Bruce Schneier: Sure, Russia & China Probably Have The Snowden Docs... But Not Because Of Snowden

from the because-espionage dept

Given all the fuss over the ridiculous article this past weekend -- which has since been confirmed as government stenography rather than actual reporting -- security maven Bruce Schneier has written up an article making a key point. It's quite likely that the underlying point in the article -- that Russian and Chinese intelligence agencies have access to the documents that Snowden originally handed over to reporters -- is absolutely true. But, much more importantly, he argues, the reason likely has almost nothing to do with Snowden.

First, he notes, it's quite likely that Snowden -- as he has said -- no longer has access to the documents. But other people do. And they're not as knowledgeable about encryption and spycraft as Snowden is.

First, the journalists working with the documents. I’ve handled some of the Snowden documents myself, and even though I’m a paranoid cryptographer, I know how difficult it is to maintain perfect security. It’s been open season on the computers of the journalists Snowden shared documents with since this story broke in July 2013. And while they have been taking extraordinary pains to secure those computers, it’s almost certainly not enough to keep out the world’s intelligence services.

There is a lot of evidence for this belief. We know from other top-secret NSA documents that as far back as 2008, the agency’s Tailored Access Operations group has extraordinary capabilities to hack into and “exfiltrate” data from specific computers, even if those computers are highly secured and not connected to the Internet.

These NSA capabilities are not unique, and it’s reasonable to assume both that other countries had similar capabilities in 2008 and that everyone has improved their attack techniques in the seven years since then.

But, the second point is an even bigger one, which is that it's highly likely that Russian and Chinese intelligence got these documents long before Snowden gave them to the press, because that's what spies do.

Which brings me to the second potential source of these documents to foreign intelligence agencies: the US and UK governments themselves. I believe that both China and Russia had access to all the files that Snowden took well before Snowden took them because they’ve penetrated the NSA networks where those files reside. After all, the NSA has been a prime target for decades.

Those government hacking examples above were against unclassified networks, but the nation-state techniques we’re seeing work against classified and unconnected networks as well. In general, it’s far easier to attack a network than it is to defend the same network. This isn’t a statement about willpower or budget; it’s how computer and network security work today. A former NSA deputy director recently said that if we were to score cyber the way we score soccer, the tally would be 462–456 twenty minutes into the game. In other words, it’s all offense and no defense.

In this kind of environment, we simply have to assume that even our classified networks have been penetrated. Remember that Snowden was able to wander through the NSA’s networks with impunity, and that the agency had so few controls in place that the only way they can guess what has been taken is to extrapolate based on what has been published. Does anyone believe that Snowden was the first to take advantage of that lax security? I don’t.

Remember, this is the same government that's now reeling from the Chinese hacking of OPM getting all the secrets of government employees, including those with security clearances. It was a hack so impressive that even Michael Hayden -- former CIA and NSA boss -- can't hide his appreciation of the work that was done. Hayden called it "honorable espionage work" by the Chinese and further notes that he "would not have thought twice" if he had the ability to get the same info from the Chinese.

These are the games that intelligence agencies play all the time. Schneier's piece has a lot more in it, but the idea that the Russians and Chinese learned anything particularly new or useful from the Snowden documents -- or that they even got them from Snowden's document dump -- seems quite dubious.

Filed Under: bruce schneier, china, encryption, espionage, michael hayden, russia, snowden documents

Former NSA Official: Anyone Who 'Justified' Snowden's Leaks Shouldn't Be Allowed A Gov't Job

from the because-our-government-is-above-reproach-ALWAYS dept

A few days ago, the FTC announced that it had appointed Ashkan Soltani as its chief technology officer. Soltani is a well-known (and often outspoken) security researcher who has worked at the FTC in the past. Nothing about this appointment should be all that surprising or even remotely controversial. However, recently, Soltani had been doing a lot of journalism work, as a media consultant at the Washington Post helping Barton Gellman and other reporters really understand the technical and security aspects of the Snowden documents. His name has appeared as a byline in a number of stories about the documents, detailing what is really in those documents, and how they can impact your privacy.

Apparently, this has upset the usual crew of former NSA officials.

Let's start with former NSA director Michael Hayden. The publication FedScoop heard the news about Soltani, and decided to ask Hayden and other NSA-types their thoughts. You can tell by the opening paragraph what angle FedScoop is digging for with its article:

The Federal Trade Commission has hired privacy and technology expert Ashkan Soltani to serve as the commission’s chief technology officer. But security experts and former senior U.S. intelligence officials are questioning the FTC’s decision, given Soltani’s very public role as a consultant for The Washington Post, where he co-authored multiple articles based on classified documents stolen from the National Security Agency by former contractor Edward Snowden.

The loaded language in the introductory paragraph telegraphs FedScoop's desire to have its predispositions confirmed by the NSA's defenders, even though this move is more of a return to form for Soltani rather than an indication of the FTC's willingness to give the administration the finger by proxy, or whatever it is that Hayden feels is going on here.

