UK Asked New York Times To Destroy Edward Snowden Documents; NY Times Ignored Request
from the good-for-them dept
There's been some back and forth concerning the David Miranda legal fight today and it's getting fairly ridiculous. The UK government is making some extraordinary claims about Miranda and the encrypted information he was carrying. They claim that some of the information was potentially incredibly damaging to UK national security interests (the same rhetoric we always hear, but is rarely shown to be true) and they also claim that they found a piece of paper on Miranda that allowed them to "decrypt one file on his seized hard drive." Furthermore, they claim that Miranda (and Greenwald and Poitras) "demonstrated very poor judgment in their security arrangements with respect to the material," in order to suggest that it might easily fall into dangerous hands.Of course, there are many reasons to suggest that this is all hogwash. The choice of wording from the UK government is pretty precise. Note that they don't actually claim they've unencrypted any of the Snowden files. They make two separate claims in succession: one is that there were 58,000 documents that Miranda had and then, separately, that he had a password that allowed them to get into a file on his drives, and then they use that to insist that there was poor security. But they don't reveal what that one file was, nor do they admit to having figured out what was actually on the drives. Glenn Greenwald says that it's a flat out lie that Miranda had a password on him that would allow anyone to decrypt the documents (suggesting any password he might have had on him was totally unrelated). Greenwald also mocks the idea that Poitras's security was "sloppy," since it appears that the UK hasn't yet been able to figure out what was actually on the hard drives.
However, the strongest response to all of this comes from The Guardian itself, who reveals that after the Prime Minister's office ordered them to destroy hard drives, the Guardian told the UK government that the NY Times and Pro Publica also had copies of all of the documents related to the UK spying by GCHQ... and the UK government didn't seem particularly concerned:
"The government wanted the judge to believe that they have at all times behaved with the utmost urgency because of a grave threat to national security represented by newspapers working responsibly on the Snowden documents and their implications for society," he said. "But for most of the time since early June little has happened. On July 22 the Guardian directed the government towards the New York Times and ProPublica, both of whom had secret material from GCHQ. It was more than three weeks before anyone contacted the NYT. No one has contacted Pro Publica, and there has been two weeks of further silence towards the NYT from the government. This five weeks in which nothing has happened tells a different story from the alarmist claims before the court. The government's behaviour does not match their rhetoric in trying to justify and exploit this dismaying blurring of terror and journalism."This leads to an even more mystifying situation, in which (as noted above), weeks later, UK officials asked the NY Times to destroy the documents, and the NY Times basically ignored the request entirely:
The British government has asked the New York Times to destroy copies of documents leaked by former National Security Agency contractor Edward Snowden related to the operations of the U.S. spy agency and its British partner, Government Communications Headquarters (GCHQ), people familiar with the matter said.Ah, freedom of the press. Either way, this suggests that the UK's arguments against Miranda are just misleading FUD designed to paper over the thuggish behavior of detaining Miranda in the first place.
The British request, made to Times executive editor Jill Abramson by a senior official at the British Embassy in Washington D.C., was greeted by Abramson with silence, according to the sources. British officials indicated they intended to follow up on their request later with the Times, but never did, one of the sources said.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: david miranda, ed snowden, encryption, first amendment, freedom of the press, glenn greenwald, jill abramson, national security, uk
Companies: ny times
Reader Comments
Subscribe: RSS
View by: Time | Thread
HEY
they would wake up tomorrow and there would be 3300 people with encrypted copies
[ link to this | view in chronology ]
Re: HEY
[ link to this | view in chronology ]
Re: Re: HEY
[ link to this | view in chronology ]
Re: Re: Re: HEY
The more you know!
[ link to this | view in chronology ]
Perhaps the information could find asylum in some Russian press or something.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Take it back a step
Before lashing out, shouldn't David Cameron look deeper into the original source of these highly classified documents, if they exist at all?
[ link to this | view in chronology ]
Re: Take it back a step
[ link to this | view in chronology ]
1). The detention of Miranda for 9 hours under Schedule 7 of the Terrorism Act 2000.
2). The confiscation and continued holding of Miranda's electronic possessions beyond the 7 day limit.
3). The inspection and analysis (and sharing with NSA if I may be so bold in suggesting this) of the contents of Miranda's hard drive. This is being done despite the temporary injunction which restricts examination and analysis of the hard drive, unless:
a). For the purpose of the protection of national security, including by preventing or avoiding the endangering of life of any person; and
b). For the purpose of investigating whether Mr Miranda is a person who is or has been concerned in the commission, preparation or instigation of acts of terrorism.”
4). Bringing charges against Miranda under either the Terrorism Act 2000, section 1 of the Official Secrets Act 1911, or various offences under the Official Secrets Act 1989.
You can already see how the police are stretching the truth to cover their need for justification. This is why you see some very odd things.
