and for so long, that it's a wonder that big glass building on the river is still standing. If you ever go inside it, you'll see that it's literally falling apart at the seams.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
You misspelled "YOU!" - ftfy
[ link to this | view in chronology ]
DHS Essentially did the same thing
[ link to this | view in chronology ]
Re: DHS Essentially did the same thing
They thought about having a 24,901 mile constitutional free zone (the circumference of the earth) but thought that was a bit too excess.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
All is easier when you have access to certificate authorities.
But who cares? Such a minor point.
The phony deal that evil people (and gullible fools) try to force on us: You can't have the benefits of technology unless give up all privacy.
[ link to this | view in chronology ]
Re: All is easier when you have access to certificate authorities.
[ link to this | view in chronology ]
Re: All is easier when you have access to certificate authorities.
C'mon, he have a good point, and not even the usual ranting and ad hominem.
[ link to this | view in chronology ]
Re: Re: All is easier when you have access to certificate authorities.
No, it's there, just more subtle then usual. However your point is valid. He makes a point, not a good one in my opinion, but a relevant one. However out_of_the_blue has a reputation for being an idiot. One relevant post out of hundreds will not negate that.
[ link to this | view in chronology ]
"Cracked"
[ link to this | view in chronology ]
Insectusflyusonthewallus
[ link to this | view in chronology ]
I think we should start calling this a voyeurism fetish.
[ link to this | view in chronology ]
Re: I think we should start calling this a voyeurism fetish.
[ link to this | view in chronology ]
Re: I think we should start calling this a voyeurism fetish.
Bush Jr. held his composure and finished reading to children after he was told about what happened the day 9/11 occurred. He held his composure and rallied this nation to never forget that day.
[ link to this | view in chronology ]
Re: Re: I think we should start calling this a voyeurism fetish.
[ link to this | view in chronology ]
Re: Re: Re: I think we should start calling this a voyeurism fetish.
Try telling that to the bunch of 5 year olds who were thrilled to see that a US president decided to take time from his busy schedule to spend the day reading to them. He finished the book and said goodbye and went straight into action calm and collected knowing exactly how to handle the situation and was mentally prepared to address the public.
[ link to this | view in chronology ]
Re: Re: Re: Re: I think we should start calling this a voyeurism fetish.
Really, your hero-worship of Chimpy, who has EASILY been the worst president of the last half-century (eclipsing Nixon, who are was crooked evil and vicious, but at least had two functional neurons to wire together) is appalling.
[ link to this | view in chronology ]
Re: Re: Re: Re: I think we should start calling this a voyeurism fetish.
Imagine if a company CEO were reading to kids, and one of his aides came in and said that company stock prices are tanking, but the CEO spent the next half hour reading, instead of acting immediately. If I'd been a shareholder, I would've called for his head on a platter.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: I think we should start calling this a voyeurism fetish.
Any kids who might've been scared...sorry guys, but you would've gotten over it. If I'd been one of those kids, I more than likely would have been proud that Bush had his priorities straight and knew where he was most needed.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: I think we should start calling this a voyeurism fetish.
that's all been settled, doncha know... you'll be fitted with a tinfoil beanie if you keep that up...
frankly, that is *one* of the memebombs i have wondered if a snowden/etc might keep in their back pocket as 'ultimate life insurance': *if* they had some smoking C4 revelations about nine one one, *wouldn't* the administration go absolutely fucking apeshit to keep *that* buried ? ? ?
*sniff*sniff* ? ? ?
what is that, the smell of a reichstag fire ? ? ?
art guerrilla
aka ann archy
eof
[ link to this | view in chronology ]
Re: Re: I think we should start calling this a voyeurism fetish.
Althought... didn't Billy also repeal some sort of act that abolished journalistic integrity and allowed Fox News to poison the country?
[ link to this | view in chronology ]
Re: Re: I think we should start calling this a voyeurism fetish.
When you're an alcoholic halfwit who is largely incapable of actually understanding anything that's said to you, that's really not much of an achievement.
He held his composure and rallied this nation...
I remember that. I remember how he took advantage of the surge in pro-American sentiment to...oh...wait...he didn't do that.
I remember how he made sure that those responsible were quickly brought to justice...oh...wait...he didn't do that either.
I remember how he took on the nation which sheltered and encouraged the hijackers -- Saudi Arabia...oh wait...he didn't do that either.
I remember how he made sure we didn't squander our treasure and our troops' lives invading countries at random...oh wait...nope, didn't do that either.
I remember how he refused to sacrifice the Constitution...ummm...well...not even close.
I remember how he emphasized the patriotism isn't flags and salutes and banners and flyovers and flight suits...oh...dear me...nope, not that.
I remember how he bolstered economic growth, provided for the poor and sick and aged, protected the environment, stood for the rights of women and gays and immigrants...errrm...well not so much really.
But oh my yes, he rallied the country. Yep. I remember that clear as day.
[ link to this | view in chronology ]
Re: Re: Re: I think we should start calling this a voyeurism fetish.
