NY Times: NSA Should Be Barred From Requiring Companies To Introduce Surveillance Backdoors

from the good-for-them dept

This is a bit surprising, given the source, but the NY Times editorial board has come out strongly against the NSA's practice of forcing companies to install backdoors in no uncertain terms:

These back doors and special access routes are a terrible idea, another example of the intelligence community’s overreach. Companies and individuals are increasingly putting their most confidential data on cloud storage services, and need to rely on assurances their data will be secure. Knowing that encryption has been deliberately weakened will undermine confidence in these systems and interfere with commerce.

The back doors also strip away the expectations of privacy that individuals, businesses and governments have in ordinary communications. If back doors are built into systems by the N.S.A., who is to say that other countries’ spy agencies — or hackers, pirates and terrorists — won’t discover and exploit them?

In two short paragraphs, the editorial gets right to the heart of the problem. The "cost" to having these backdoors is undeniably huge in terms of trust and privacy. The harm to individuals and businesses is tremendous, but the benefits are, at best, minor. We get vague discussions about stopping some terrorist attacks, but still others get through. Yet, in every day life there are risks. It's ridiculous to expect 100% perfection in stopping terrorists, and when we go way too far in trying to stop every attack, we lead to unintended consequences such as destroying privacy and harming the ability of companies to build better, more secure products.

Surprisingly, again, the NY Times then speaks out in support of a bill from Rep. Rush Holt that would make it illegal for the government to require backdoors in various products. This would be a huge step in enabling the US tech industry to move forward with more secure encryption.

Representative Rush Holt, Democrat of New Jersey, has introduced a bill that would, among other provisions, bar the government from requiring software makers to insert built-in ways to bypass encryption. It deserves full Congressional support. In the meantime, several Internet companies, including Google and Facebook, are building encryption systems that will be much more difficult for the N.S.A. to penetrate, forced to assure their customers that they are not a secret partner with the dark side of their own government.

This is unlikely to happen, unfortunately. The DOJ, for years, has been pushing for even more backdoors. And, you may recall, just a month or so before the Snowden leaks, the DOJ wanted the power to fine companies who wouldn't install surveillance backdoors. The law enforcement world would go absolutely ballistic, should Holt's bill ever get near becoming law.

Filed Under: backdoors, nsa, nsa surveillance, rush holt, security, surveillance

Linus Torvalds Admits He Was Approached By US Government To Insert Backdoor Into Linux -- Or Does He?

from the who-can-you-trust? dept

At the LinuxCon meeting in New Orleans, Linus Torvalds was asked if he had ever been approached by the US government to insert a backdoor into the Linux kernel. Here's his characteristic answer:

Torvalds responded "no" while shaking his head "yes," as the audience broke into spontaneous laughter.

Obviously, it's hard to tell from that whether he really meant "yes" or "no". But the question does touch on an important issue: whether open source might be less vulnerable than traditional applications to tampering by the NSA or other intelligence organizations. That's plausible, because by definition free software's code is always available for inspection; the idea is that even if backdoors are somehow introduced, they will be spotted by people looking over the code.

Of course, there are some problems with that. The first is that just because the code is available does not mean anyone will look at it. Secondly, even if the source code is examined and looks fine, that doesn't imply that the compiled version you run on your machine will be -- a well known, and deep problem. So does that mean we should give up on the hope that open source might be better than traditional closed source when it comes to backdoors?

Not necessarily. Here, for example, is the security expert Bruce Schneier writing in the Guardian a couple of weeks ago on the best ways to stay secure in the light of the revelations about the NSA's activities. One suggestion was as follows:

Be suspicious of commercial encryption software, especially from large vendors. My guess is that most encryption products from large US companies have NSA-friendly back doors, and many foreign ones probably do as well. It's prudent to assume that foreign products also have foreign-installed backdoors. Closed-source software is easier for the NSA to backdoor than open-source software.

