The Deeper Meaning Of Miranda's Detention And The Destruction Of The Guardian's Hard Drives

from the deny-and-disrupt dept

As many have already observed, the detention of David Miranda comes across as an act of blatant intimidation, as does the farcical destruction of the Guardian's hard drives. But something doesn't ring true about these episodes: spooks may be cynical and ruthless, but they are not generally clueless idiots.

They would have guessed that Miranda would not possess the keys for any encrypted files that he was carrying, so seizing his equipment simply left them with a bunch of ones and zeroes that they were unable to read (unless strong encryption has been broken and we don't yet know about it). Equally, they would have assumed that the Guardian had made backups of its files on the hard drives, so destroying them was literally quite pointless. What's really going on here? A brilliant post by author Barry Eisler, who used to work for the CIA, offers perhaps the most plausible explanation so far:

The purpose was to demonstrate to journalists that what they thought was a secure secondary means of communication -- a courier, possibly to ferry encrypted thumb drives from one air-gapped computer to another -- can be compromised, and thereby to make the journalists' efforts harder and slower.
The same is true for the destruction of the Guardian's hard drives:
The point was to make the Guardian spend time and energy developing suboptimal backup options -- that is, to make journalism harder, slower, and less secure.
What is particularly chilling, as Eisler notes, is that this technique is not new:
Does this sort of "deny and disrupt" campaign sound familiar? It should: you've seen it before, deployed against terror networks. That's because part of the value in targeting the electronic communications of actual terrorists is that the terrorists are forced to use far slower means of plotting. The NSA has learned this lesson well, and is now applying it to journalists. I suppose it's fitting that Miranda was held pursuant to a law that is ostensibly limited to anti-terror efforts. The National Surveillance State understands that what works for one can be usefully directed against the other. In fact, it's not clear the National Surveillance State even recognizes a meaningful difference.
The US and UK governments' equating of journalism and whistleblowing with terrorism is becoming clearer by the day.

Follow me @glynmoody on Twitter or identi.ca, and on Google+

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: barry eisler, david miranda, detention, journalism


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 28 Aug 2013 @ 3:54am

    The best way around both.

    Take your information and throw a big encrypted wrapper on it (truecrypt volume) and upload it to usenet. from there, any person in any country could download the file, but only those who hold the keys can unlock the file.

    Not only that, but usenet would serve as a free online backup for the file, and you could download it later. This is easier than a cyberlocker, and it would be held for three years plus on the servers, effectively for free.

    Your only problem would be DMCA complaints against the file, taking it off the servers faster than you can say "Peter Piper picked a peck of pickled peppers."

    (Just thought of this: Ideally put three wrappers on the files, just to hamper cracking efforts.)

    link to this | view in chronology ]

    • identicon
      zan, 28 Aug 2013 @ 4:02am

      Re: The best way around both.

      I think an encrypted torrent would be a better idea, long as someones uploading and the dht network is working it'll always be downloadable.

      link to this | view in chronology ]

    • icon
      Bergman (profile), 28 Aug 2013 @ 6:26am

      Re: The best way around both.

      Two other things you should also do:

      Don't just upload sensitive files, also upload things like core dumps and the complete works of Shakespeare. All massively encrypted like the actual files you want to transfer. Don't just keep them guessing, keep them BUSY.

      Upload things that they don't WANT to decrypt -- things that they're not supposed to know (courtesy of Wikileaks, for example) and disgusting image files (clown or midget porn, anyone?).

      Naturally, use different keys, encryption algorithms and all for each file, and perhaps make the ugly stuff easier to open, heh.

      Can you imagine the horror of them seizing a computer, discovering it contains 50,000+ encrypted files...and 99.99% of them are things they will wish they could un-see?

      link to this | view in chronology ]

    • icon
      Hephaestus (profile), 28 Aug 2013 @ 6:50am

      Re: The best way around both.

      Simpler but messy on the backend solution 1 condom, 1 micro SD card, swallow.

      link to this | view in chronology ]

    • icon
      art guerrilla (profile), 28 Aug 2013 @ 9:59am

      Re: The best way around both.

      disagree, the 'best' method, is simply to expose ALL OF IT, totally unredacted...

      THEN what are the spooks going to do ? ? ?

      I REFUSE to believe the bullshit that these revelations would endanger untold _____(dozens ? hundreds ? thousands ?) of spooks, spook-lites, and spook informants/etc who are doing dirty works...