You're wearing a tinfoil hat. It's very pro-American of a president to protect the innocence of children during a crisis.
"I remember how he took on the nation which sheltered and encouraged the hijackers -- Saudi Arabia...oh wait...he didn't do that either."
Actually it was Osama Bin Laden. You're reinventing history.
"I remember how he refused to sacrifice the Constitution...ummm...well...not even close."
???
"I remember how he emphasized the patriotism isn't flags and salutes and banners and flyovers and flight suits...oh...dear me...nope, not that."
"Patriotism" was one of his favorite buzzwords. I'm pretty sure there is an an entire YouTube video dedicated to that.
"I remember how he bolstered economic growth, provided for the poor and sick and aged, protected the environment, stood for the rights of women and gays and immigrants...errrm...well not so much really."
You are making a huge contradictory statement...you are saying that Bush Jr. "bolstered economic growth"....and then saying that he didn't.
As for the other things...lets see now...Obama hasn't lifted the ban on abortions after the first trimester has he? Bush put that ban in place. When the Defensive Marriage Act was proposed, it was written in a majority led Democrat House and Senate...Obama voted for it! Yup great comparison.
"When you're an alcoholic halfwit who is largely incapable of actually understanding anything that's said to you, that's really not much of an achievement."
He was a recovered alcoholic who did a ton better than his successor. 7 minutes to address a nation concerning 9/11 vs 9 months for even a peep about the details of Benghazi...the latter of which was only exposed BY THE PRESS!
[ link to this | view in chronology ]
Re: Re: Re: Re: I think we should start calling this a voyeurism fetish.
He wouldn't have need to scare the kids. Just say that something super-important came up and that he's sorry, but he absolutely needs to be doing his job.
"Actually it was Osama Bin Laden. You're reinventing history."
Bin Laden ordered and planned the deed, but the quote mentioned who sheltered and encouraged the hijackers.
"You are making a huge contradictory statement...you are saying that Bush Jr. "bolstered economic growth"....and then saying that he didn't."
It's called sarcasm.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: I think we should start calling this a voyeurism fetish.
So lying to them during their moment with him is a good idea? Imagine being in Kintergarden and the president hasn't finished the story and all the sudden he's all up and "Well sorry kids I can't finish the story, something important came up". Imagine how they'd feel.
"Actually it was Osama Bin Laden. You're reinventing history."
Bin Laden ordered and planned the deed, but the quote mentioned who sheltered and encouraged the hijackers."
They also condemned the attacks...and didn't know the whereabouts.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: I think we should start calling this a voyeurism fetish.
Lying...? Whaa? The aide who whispered in Bush's ear about the attacks was telling a lie? Unless I'm completely mistaken, 9/11 did happen and Bush was told about it by his Chief of Staff. So it would not have been a lie if Bush stood up and said "Sorry but something important came up".
As for the kid's feelings...so what? Sure, I can understand they may feel disappointed and maybe a little angry at the time, but it's not like this is something that could scar them for life (the Prez walking out I mean, not the actual terror attacks). They'd get over it. At that moment in time, a classroom full of kids meant diddly squat compared to the threat of more and more plans being flown into buildings.
[ link to this | view in chronology ]
Re: Re: Re: Re: I think we should start calling this a voyeurism fetish.
what a tool, what a total authoritarian propaganda victim...
with that attitude, you would have been a loyalist repatriated to england at the start of the revolution...
pussy
1. yeah, *not* 'scaring' a bunch of stupid gradeschoolers was W-a-a-a-y more important than saving the whole country...
fucking 'tard
2. he -or one of his evil minions of doom- could have said ANYTHING and exited stage reich AT ANY TIME WITHOUT ANYONE 'suspecting' anything... THEY WERE FUCKING STUPID KIDS WHO EAT BOOGERS AND SHIT THEIR PANTS FOR NO REASON, they would not have known shit about shit...
you BELIEVE this tripe you spout ? ? ?
i feel sorry for your inability to either reason, or not start at the imaginary shadows of imaginary terrorists...
art guerrilla
aka ann archy
eof
[ link to this | view in chronology ]
Re: Re: Re: Re: I think we should start calling this a voyeurism fetish.
[ link to this | view in chronology ]
Re: I think we should start calling this a voyeurism fetish.
[ link to this | view in chronology ]
Re: Re: I think we should start calling this a voyeurism fetish.
"I don't care if they impeach me at this point, I just want to get this stuff with the Russians done so that we all have a future!"
He promised congress to retire on his own accord so that he could finish subduing the nuclear arms race and wanted good relations with the USSR.
[ link to this | view in chronology ]
Re: Re: Re: I think we should start calling this a voyeurism fetish.
Nixon was pardoned by Ford. Really. Go look it up.
Ah! I get it. You're just as stupid, vacuous, ignorant and worthless as Chimpy. Shame on me for not figuring this out after your first comment. Never mind. You are far, FAR too inferior to grasp anything I'm saying. No, no, no...don't try. Ssshhhh. You'll hurt yourself.