After listing a number of recommended software tools, he also makes the following comment:

I understand that most of this is impossible for the typical internet user. Even I don't use all these tools for most everything I am working on. And I'm still primarily on Windows, unfortunately. Linux would be safer.

That's just one voice, albeit a highly-respected one. Here's another, saying much the same thing as Schneier:

Thanks to the recent NSA leaks, people are more worried than ever that their software might have backdoors. If you don't believe that the software vendor can resist a backdoor request, the onus is on you to look for a backdoor. What you want is software transparency.

Transparency of this type is a much-touted advantage of open source software, so it's natural to expect that the rise of backdoor fears will boost the popularity of open source code. Many open source projects are fully transparent: not only is the source code public, but the project also makes public the issue tracker that is used to manage known defects and the internal email discussions of the development team. All of these are useful in deterring backdoor attempts.

That's from Ed Felten (pdf), Professor of Computer Science and Public Affairs, Princeton University, and someone whose name has appeared on Techdirt many times. Despite his upbeat assessment of the value of open source in providing software transparency, the rest of his post urges caution:

transparency does not guarantee that holes will be found, because there might not be enough eyeballs on the code. For open source projects, finding backdoors, or security vulnerabilities in general, is a public good, in the economists' sense that effort spent on it benefits everyone, including those who don't contribute any effort themselves. So it's not obvious in advance that any particular open source project can avoid backdoors.

In other words, open source is not a panacea: it is not guaranteed to protect you from backdoors. But, like encryption, it is probably one of the best defenses we have -- whether or not Torvalds was asked to add a backdoor to Linux.

Follow me @glynmoody on Twitter or identi.ca, and on Google+

Filed Under: backdoors, linus torvalds, open source, surveillance, trust

Details Reveal Crypto Standard Controlled By NSA; And How Canada Helped

from the international-cooperation dept

After the revelations of how the NSA basically authored a crypto standard surreptitiously with obligatory backdoors, plenty of people started exploring exactly which standard it was -- and called on the various reporters with access to Snowden's documents to come clean, mainly to protect people who were now using insecure crypto. Buried in a blog post that focuses more on the NIST's non-response to the news, the NY Times finally revealed both what standard it was, the Dual EC DRBG standard, and how Canadian intelligence basically was the cover, helping to hide the NSA's efforts:

But internal memos leaked by a former N.S.A. contractor, Edward Snowden, suggest that the N.S.A. generated one of the random number generators used in a 2006 N.I.S.T. standard — called the Dual EC DRBG standard — which contains a back door for the N.S.A. In publishing the standard, N.I.S.T. acknowledged “contributions” from N.S.A., but not primary authorship.

Internal N.S.A. memos describe how the agency subsequently worked behind the scenes to push the same standard on the International Organization for Standardization. “The road to developing this standard was smooth once the journey began,” one memo noted. “However, beginning the journey was a challenge in finesse.”

At the time, Canada’s Communications Security Establishment ran the standards process for the international organization, but classified documents describe how ultimately the N.S.A. seized control. “After some behind-the-scenes finessing with the head of the Canadian national delegation and with C.S.E., the stage was set for N.S.A. to submit a rewrite of the draft,” the memo notes. “Eventually, N.S.A. became the sole editor.”

That same article notes that people inside NIST "feel betrayed by their colleagues at the NSA," but I wonder if NIST will ever be able to regain any real sense of trust with the crypto community.

Filed Under: backdoors, canada, cyrpto, dual ec drbg, encryption, nist, nsa, nsa surveillance

John Gilmore On How The NSA Sabotaged A Key Security Standard

from the betrayal-of-trust dept

In Bruce Schneier's uplifting call to fix the Internet in the wake of key technologies being subverted by the US government, one of the things he asks engineers to do is to come forward with detailed information about how the NSA did that:

We need to know how exactly how the NSA and other agencies are subverting routers, switches, the internet backbone, encryption technologies and cloud systems. I already have five stories from people like you, and I've just started collecting. I want 50. There's safety in numbers, and this form of civil disobedience is the moral thing to do.