-How do the police know there are 58,000 Documents. The hard drive is encrypted with TrueCrypt. I am guessing that full disk encryption wasn't used. However, one would encrypt an entire volume(s) containing the secret files. Unless you are able to decrypt the volume you cannot know the number of files within that volume.
-The 58,000 file are all characterized as, "highly classified UK intelligence documents." They are saying they all originate with the UK despite the fact that these are, supposedly, the NSA documents that Snowden leaked.
-The police and GCHQ have supposedly decrypted 75 of the 58,000. But they are not specific about what these files are. Are they even related to the NSA leaks? Greenwald has denied that they have been able to decrypt any of the secret documents. Remember that even the UK police say they haven't decrypted most of the hard drive. If all the secret documents are contained in the same TrueCrypt volume, then none have been decrypted.
-There is a claim that some of those document contain information that "would do serious damage to UK national security and ultimately risk lives". How would the UK police know this if the secret documents have not been decrypted?
-There is an emphasis on the password that was written down on a piece of paper in Miranda's possession. Greenwald denies that this was a password related to encryption of the secret documents. The UK police want to show how sloppy and reckless Miranda, Poitras, and Greenwald have been in protecting the documents from terrorists. All the police need to do is convince a judge, who may not be well versed in the finer points of cryptography, of this sloppiness.
[ link to this | view in chronology ]
Re:
From the statement to the court, GCHQ determined that it was possible that Snowden had accessed up to 58,000 files. Robbins then states that the information from the one decrypted file showed that there was, roughly, a similar number of files on the hard drive. From this he concludes there are 58,000 highly classified UK intelligence documents on the hard drive.
These guys aren't dumb, they know you can't reason like that. Just who do they expect will accept that sort of logic?
[ link to this | view in chronology ]
Re:
That would outclass Prenda for funniest story of the year so far..
[ link to this | view in chronology ]
One time key?
That has no small amount of value to Greemwald
[ link to this | view in chronology ]
This is going to work out very similar to Kim Dotcom's affair. The info was copied and sent via UPS before the data even got out of the police's hands in New Zealand. The judge made an issue of saying the US had to return that data and it never did and it isn't going to.
The time to act to get that data was right then before any courts could make any rulings or any part of government could countermand it.
[ link to this | view in chronology ]
If Miranda's laptop was used to access file on the TrueCrypt volume(s), then there's a high probability of evidence being left behind. Evidence in the form of OS and application history logs.
Windows and Linux OS's, and most applications, leave behind traces of files that have been recently opened.
- Recently Opened Files leaves behind a history of the last 20 or so files recently opened
- Microsoft Word saves unencrypted versions of 'drafts'files, currently being worked on. Unless the whole operating system itself, is encrypted.
- Windows Registry entries are created when opening files and mounting drives which provides a log for forensic personal to analyze.
- PDF software applications usually store their own, seperate 'history' of the most recently opened documents.
So as long as Miranda and Poitras didn't used the seized laptop's operating system to view any of the classified documents. Then they're probably alright.
If they did though, then the GCHQ probably has a log of encrypted filenames that were opened using that laptop.
GCHQ probably can't decrypt any of the TrueCrypt volumes, but they might have a log of some filenames that were opened on that laptop.
Either way, it seems like Governments around the world are attempting to slander the reputation of journalists, by attempting to undermine their security skills.
These Governments don't really have a leg to stand on when it comes to 'system security'. I love how they start preaching about 'system security', when it's their insecure systems which started this debate in the first place.
I think the real underlying issue here is the fact Governments are attempting to turn journalists into criminals. They're basically stating, any journalist who leaks or has in their possession classified information, is a danger to 'national security' and is therefor a criminal.
That's what this is really about. Criminalizing journalism.
[ link to this | view in chronology ]
Re:
You are correct about the traces left from applications. I believe that, not only Poitras but Greenwald would have been brought up to speed on such vulnerabilities and avoided opening files on a laptop used for traveling. One potential trace that you missed is the indexing of volumes that occurs at least on Windows OSs. The indexes are stored permanently and are used to optimize searching. I use PGP software to encrypt volumes and I can't remember offhand if I had to manually opt-out of indexing for mounted volumes. The PGP software may have restricted the OS from indexing those volumes while they are decrypted. I have actually disabled indexing entirely for this very reason. I was wondering if this is how the UK police came across the number of encrypted files, however, I believe this would have given them the filenames as well.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
The witness statements
There was also a separate withness statement by Caroline Goode for the Metropolitan Police, which says that so far they have only been able to reconstruct 75 documents. Here is the summary of her witness statement from the Daily Mail:
[ link to this | view in chronology ]
Re: The witness statements
[ link to this | view in chronology ]
Re: The witness statements
1/ "We're bullshitting"
or
2/ "In the time we've had this harddrive, we've managed to brute-force decrypt 0.1% of the data by throwing absolutely everything we've got at it so obviously it's insecure... right?"
