Feds Beg NY Times, Pro Publica Not To Reveal That They've Inserted Backdoors Into Internet Encryption
from the too-fucking-bad dept
We already wrote about the latest reports coming out of the Snowden leaks, concerning how the NSA and GCHQ have effectively backdoored their way into breaking various encryption schemes by writing the standards themselves and recruiting internal spies within companies to covertly inject backdoors. The reporting on these documents was done jointly by The Guardian, the NY Times and Pro Publica. However, the NY Times coverage has one interesting tidbitIntelligence officials asked The Times and ProPublica not to publish this article, saying that it might prompt foreign targets to switch to new forms of encryption or communications that would be harder to collect or read. The news organizations removed some specific facts but decided to publish the article because of the value of a public debate about government actions that weaken the most powerful tools for protecting the privacy of Americans and others.Pro Publica, for its part, put up a thorough and detailed explanation for why it chose to publish the story, which is well worth reading:
The story, we believe, is an important one. It shows that the expectations of millions of Internet users regarding the privacy of their electronic communications are mistaken. These expectations guide the practices of private individuals and businesses, most of them innocent of any wrongdoing. The potential for abuse of such extraordinary capabilities for surveillance, including for political purposes, is considerable. The government insists it has put in place checks and balances to limit misuses of this technology. But the question of whether they are effective is far from resolved and is an issue that can only be debated by the people and their elected representatives if the basic facts are revealed.This is true in so many ways. As the NY Times report notes, there had been a public debate about all of this in the 90s, when there was the big fight over the Clipper Chip, an NSA-created form of encryption with backdoors. That fight ended with the NSA losing... and now it appears that they just ignored that and effectively spent the past few decades doing the same exact thing, but in secret. That deserves public exposure and discussion.
Pro Publica points out that this country is founded on a fundamental belief that you can't just "trust" the government, and yet the government is asking us to do exactly that here, as they prove time and time again not to be credible or worthy of trust.
There are those who, in good faith, believe that we should leave the balance between civil liberty and security entirely to our elected leaders, and to those they place in positions of executive responsibility. Again, we do not agree. The American system, as we understand it, is premised on the idea -- championed by such men as Thomas Jefferson and James Madison -- that government run amok poses the greatest potential threat to the people’s liberty, and that an informed citizenry is the necessary check on this threat. The sort of work ProPublica does -- watchdog journalism -- is a key element in helping the public play this role.Kudos to all three publications for taking this step. It's unfortunate that they need to do this, but it's a sad statement on the way the US and UK governments have acted.
American history is replete with examples of the dangers of unchecked power operating in secret. Richard Nixon, for instance, was twice elected president of this country. He tried to subvert law enforcement, intelligence and other agencies for political purposes, and was more than willing to violate laws in the process. Such a person could come to power again. We need a system that can withstand such challenges. That system requires public knowledge of the power the government possesses. Today’s story is a step in that direction.
Update: The Guardian also mentions that intelligence officials asked them not to publish.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: backdoors, encryption, journalism, nsa, nsa surveillance, surveillance
Companies: ny times, pro publica
Reader Comments
Subscribe: RSS
View by: Time | Thread
could?
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
DID...the NSA head....
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
Your in denial if you think switching presidents again is going to solve any problems. The problems are obviously somewhere that does not get cleaned up after an election.
[ link to this | view in chronology ]
In other words the sort of details required to circumvent encryption broken or compromised by the NSA.
[ link to this | view in chronology ]
Re:
For example, from this:
"Cryptographers have long suspected that the agency planted vulnerabilities in a standard adopted in 2006 by the National Institute of Standards and Technology..."
NIST, conveniently, has a timeline for it's standards.
http://www.nist.gov/itl/history-timeline.cfm
However, the single one approved in 2006 is specific to the government or government contractors so it is not the general breakthrough the NSA has touted. It also points out that the algorithms are public and some independent cryptographer is going to find a planted weakness sooner or later.
[ link to this | view in chronology ]
I was under the impression we already had checks and balances in place against government abuses of power: the fucking United States Constitution
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Sorry Comrade
[ link to this | view in chronology ]
SSL probably fell first, since the FBI and NSA have been after that forever. VPN, probably, followed. IPSeclolzwegotu.