      GOOD, expose them all, run the evil pukes out of town, and/or some/all get killed ? cry me a fucking river, THEY are RESPONSIBLE -directly and indirectly- for the deaths OF MILLIONS, and i'm supposed to be contrite because BAD GUYS (so what they are 'our' bad guys?) get -probably RIGHTEOUSLY- killed for doing their dirty deeds in the dark ? ? ?

      no, golden rule them: THEIR mantra is 'kill'em all, let dog sort'em out...' okay, assholes, we'll do the same to you, then, how is that shoe pinching on the other foot, evil spook slime ? ? ?

      i'm sick of the whole mess, they DESERVE whatever bad karma comes there way; it is not OUR job to protect secret spooks doing evil...

      art guerrilla
      aka ann archy
      eof

      link to this | view in chronology ]

      • identicon
        Loki, 28 Aug 2013 @ 1:59pm

        Re: Re: The best way around both.

        Actually, rather than intimidation as many people think, I believe that THIS is exactly what they are hoping for. Look at it this way, as Tim pointed out in another piece, the current cycle works as such.


        1. Leak reveals evidence of NSA overreach or wrongdoing.

        2. NSA issues statement explaining how leak is being misinterpreted or is an aberration.

        3.NSA attends hearings and issues statements declaring it doesn't abuse its power. (Frequently qualified with "not under this program.")

        4. New leak reveals evidence of NSA overreach or wrongdoing, proving NSA's most recent statements were pretty much "incomplete lies" or "least untruthful" answers.

        5. Repeat.


        This not only gives people time to process the information, but it also helps keep the story in the news cycle.

        If you just data dump everything, the press, in an effort to one up each other will flood the media with more information than people can easily process, and try to post the most egregious violations, leaving perhaps less damning but otherwise important information overlooked.

        Our Short Attention Span Theater stricken society will be momentary outraged by revelations they don't totally comprehend (due to the massive amount of data involved), and rather than taking the time themselves to comprehend it properly (unless it is spoon fed to them) it will be quickly forgotten the minute the next "Miley Cyrus" outrage comes along.

        link to this | view in chronology ]

    • identicon
      Anonymous Coward, 28 Aug 2013 @ 10:14am

      Re: The best way around both.

      Let's keep in mind that the NSA is trying to keep this information secret. Perhaps the best way to fight them is just to publish everything, unredacted.

      link to this | view in chronology ]

      • identicon
        Anonymous Coward, 28 Aug 2013 @ 12:36pm

        Re: Re: The best way around both.

        And if you get found out it is a minimum of 35 years in prison. I think it is pretty clear how it would end. If you want any kind of security you better hold something back as a bargaining chip.

        link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Aug 2013 @ 4:39am

    "...unless strong encryption has been broken and we don't yet know about it"


    Yes, the encryption cipher was probably strong, but that doesn't mean the user password was equally strong. A Cryptologists will always attempt to break a password first, instead of the encryption cipher's mathematical algorithm itself.

    For example, most ciphers are 128-256bits in strength. If a user chooses a password that is 16 characters in length, then the password only has around 16bits of strength.

    2^16 = 65536 possible password combinations to break the password. The NSA can probably chew through thousands of password attempts per second. Probably much, much more attempts per second, unless key stretching is used. Such as bcrypt, scrypt or pbkdf. In order to slow down password guessing attempts using multiple hashing rounds on the password.

    The fact Greenwald and Poitras seem to be using the sneaker net (transportation of information using tennis shoes), this leads me to believe they were worried about their cryptographic capabilities.

    Thus, I'm forced to assume there's a high probability their password lengths were far shorter than 128-256 characters long. Not to mention a fully random password with that is impossible to remember. Otherwise the password will be low on entropy (randomness).

    I hope I'm wrong about all these assumptions. I really do.


    As to why the UK and US Governments detained Miranda and stole his digital devices. I believe it has less to do with intimidation, and more to do with the UK and US Governments wanting to know what documents Snowden downloaded.

    It's already been stated multiple times the the US Gov. has no idea what documents Snowden, and the media, are in possession of. The US Gov. is finding it very difficult to lie to the American people about the NSA's unconstitutional spying capabilities.

    The moment they make a false statement in public, a new leak comes out contradicting the lie they just made. That has to be embarrassing.