[ link to this | view in chronology ]
Using but one recent example, while there may be information in the recently disclosed "black hat" budget involving at least the CIA and NSA of interest to persons within the US and its allies, it is really wise to lay open information readily accessible to their enemies that describes areas where these agencies are devoting substantial amounts of resources. Before the disclosure they could only guess. Now they know for sure and can use that information to act accordingly.
I readily agree that overclassification of government documents is rampant. However, to use this as a justification for the willy-nilly disclosure of information, much of which has certainly been properly classified, is simply wrong and the persons doing so should be soundly and resoundly criticized.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
But I guess declaring them terrorists and arresting them works too.
[ link to this | view in chronology ]
Re:
This spying power has grown far beyond absurdity. There is no justification for this. None.
Don't give me the "but, but terrorists!" excuse. The terrorists have already won! Terrorists kill people, for sure, but their larger aim is to strike fear into the hearts of millions of people more because they know they can't kill everyone. They've succeeded with the fear years ago. But, most people don't think much about it after a time and it dissipates. However, it doesn't dissipate in governments the world over who use that fear to try to justify the trampling of the rights of millions of people. And this is all designed to keep the people under control and to make rich a few people who have a financial incentive to see the spying continue.
You guys aren't protecting anyone except your own wallet.
There is a large group of people around the world who are infuriated by governments ability to spy on ordinary people. If that is considered group think, then I proudly wear my group membership badge.
[ link to this | view in chronology ]
Re:
Jesus, this isn't exactly trying to disprove Pythagoras or proving non-Euclidean geometry in a non-insane way.
[ link to this | view in chronology ]
Some could argue that the material was poorly secured and was in dangerous hands before Snowden, Greenwald, Poitras, and Miranda had it.
[ link to this | view in chronology ]
Encryption is easy.
For example, he could have done this:
* Greenwald in Brazil generates public/private key pair using open-source software (available in any linux)
* Greenwald mails/IMs his PUBLIC key to Miranda in Scandinavia
* Miranda encrypts data with public key
* Miranda can now carry the data, without being able to unencrypt it himself (he doesn't have the private key) nor can anyone else (again, private key needed)
* After arriving in Brazil, if needed, the private key Greenwald has on his pc, can be used to unencrypt
http://en.wikipedia.org/wiki/Public-key_infrastructure
Bonus points for additional security (bordering on paranoia):
* Verify by phone (recognizing Greenwald's voice) that public key arrived correctly and hasn't been altered/swapped in transit over the internet
* Generate public/private key on a pc NOT CONNECTED TO THE INTERNET, only transfer the public (not the private!) key to a PC with email using usb stick, or better: by typing.
* All done, can't think of extra safety to add
[ link to this | view in chronology ]
Interest
Oh it is true. Whenever these types mention security interests they are talking about the security of billions of dollars of public money going into their bank accounts with no oversight.
[ link to this | view in chronology ]
Re: Interest
[ link to this | view in chronology ]
[ link to this | view in chronology ]
http://www.truecrypt.org/docs/hidden-volume
[ link to this | view in chronology ]
The UK goverment does realize
I'm wondering if the New York Times' reaction to the UK government's request by their paper's legal team was a combination of "you're kidding right?" and struggling not to burst out laughing in the UK official's face.
[ link to this | view in chronology ]
Of course time erodes memories.
It's pretty obvious they thought that was a one-time event..and that they don't understand the precedent setting ruling issued by the Supreme Court in that case.
Yeah, after they left their calling card, I'm sure that the editor called everyone in for a conference and said:
"Pass the whiskey, ladies and gentlemen-for we have another stupid government request to destroy documents!"
There upon the entire building erupted in sound-shattering laughing that went on for hours.
[ link to this | view in chronology ]
Using the dictionary these guys are using I think it is very plausible to state that national probably means government and security means self-preservation. Which would mean that above sentence would read:
They claim that some of the information was potentially incredibly damaging to UK government self-preservation interests
That sounds a LOT more accurate.
[ link to this | view in chronology ]
Excellent point! I forgot about file name indexing services. If an encrypted volume was mounted, with this service enabled, then this might be how GCHQ is coming up with the 58,000 number.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
It would also be illegal.
The Constitution has several amendments that rather frown on it:
The First Amendment-Freedom of Religion, Press, Expression
The Fourth Amendendment-Search and Seizure
And of course this little item:
http://en.wikipedia.org/wiki/New_York_Times_Co._v._United_States
Just because the government wants to do something illegal so badly that they can taste it, does not mean they can get away with it, despite what the NSA thinks.
[ link to this | view in chronology ]
Re:
The Constitution has several amendments that rather frown on it"
Based on recent history, our government doesn't give a rip. The Constitution is just a speed bump.
[ link to this | view in chronology ]
UK National Security
Though perhaps this Threat is more to the Political Durty Secrets Department
[ link to this | view in chronology ]