Although not directly answering that call, EFF co-founder John Gilmore has written a fascinating short post about what he noticed happening on an IETF standards committee drawing up the important IPsec standard:

NSA employees participated throughout, and occupied leadership roles in the committee and among the editors of the documents

...

Every once in a while, someone not an NSA employee, but who had longstanding ties to NSA, would make a suggestion that reduced privacy or security, but which seemed to make sense when viewed by people who didn't know much about crypto.

...

The resulting standard was incredibly complicated -- so complex that every real cryptographer who tried to analyze it threw up their hands and said, "We can't even begin to evaluate its security unless you simplify it radically".

Needless to say, it was never simplified. Gilmore also reports what happened elsewhere:

In other circumstances I also found situations where NSA employees explicitly lied to standards committees, such as that for cellphone encryption, telling them that if they merely debated an actually-secure protocol, they would be violating the export control laws unless they excluded all foreigners from the room (in an international standards committee!).

Of course, this remains at the anecdotal level. But if Schneier gets his 50 NSA stories, we should start to have a much clearer picture of what the agency has been up to -- and how to stop it happening in the future.

Follow me @glynmoody on Twitter or identi.ca, and on Google+

Filed Under: backdoors, encryption, ietf, john gilmore, nsa, sabotage, standards, surveillance

NSA Defends Encryption Backdoors By Promising It's Only Used To Spy On All Of Us

from the choice-of-words... dept

The Director of National Intelligence has now responded to the unveiling of the fact that the NSA inserted backdoors in various forms of encryption and recruited internal spies at telco companies with one of his typically ridiculous statements using carefully parsed words. It sounds like the NSA rushed out that statement, because the attempt to assure the public that it's just being used on bad people leaves open a pretty large loophole. See if you can spot it:

Throughout history, nations have used encryption to protect their secrets, and today, terrorists, cybercriminals, human traffickers and others also use code to hide their activities. Our intelligence community would not be doing its job if we did not try to counter that.

Highlighting added by me. Here's a tip: when trying to reassure the public that you're not abusing your powers, and that you're breaking basic encryption used widely across the internet for their own good by narrowly targeting whom it's used against, maybe (just maybe) don't include a hedge word that includes every human being on earth.

As Ken White noted, we are all "others" here. We've already noted that previous leaks, concerning "minimization" have shown that the NSA people believe that if your data is encrypted then they can keep it, because you might be evil, and that comes through here as well. They keep trying to focus on how this is just about stopping terrorists, but it always leaves that massive loophole for "others."

So, once again, the NSA's attempt to insist that what it's doing is narrow and targeted and just after "the bad guys," yet again only breeds further reasons to trust the NSA even less. As White notes, this whole situation is particularly disturbing because so much can be classified under "others" that should be seen as reasonable and normal activity of a person who questions whether the government is really acting as a representative of the people.

I am the other because I do not trust my government in general, or the people working for its security apparatus in particular.

I am the other because I believe the Security State and its representatives habitually lie, both directly and by misleading language, about the scope of their spying on us. I believe they feel entitled to do so.

I am the other because I believe the Security State and its representatives habitually violate such modest restrictions as a complacent and compliant legislature puts on their spying — again, because they feel entitled to do so.

I am the other because I don't believe the Security State and its representatives when they say that government spying is reserved for foreign terrorists. In fact, the NSA's "minimization" techniques — touted as methods for restricting spying to foreign terrorists instead of U.S. citizens — are often transparently and insultingly ridiculous.

I am the other because I don't believe my government when it tries to convince us that enhanced spying techniques are used to protect us from terrorists. I believe, instead, that the increased powers acquired by my government since 9/11 have been habitually brought to bear for domestic purposes, including such things as the ruinous and amoral War on Drugs.

Ken goes on from there and it's well worth reading the entire statement. The NSA sees the American public as the adversary and believes it can track pretty much anyone as an "other." And for those who believe you "have nothing to fear because you've done nothing wrong," it's time to recognize that you too, are the "other."