    The US Gov. wants to know what those documents are, and they probably figured Greenwald and Poitras' cryptographic skills were weak enough that they'd have a shot at breaking their weak passwords to see what documents they're up against.

    Like I said, I hope I'm wrong about all this. All the circumstantial information seems to be pointing towards this though.


    As for the UK Gov. destroying the Guardian's hard drives. That was indeed meant to intimidate media organizations. There's no other explanation for that barbaric move.

    link to this | view in chronology ]

    • icon
      Rabbit80 (profile), 28 Aug 2013 @ 5:00am

      Re:

      You have you maths seriously wrong!

      A bit is either a 1 or a 0 - a password has all the letters of the alphabet in upper and lower case, numbers and symbols available.

      See here - http://www.lockdown.co.uk/?pg=combi

      link to this | view in chronology ]

    • identicon
      Some Guy, 28 Aug 2013 @ 5:38am

      Re:

      Assuming you can use any of the printable ASCII characters (i.e., not the initial 32 control characters or DEL, but including space), a perfectly random 16-character password has 95^16 combinations (> 2^105, < 2^106).

      So it is quite a bit weaker than a 128-bit key, but not by as much as you suggest.

      link to this | view in chronology ]

    • icon
      John Fenderson (profile), 28 Aug 2013 @ 11:32am

      Re:

      Ignoring that you're confusing a character (byte) with a bit, I would seriously hope that the decryption key wasn't a password at all. Do people still use those for encryption? If so, they need to stop it.

      link to this | view in chronology ]

    • icon
      Clark Cox (profile), 28 Aug 2013 @ 2:41pm

      Re:

      Why would anyone in their right mind use a password at all? Use a blob of random data as big as the data you want to encrypt as the key, send it separately, and destroy it after that one use.

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Aug 2013 @ 5:08am

    An infographic demonstrating how to calculate password strength.

    https://xkcd.com/936/

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Aug 2013 @ 6:06am

    Poitras is supposed to be pretty adroit at security

    Bruce Schneier comments someplace that Greenwald was pretty naive about security, but that Laura Poitras was quite competent. The package in question was heading from P to G, so I expect the crypto was good.

    Which suggests that the crypto was not broken, and when the UK govt described to the court the GCHQ documents Miranda was allegedly carrying, they might have been lying. Presumably to FUD G&P, but judges don't usually like liars.

    link to this | view in chronology ]

    • identicon
      JH, 28 Aug 2013 @ 7:22am

      Re: Poitras is supposed to be pretty adroit at security

      There are a couple of comments from Greenwald today under his latest blog piece for the Guardian, discussing court filings made by the UK Government yesterday:
      Were the files David was carrying encrypted and if so it seems they were decrypted by the UK security services?
      Yes, they were encrypted. And no: they haven't been able to get access to those documents, as they acknowledged today.

      Where?!
      In their court filing. I don't know the exact numbers, but they said they were only able to access something like 75 documents of the tens of thousands they claim he was carrying - and I'd be willing to bet those 75 they claimed they access have absolutely nothing to do with NSA.

      -- so the anon @ 6:06am may indeed have been right, when he wrote that "The package in question was heading from P to G, so I expect the crypto was good. Which suggests that the crypto was not broken, and when the UK govt described to the court the GCHQ documents Miranda was allegedly carrying, they might have been lying. Presumably to FUD G&P, but judges don't usually like liars."

      On the other hand, for tinfoil hat brigade, maybe it is now that the UK Govt is dissembling, to downplay its proficiency at decryption...

      It will be interesting to see what the judges make of it.

      link to this | view in chronology ]

    • icon
      nasch (profile), 29 Aug 2013 @ 7:39am

      Re: Poitras is supposed to be pretty adroit at security

      Presumably to FUD G&P, but judges don't usually like liars.

      Except the ones on the FISC.

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Aug 2013 @ 6:08am

    95^16?

    not knowing what number that gave (how many zeroes?) i put it into google and that said: 4.4012667e+31
    Which is slightly worse. so i put 4.4012667e+31 into google and even google couldn't answer that.
    I am hoping its 'a really big number that GCHQ cryptographers will have a problem with'.

    link to this | view in chronology ]

    • identicon
      Some Guy, 28 Aug 2013 @ 6:36am

      Re: 95^16?