I wouldn't go so far as to say encryption is a waste of time, but trying to hide anything might be.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
It would not surprise me in the slightest if such an obvious flaw as this (srsly, read the blog post) would be intentional.
[ link to this | view in chronology ]
@everyone above
[ link to this | view in chronology ]
Re: @everyone above
[ link to this | view in chronology ]
Re: Re: @everyone above
[ link to this | view in chronology ]
tor
[ link to this | view in chronology ]
Feds
Seriously, how STUPID are you people?
[ link to this | view in chronology ]
Re: Feds
[ link to this | view in chronology ]
Re: Re: Feds
The NYT has access to the Snowden Documents, which are looking more and more like they're going to be the biggest scandal since Watergate/Pentagon Papers. The paper knows that they're literally sitting on a goldmine here, and so do the Feds, who are rightly terrified about it. A "fourth estate" that doesn't answer to the government's beck and call is a dangerous opponent. Especially when the paper is immune to the government's threats (thanks to New York Times Co. v. the United States [1971]).
Best part: smaller, local papers tend to run the stories published by the NYT, so there's a good chance we might see this popping up in the physical paper come Friday morning.
As the Zen Master says, "We'll see."
[ link to this | view in chronology ]
Re: Feds
[ link to this | view in chronology ]
Could?
Does Slowpoke (the Pokemon) write for ProPublica now?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
-Sir John Dalberg-Acton (10 January 1834 – 19 June 1902)
Why does it seem like all the wise men and women, were alive before I was born. It seems like all we're left with is absolute morons in this day and age.
[ link to this | view in chronology ]
This. I've always assumed this is the easiest way. Just pay someone to leave in a bug.
Anyone think this could happen in voting machine software?
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Response to: BentFranklin on Sep 5th, 2013 @ 4:03pm
[ link to this | view in chronology ]
voting
[ link to this | view in chronology ]
[ link to this | view in chronology ]
2013 - I'm sitting here right now thinking this is no surprise. That said, the feeling this gives me is unique like no other. It's an combination of shame, sadness, disbelief, anger, helplessness, confusion, disgust, and fear. It's the children who will pay for our government turning commie on us because at some point down the road we'll have no freedom left.
I am glad I have no kids and really I'd never bring one into this fucked up country. Don't get me wrong I fucking love the USA and what it's supposed to stand for. There was a lot of of bloodshed to get us here and it's down right offensive to think they're destroying everything we fought so hard for.
Those pioneers laid their fucking lives down so we could be free and prosper and this is how we repay them?
I don't have faith in humanity anymore, and at the rate we're going we'll be lucky to make it to the year 2250 without exterminating ourselves.
:(
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
About time
The government actually believes that just because they asked the Times nicely to not print these things that the Times will cower?
I should hope to high heaven not.
They're finally getting their groove back. Maybe it's still not too late.
But I wonder if it isn't anyway. After all, the government's been getting away with it for all these years and now they're outraged that we're outraged?
Silly us for believing that we could trust them.
[ link to this | view in chronology ]
Re: About time
[ link to this | view in chronology ]
A note of question
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Don't forget
[ link to this | view in chronology ]
hrm medical records??????????
what kind a fucking bullshit is that , and it shows how fucking out of control they are...how much they are violating my own nations extreme privacy laws especially in regards to health care.
[ link to this | view in chronology ]
@24
thanks for creating panic....
[ link to this | view in chronology ]
The missed point?
What should be of similar concern, even if we take the naive route of trusting the government, is that if the weakness is there someone else very malicious might have discovered it and might be exploiting it; including the very types of people they're supposed to be protecting the nation from. It's arrogant and stupid at best to believe you're the only entity who'll be able to exploit it.
In seeking to achieve surveilance capabilities, they've exposed billions of people to untold risk.
[ link to this | view in chronology ]
The "but we have to keep you safe!" argument ought to be treated with the utmost derision.
[ link to this | view in chronology ]
best thing to do ....
[ link to this | view in chronology ]
[ link to this | view in chronology ]