Filed Under: backdoors, dni, encryption, i con the record, ic, james clapper, nsa, nsa surveillance, surveillance

Feds Beg NY Times, Pro Publica Not To Reveal That They've Inserted Backdoors Into Internet Encryption

from the too-fucking-bad dept

We already wrote about the latest reports coming out of the Snowden leaks, concerning how the NSA and GCHQ have effectively backdoored their way into breaking various encryption schemes by writing the standards themselves and recruiting internal spies within companies to covertly inject backdoors. The reporting on these documents was done jointly by The Guardian, the NY Times and Pro Publica. However, the NY Times coverage has one interesting tidbit not in the Guardian:

Intelligence officials asked The Times and ProPublica not to publish this article, saying that it might prompt foreign targets to switch to new forms of encryption or communications that would be harder to collect or read. The news organizations removed some specific facts but decided to publish the article because of the value of a public debate about government actions that weaken the most powerful tools for protecting the privacy of Americans and others.

Pro Publica, for its part, put up a thorough and detailed explanation for why it chose to publish the story, which is well worth reading:

The story, we believe, is an important one. It shows that the expectations of millions of Internet users regarding the privacy of their electronic communications are mistaken. These expectations guide the practices of private individuals and businesses, most of them innocent of any wrongdoing. The potential for abuse of such extraordinary capabilities for surveillance, including for political purposes, is considerable. The government insists it has put in place checks and balances to limit misuses of this technology. But the question of whether they are effective is far from resolved and is an issue that can only be debated by the people and their elected representatives if the basic facts are revealed.

This is true in so many ways. As the NY Times report notes, there had been a public debate about all of this in the 90s, when there was the big fight over the Clipper Chip, an NSA-created form of encryption with backdoors. That fight ended with the NSA losing... and now it appears that they just ignored that and effectively spent the past few decades doing the same exact thing, but in secret. That deserves public exposure and discussion.

Pro Publica points out that this country is founded on a fundamental belief that you can't just "trust" the government, and yet the government is asking us to do exactly that here, as they prove time and time again not to be credible or worthy of trust.

There are those who, in good faith, believe that we should leave the balance between civil liberty and security entirely to our elected leaders, and to those they place in positions of executive responsibility. Again, we do not agree. The American system, as we understand it, is premised on the idea -- championed by such men as Thomas Jefferson and James Madison -- that government run amok poses the greatest potential threat to the people’s liberty, and that an informed citizenry is the necessary check on this threat. The sort of work ProPublica does -- watchdog journalism -- is a key element in helping the public play this role.

American history is replete with examples of the dangers of unchecked power operating in secret. Richard Nixon, for instance, was twice elected president of this country. He tried to subvert law enforcement, intelligence and other agencies for political purposes, and was more than willing to violate laws in the process. Such a person could come to power again. We need a system that can withstand such challenges. That system requires public knowledge of the power the government possesses. Today’s story is a step in that direction.

Kudos to all three publications for taking this step. It's unfortunate that they need to do this, but it's a sad statement on the way the US and UK governments have acted.

Update: The Guardian also mentions that intelligence officials asked them not to publish.

Filed Under: backdoors, encryption, journalism, nsa, nsa surveillance, surveillance
Companies: ny times, pro publica

NSA & GCHQ Covertly Took Over Security Standards, Recruited Telco Employees To Insert Backdoors

from the not-so-secure dept

And the latest report on the Ed Snowden leak documents has come out and it's yet another big one: the NSA and GCHQ have basically gotten backdoors into various key security offerings used online, in part by controlling the standards efforts, and in part by sometimes covertly introducing security vulnerabilities into various products. They haven't "cracked" encryption standards, but rather just found a different way in. The full report is worth reading, but a few key points are worth highlighting.

First, the NSA spends $250 million per year to "covertly" influence tech product designs. The report suggest two ways this is happening. First by infiltrating standards-bodies:

Independent security experts have long suspected that the NSA has been introducing weaknesses into security standards, a fact confirmed for the first time by another secret document. It shows the agency worked covertly to get its own version of a draft security standard issued by the US National Institute of Standards and Technology approved for worldwide use in 2006.