      44,012,667,000,000,000,000,000,000,000,000, or 44,012,667 trillion trillion, or a bit over 44 nonillion.

      link to this | view in chronology ]

      • icon
        Rabbit80 (profile), 28 Aug 2013 @ 9:57am

        Re: Re: 95^16?

        44,012,666,865,176,569,775,543,212,890,625 to be precise! (At least according to the calculator built into Windows)

        link to this | view in chronology ]

    • identicon
      Techdirt Lurker, 28 Aug 2013 @ 8:22am

      Re: 95^16?

      don't bother hurting your brain thinking about cryptography when you can't even grasp fundamental concepts of how to use a calculator. hint: the 31 denotes how many times you move the decimal to the right in 4.4012667

      also, if you weren't aware, google can be used for more than finding horse porn: http://www.google.com/search?q=what+does+e%2Bnumber+mean+on+calculator

      sorry if i come off as an a-hole here, but i have no patience for people actively trying to remain ignorant when the worlds largest repository of information is literally at their fingertips.

      link to this | view in chronology ]

      • identicon
        Some Guy, 28 Aug 2013 @ 8:55am

        Re: Re: 95^16?

        Did you miss the part where he entered the numbers into Google?

        And why would he search for "what does e+number mean on calculator", when he wasn't using a calculator?

        A more logical search would be simply "what does e+number mean", which, when I try it, returns a description of the European Union's system of codes for food additives.

        The guy (or girl -- apologies for assumption about sex) did try "the worlds largest repository of information" as far as he could; and when he got stuck and turned to the community for help, you were a jerk to him.

        Way to spread enlightenment, dude.

        link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Aug 2013 @ 6:15am

    Suboptimal backup options?

    If they had all the data in a single place, where a single accident (for instance, a fire) can destroy it, that is a suboptimal backup option.

    By forcing them to destroy the data that was kept in a single location, they make the Guardian (and everyone else who is watching) spend time and energy developing a better backup option. That is the opposite of making them develop a suboptimal backup option.

    link to this | view in chronology ]

  • identicon
    Shon Gale, 28 Aug 2013 @ 6:29am

    None of these government(s) will ever give up any of their power base to the people of their country. You can vote until you are blue in the face and you will never change a thing. Presidents change, Prime Ministers come and go, Kings and Queens live and die, but the policing and security structures always remain the same and are promoted from within. In other words these people don't work for you. They work for their power base, for their control.
    Remember we warned all of you during and after the Vietnam war about the lock they have on everything now. Remember we warned you about Big Brother, well he is here and he is watching and he is controlling the money, the power and your entire life. When we complained they gave us inflation.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Aug 2013 @ 6:45am

    Jay Rosen on Barry Eisler's piece

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Aug 2013 @ 7:05am

    Quoted from Wikipedia: https://en.wikipedia.org/wiki/Password_strength#NIST_Special_Publication_800-63

    "NIST Special Publication 800-63 suggests the following scheme to roughly estimate the entropy of human-generated passwords:[2]

    The entropy of the first character is four bits;

    The entropy of the next seven characters are two bits per character;

    The ninth through the twentieth character has 1.5 bits of entropy per character;

    Characters 21 and above have one bit of entropy per character.

    A "bonus" of six bits is added if both upper case letters and non-alphabetic characters are used.

    A "bonus" of six bits is added for passwords of length 1 through 19 characters following an extensive dictionary check to ensure the password is not contained within a large dictionary. Passwords of 20 characters or more do not receive this bonus because it is assumed they are pass-phrases consisting of multiple dictionary words."


    Using the above NIST calculation, a 16 character long password has at best.

    4+2+2+2+2+2+2+2+1.5+1.5+1.5+1.5+6+6=36bits of entropy.

    That's assuming the password does not contain any words found in a dictionary (+6bit bonus). Contains both uppercase and lowercase letters, plus non-alphabetic characters are used (+6bit bonus).


    Just for fun, let's say the NSA has a really slow supercomputer at their disposal. One which can only make 71,000 password guesses a second against a Bcrypt hashed password. Such as this homemade 25-GPU cluster computer.

    http://arstechnica.com/security/2012/12/25-gpu-cluster-cracks-every-standard-windows-pa ssword-in-6-hours/


    The calculation of time needed to break our 16 character password with 36bits of entropy would be.