[ link to this | view in chronology ]
Re: Re: Re: I think we should start calling this a voyeurism fetish.
[ link to this | view in chronology ]
Re: Re: I think we should start calling this a voyeurism fetish.
> you removed from office - cf Nixon. In
> fact he got impeached for bugging himself!
Richard Nixon was never impeached. Only two U.S. presidents have been impeached: Andrew Jackson and William Clinton.
[ link to this | view in chronology ]
Re: Re: Re: I think we should start calling this a voyeurism fetish.
[ link to this | view in chronology ]
Re: Re: Re: Re: I think we should start calling this a voyeurism fetish.
Which is irrelevant to the question of impeachment. Impeachment is not removal from office. First comes the vote to impeach, then comes the vote to remove. Clinton survived the latter, but not the former.
[ link to this | view in chronology ]
If I were the UN --
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Perhaps it's Cisco (see below)
Q. Who uses Cisco TelePresence today?
A. Companies and organizations from all sectors world-wide use Cisco TelePresence. Proctor & Gamble, HSBC, Accenture, AT&T, AXA, Media Saturn, GE, Philips, Kaiser, United Health Care, Enbridge, POSCO, McKesson, Danske Bank, and BBVA are among the many companies using Cisco TelePresence to cut costs, speed time to market and further green strategies. Many universities such as Duke, Purdue, Massachusetts Institute of Technology (MIT), University of California San Diego (UCSD), University of California Las Angeles (UCLA), North Carolina State University, Pennsylvania State University, and others use Cisco TelePresence for administration and teaching. Government agencies around the world and the United Nations also use Cisco TelePresence to speed decision making and avoid travel.
This raises some interesting questions: did the NSA really break the encryption, or did Cisco give them a backdoor? If the former, then can the NSA also break the encryption used by all those other Cisco TelePresence customers? If the latter, same question. If either, then can anyone else break the encryption? Do they even need to?
[ link to this | view in chronology ]
If you're wondering how they did it..,
[ link to this | view in chronology ]
The NSA should about now be getting flashes of the Watergate scandal because that is what it is beginning to look like.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
Sadly the only way any of this evidence of crimes by the government and their agencies affects them is when the people are sitting with no other recourse but to revolt, and that is not going to happen any time soon, especially with all the new tv programming coming out over the next 3 months.
[ link to this | view in chronology ]
Cisco TelePresence
and this guy: http://vtctalk.com/forum/showthread.php?t=26498
[ link to this | view in chronology ]
I don't know if I hope there is much more to come. On one hand: things are already very very bad and I actually kind of fear to hear what more they possibly could have done.
On the other hand: If they keep revealing new stuff then change might happen sooner, which we need so incredibly much.
[ link to this | view in chronology ]
Breaking the encryption versus breaking the protocol
Instead, it is possible that they broke the protocol.
Using HTTPS as an example: none of the recent SSL/TLS vulnerabilities that have been reported are breaks of the underlying encryption, which is considered sound. All of them are breaks of the protocol.
[ link to this | view in chronology ]
Odds are they didn't "crack" anything.
I'd wager they have a bunch of VTC infrastructure that was poorly deployed and is not secured in any fashion. It would be quite simple to use their own equipment to record HD VTC sessions without anyone knowing.
This is far more likely that the "backdoor" and "cracking" scenarios thrown around.
[ link to this | view in chronology ]
I also heard on the news this morning, that spying on UN diplomats is a crime under International Law.
Then again, spying on law-abiding US citizens is a crime under US Federal Law, but that's never stopped the NSA from being a criminal organization.
Hell, the leader of the NSA, Mr. Clapper, is an alleged felonious liar!
[ link to this | view in chronology ]
If it's Cisco system...
[ link to this | view in chronology ]
See the uncut video, "Spies Gone Wild"
I'm sorry but The Patriot Act justification doesn't wash anymore: "We're hunting terrorists. We don't need no stinking 4th Amendment."
We've got take matters into our own hands to protect what little of our privacy remains. Start using TOR for browsing, Textcrypt for text messages and Cellcrypt for phone calls. Then take everything off DropBox, Instagram, iCloud, etc and stash it all in a Cloudlocker (www.cloudlocker.it) which works just the same but stays in the house where they still need a warrant to get inside.
[ link to this | view in chronology ]
Re: See the uncut video, "Spies Gone Wild"
i have -for decades, since the spectre of echelon raised its ugly head- advocated that 'everyone' append a list of 'trigger words' at the end of ALL their emails, etc, such that the NSA/etc simply couldn't vacuum up ALL the emails which were 'suspicious' because 'everyone's' email had the 'trigger words', but it looks like they are vacuuming them all up anyway, trigger words or no...
i guess the joke's on me...
how come it isn't funny ? ? ?
but, seriously, folks, i am thinking that ANY/ALL malcontents and ne'er-do-wells who use tor, encryption, etc, will go to the top of the list of suspicious proto-terrorists who need to be surveilled extra good...
art guerrilla
aka ann archy
eof
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Marketing
[ link to this | view in chronology ]
[ link to this | view in chronology ]