"Eventually, NSA became the sole editor," the document states.

That's disturbing enough, but it gets worse. While the Guardian report suggests that unnamed tech companies are "collaborating" in inserting these kinds of backdoors, that's not entirely clear, because later in the document, they suggest that the NSA is recruiting covert operatives within telco firms to insert vulnerabilities:

To help secure an insider advantage, GCHQ also established a Humint Operations Team (HOT). Humint, short for "human intelligence" refers to information gleaned directly from sources or undercover agents.

This GCHQ team was, according to an internal document, "responsible for identifying, recruiting and running covert agents in the global telecommunications industry."

"This enables GCHQ to tackle some of its most challenging targets," the report said. The efforts made by the NSA and GCHQ against encryption technologies may have negative consequences for all internet users, experts warn."

Did you get that? Rather than recruiting spies from, say, governments, the NSA and GCHQ are recruiting employees at telcos to help them suck up and access all your data.

All of this activity has apparently led to some major breakthroughs, allowing them to access plenty of data they didn't have access to previously. Just last week we'd written about major successes by the NSA having to do with encryption, and this report reveals more details:

"For the past decade, NSA has lead [sic] an aggressive, multi-pronged effort to break widely used internet encryption technologies," stated a 2010 GCHQ document. "Vast amounts of encrypted internet data which have up till now been discarded are now exploitable."

An internal agency memo noted that among British analysts shown a presentation on the NSA's progress: "Those not already briefed were gobsmacked!" The breakthrough, which was not described in detail in the documents, meant the intelligence agencies were able to monitor "large amounts" of data flowing through the world's fibre-optic cables and break its encryption, despite assurances from internet company executives that this data was beyond the reach of government.

Once again, we're seeing rather extreme behavior on the part of the NSA and GCHQ as they try to basically be able to dig into every possible communication.

Filed Under: backdoors, encryption, gchq, nsa, nsa surveillance, standards, surveillance

Chinese Hacks Of Google Database Of Surveillance Targets Highlight How Dumb Technology Backdoors Are

from the how-can-people-still-not-see-this dept

We've argued for quite some time that law enforcement's desire to require backdoors for wiretapping in all electronic communications is really dumb, because it won't just be law enforcement using it (and, when they use it, it won't just be for legitimate purposes). As soon as you have that backdoor in place, you've pretty much guaranteed that it becomes something of a target. And the news that broke earlier this week about how Chinese hackers who broke into Google servers a few years ago were targeting their database of which accounts had been flagged for national security surveillance makes this point that much clearer. The people doing this kind of hacking aren't dumb: they know that there are weaknesses where they can probe. A few weeks back, a Microsoft exec had actually revealed that their own analysis of similar attacks on Microsoft's servers from China showed the same basic target and discussed the serious implications.

"What we found was the attackers were actually looking for the accounts that we had lawful wiretap orders on," Aucsmith says. "So if you think about this, this is brilliant counter-intelligence. You have two choices: If you want to find out if your agents, if you will, have been discovered, you can try to break into the FBI to find out that way. Presumably that's difficult. Or you can break into the people that the courts have served paper on and see if you can find it that way. That's essentially what we think they were trolling for, at least in our case."

The more openings and the more data that is shared, the more openings and opportunities there are for people who you don't want to see that data to have access to it. That should be a major concern. Just before all of this was revealed, we had written about a new report how such backdoors basically destroy any competent attempt at cybersecurity. Julian Sanchez highlights how those who think this isn't a problem are almost certainly confused about how computer security works.

Defenders of the FBI proposal tend to pooh-pooh security concerns raised about requirisng such backdoors: Our brilliant American programmers, they assert, will find ways to enable wiretapping without creating new vulnerabilities. But if a company like Google, with its massive financial resources and a stable of some of the smartest coders anywhere, can be victimized in this way, how realistic is it to expect thousands of Internet startups to achieve better security?