    Total guesses:
    2^36 = 68,719,476,736

    71,000 guesses a second:
    68,719,476,736 / 71,000 = 967,879 seconds to break password

    Convert 967,879 seconds into minutes:
    967,879 / 60 = 16,131 minutes to break password

    Convert 16,131 minutes to hours:
    16,131/60=268 hours to break password

    Convert 268 hours to days:
    268/24=11 days to break password


    Usually it only takes around half the total number of guesses before the password breaks.


    Total number of days divided by two:
    11 / 2 = 5.5 days to break a 16 character password that has a high entropy, using a home built civilian PC.


    What kind of supercomputers do you think the NSA has at their disposal? Maybe something along the lines of...

    Titan Supercomputer Specs:

    18,688 AMD Opteron 6274 16-core CPUs

    18,688 Nvidia Tesla K20X GPUs

    Total Power Draw: 8.2 Megawatts

    https://en.wikipedia.org/wiki/Titan_supercomputer


    That's a tad more powerful than a 25-GPU civilian computer. If the NSA is you adversary, I'd recommend really long passwords. Double or triple encrypting a file, with at least two or three different sets of passwords would be a wise move too.

    link to this | view in chronology ]

  • identicon
    wolfy, 28 Aug 2013 @ 7:10am

    I suspect the encryption has been broken, and the authorities are being coy about it, by repeatedly "asking" for the keys.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Aug 2013 @ 7:13am

    Russian spies use Flickr to communicate why can't everybody else?

    link to this | view in chronology ]

  • icon
    Davey (profile), 28 Aug 2013 @ 7:37am

    This is going to sound corny, but...

    The parallels between this saga and the movie Firefly are troubling. The Powers That Be haven't yet learned that they can't stop the signal and are still trying to keep a lid on the story. They'll lose.

    The big difference is that they're turning the entire world into Browncoats. Mal would be proud.

    link to this | view in chronology ]

    • identicon
      bshock, 28 Aug 2013 @ 10:22am

      Re: This is going to sound corny, but...

      It's a cute analogy.

      But as I recall, the "Browncoats" lost that war.

      link to this | view in chronology ]

    • icon
      nasch (profile), 29 Aug 2013 @ 8:03am

      Re: This is going to sound corny, but...

      The parallels between this saga and the movie Firefly are troubling.

      Firefly was a TV show, the movie is Serenity.

      /nerdrage

      link to this | view in chronology ]

  • icon
    allengarvin (profile), 28 Aug 2013 @ 7:51am

    "2^16 = 65536 possible password combinations"

    Man, I knew it was a bad idea to adopt a binary alphabet.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Aug 2013 @ 8:28am

    Makes you wonder if the government is selling us out for access. For instance, they approve all of these corporate mergers even when they are bad for competition. You can be certain they see some advantage in them.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Aug 2013 @ 10:21am

    Postal service

    If you really want to be anonymous, follow the same methods de Beers uses to send diamonds, the postal service.

    A thick, stiff card with a thank you note written on it could easily contain a microSD card. Posted from a letter box and arriving at a post office for 'general delivery' or one of those mailing address companies, it would be very, very hard to find. You could even do what check scammers do and have an innocent (but naive) third-party forward the mail.

    link to this | view in chronology ]

  • identicon
    Phil62, 28 Aug 2013 @ 1:54pm

    Transfer the encrypted file via RFC 1149.

    link to this | view in chronology ]

  • identicon
    DB Cooper, 29 Aug 2013 @ 1:30pm

    While you guys debate the best password , encryptions etc you miss the real question of why this had to happen in the first place. What both Snowden and Manning did was not whistle blowing, It was espionage. These two didnt do it for the public good, they did it to get their picture in the news and it didnt matter who was hurt in the process. The intent on both cases was to harm the US to punish/get even wit it for some percieved wrong the country had done to them. No real whistle blowers will be treated as criminals.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 29 Aug 2013 @ 2:35pm

      Spot the Fed

      (I think I found him.)

      link to this | view in chronology ]

    • icon
      nasch (profile), 29 Aug 2013 @ 3:49pm

      Re:

      What both Snowden and Manning did was not whistle blowing, It was espionage. These two didnt do it for the public good, they did it to get their picture in the news and it didnt matter who was hurt in the process. The intent on both cases was to harm the US to punish/get even wit it for some percieved wrong the country had done to them. No real whistle blowers will be treated as criminals.

      Evidence needed for every statement you just made.

      link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.