His job will be to advise the commission on evolving technology and policy issues, a role similar to one he held previously at the FTC before leaving government to become an independent consultant.

Hayden's criticism of Soltani's selection begins with a sentence that shows (and immediately denies) what he'd like to do in the limited time FedScoop has granted him.

“I’m not trying to demonize this fella, but he’s been working through criminally exposed documents and making decisions about making those documents public,” said Michael Hayden, a former NSA director who also served as CIA director from 2006 to 2009.

Yes, how dare he do journalism in association with a well-known and (mostly) respected news organization. The FTC has so far refused to comment on its "controversial" selection. The NSA has yet to comment either, although one wonders if anyone outside of FedScoop truly believes the agency actually has anything to comment on here. Neither did the White House, despite FedScoop's endless harassment.

The White House Office of Personnel Management [...] did not respond to FedScoop’s repeated requests for information on the FTC’s ability to hire Soltani given his role in consulting with the Post as it disclosed the Snowden documents.

But guess who else has an opinion on this matter -- a hiring so controversial that no one actively employed by the government has felt the slightest urge to comment on? It's our other favorite NSA apologist, and he manages to top Hayden's vague but judgemental statements, as well as somehow managing to have even less of a grasp on the subject matter.

Stewart Baker, a former NSA general counsel, said, while he’s not familiar with the role Soltani would play at the FTC, there are still problems with his appointment. “I don’t think anyone who justified or exploited Snowden’s breach of confidentiality obligations should be trusted to serve in government,” Baker said.

But those who aided and abetted the expansion of domestic surveillance programs and betrayed the American public should be "trusted" to "serve" (themselves and their agencies) for years to come. Those who question the government should be kept as far away from the inner workings as possible, at least according to these two NSA defenders. And they base this judgement not on Soltani's upcoming position (which neither seem to know anything about), or actual government policies (which neither cite in defense of their claims), but rather on their feeling that no one who has "betrayed" the Agency (even if to serve the public or the Constitution) should be allowed to serve the public in any capacity.

Filed Under: ashkan soltani, ftc, michael hayden, nsa, snowden documents, stewart baker, surveillance

New Zealand Police Raid Home Of Reporter Who Embarrassed Gov't Officials & Was Working On Snowden Documents

from the freedom-of-the-press? dept

Apparently, the New Zealand government is not a huge fan of press freedom. The national police force recently raided and ransacked the home of Nicky Hager, an independent journalist who has been a thorn in the current leadership's side for some time now.

In August, one month before New Zealand’s national election, Hager published Dirty Politics, which showed that key figures in Prime Minister John Key’s National Party were feeding derogatory information about their opponents to a virulent right-wing blogger named Cameron Slater. Hager published evidence in the form of incriminating emails, provided by a hacker, demonstrating coordination between National Party officials and Slater. The ensuing scandal forced the resignation of a top Key ally, Justice Minister Judith Collins, and implicated numerous other National Party officials and supporters. Despite the scandal, the National Party won a resounding victory in the election, sending Key to a third term as prime minister.

And then, once safely back in power, the government wasted little time:

On October 2—less than two weeks after the election—detectives from a regional “major crime team” came to Hager’s Wellington home armed with a search warrant authorizing them to seize anything that might lead them to the identity of his source for Dirty Politics. The warrant shows that prior to the raid, a police “intelligence analyst” had studied Hager’s media appearances in an effort to discover information about his sources for the book, taking particular note of references Hager made to knowing the source’s identity.

Over at The Intercept, Glenn Greenwald and Ryan Gallagher note that Hager was also working with them on some Snowden documents as they concerned what was happening in New Zealand. As you may recall, right before the election, Greenwald had used some Snowden documents to show that Prime Minister Key had lied about mass surveillance -- leading Key to petulantly lash out with ad hominems at Greenwald, referring to him as a "loser." Greenwald made it clear that they would likely be revealing more about New Zealand's activities -- and now wonders if that might be another reason why Hager was raided, once the government figured out who Greenwald was working with.

Either way, the search seems quite excessive and seriously raises questions about New Zealand's respect for the freedom of the press:

Once they entered the property, detectives spent ten hours sifting through Hager and his family’s personal effects, making copies of any USB storage devices they found and seizing Hager’s computer, personal documents, a camera, a dictaphone, CDs, and dozens of other items—not to mention his daughter’s laptop, cellphones, and iPod.

The whole thing seems fairly crazy, and clearly done to intimidate Hager and others for daring to actually call out the government's bad behavior. These are the kinds of actions that we're supposed to believe no longer happen in modern democracies, but they seem to be happening on an increasingly frequent basis.

Filed Under: cameron slater, dirty politics, ed snowden, free press, john key, new zealand, nicky hager, raids, snowden documents