Creating more access to information that should be secret might help law enforcement, at the expense of our civil liberties, but it's also going to help those with nefarious intent quite a bit. And that should be a serious concern.

Filed Under: backdoors, china, hacking, national security, surveillance, wiretapping
Companies: google, microsoft

Want To Destroy Any Hope Of Serious Cybersecurity? Give The DOJ Its Desired Backdoor Wiretaps On All Communications

from the stupid-ideas dept

The Obama administration has supposedly been "considering" the latest version of the DOJ's plan to require backdoor wiretapping abilities in any form of digital communication. If you don't recall, the FBI asks for this basically every year. The latest version would lead to fines for any company that doesn't build in a backdoor wiretapping ability. We've been pointing out for quite some time that putting in such backdoors only makes us all less safe, because those with malicious intent will find and use those backdoors.

A new report has been released, put together by some of the best known technologists and security experts out there, saying that the plan, as being considered would effectively undermine any cybersecurity regime. At a time when the administration and Congress keep insisting that we need better cybersecurity, to undermine it all with wiretapping backdoors would be ridiculous. And let's not even begin discussing how this would play out if it passed and number one CISPA backer Mike Rogers then became head of the FBI.

Among the report's authors are names you might recognize, like Ed Felten, Peter Neumann, Bruce Schneier and Phil Zimmerman. You can read the full report (pdf) to see all the details. As Ed Felten told the NY Times:

“It’s a single point in the system through which all of the content can be collected if they can manage to activate it,” said Edward W. Felten, a computer science professor at Princeton and one of the authors of the report... “That’s a security vulnerability waiting to happen, as if we needed more,” he said.

Once again, all of this suggests that the efforts around "cybersecurity" have always been more of a cover story to try to make it easier for law enforcement to access data, rather than any legitimate effort at improving security.

Filed Under: backdoors, bruce schneier, cybersecurity, doj, ed felten, fbi, mike rogers, peter neumann, phil zimmerman, wiretaps

How The FBI's Desire To Wiretap Every New Technology Makes Us Less Safe

from the can-you-hear-me-now? dept

Here they go again. Every year or so we end up writing about the FBI's desire for better wiretapping capabilities for new technologies, such as Skype. Basically, the FBI argues that because "bad guys" might use those tools to communicate in secret, they need backdoors to make sure that they can keep tabs on the bad guys.

But they're forgetting something: the FBI isn't necessarily the only one who will get access to those backdoors. In fact, by requiring backdoors to enable surveillance on all sorts of systems, the FBI is almost guaranteeing that the bad guys will use those backdoors for their own nefarious purposes. It's not security, it's anti-security.

This is why claims by the feds that we need cybersecurity legislation, like CISPA or the Cybersecurity Act, ring hollow. If they really wanted more protected networks, they wouldn't keep asking for specific security holes to be explicitly added to those networks.

Two decades ago, the FBI complained it was having trouble tapping the then-latest cellphones and digital telephone switches. After extensive FBI lobbying, Congress passed the Communications Assistance for Law Enforcement Act (CALEA) in 1994, mandating that all telephone switches include FBI-approved wiretapping capabilities.

CALEA was justifiably controversial, not least because its requirement for “backdoors” across our communications infrastructure seemed like a security nightmare: How could we keep criminals and foreign spies from exploiting weaknesses in the new wiretapping features? Would we even be able to detect them when they did?

Those fears were soon borne out. In 2004, a mysterious someone — the case was never solved — hacked the wiretap backdoors of a Greek cellular switch to listen in on senior government officials … including the prime minister.

Think this could only happen abroad? Some years ago, the U.S. National Security Agency discovered that every telephone switch for sale to the Department of Defense had security vulnerabilities in their mandated wiretap implementations. Every. Single. One.

Somehow, the FBI always thinks that if there are backdoors, only it will use them. That is extreme wishful thinking.

Filed Under: backdoors, fbi, hacking, privacy, wiretaps