The Common Ills: New revelations on Barack's illegal spying

Friday, September 06, 2013

New revelations on Barack's illegal spying

Joseph Menn (Reuters) reports, "The U.S. National Security Agency has secretly developed the ability to crack or circumvent commonplace Internet encryption used to protect everything from email to financial transactions, according to media reports citing documents obtained by former NSA contractor Edward Snowden." Jon Healy (Los Angeles Times) offers this call:

The latest Edward Snowden-powered exposé published by the New York Times, ProPublica and the Guardian is, to me, the most frightening. It reveals that the National Security Agency has moved beyond its historic role as a code-breaker to become a saboteur of the encryption systems. Its work has allegedly weakened the scrambling not just of terrorists' emails but also bank transactions, medical records and communications among coworkers.

How bad is it? CNN explains:

According to the reports, the NSA, alongside its UK equivalent, Government Communications Headquarters, better known as GCHQ, has been able to unscramble much of the encoding that protects everything from personal e-mails to banking systems, medical records and Internet chats.

The agencies' methods include the use of supercomputers to crack codes, covert measures to introduce weaknesses into encryption standards and behind-doors collaboration with technology companies and internet service providers themselves.

That's a lot of new information to absorb and sometimes the best way to understand new information is for it to be broken down into a discussion. Yesterday evening, on KPFA's Flashpoints, guest host Kevin Pina explored the latest revelations with The Bill of Rights Defense Committee's Shahid Buttar:

Kevin Pina: Well, Shahid, am I right in saying that people should not be complacent just because we're getting -- sort of getting used to the news now? That we should still be concerned about this?

Shahid Buttar: Absolutely. You know, every day, more trickles out. And the latest revelations that the NSA and its British counterparts have essentially cracked commercially available encryption codes has dramatic implications for everything from online commerce to our most private communications. And it is absolutely essential that the American people stay very loud and engaged to force a long overdue change and for us to restore fundamental rights.

Kevin Pina: Well so what does this mean that they've cracked basic encryption codes? It means that no data can ever be secure now?

Shahid Buttar: For all intents and purposes. There are some strong versions of encryption that remain, at the moment, uncracked by the NSA. But one of the implications of today's revelations is that the NSA is much further along in its crypto-analysis project to essentially de-encrypt everything than anyone at this point had realized. There was a famous saga from the 90s, the crypto-wars, when essentially Silicon Valley had essentially outflanked the Pentagon and now the tides have changed and until the latest revelations no one had even realized that that had happened.

Kevin Pina: Well I'm also wondering, you know, there's a G-20 that's going on now and you know if it weren't for Syria pushing it off the board now, Edward Snowden would probably be high up there on the list of what Russia and the United States would be discussing. But with Syria, there's no peep whatsoever about it, just a few mentions here and there. But Edward Snowden did a great contribution. Did he not make a great contribution to our understanding of exactly the full extent of NSA spying on its own citizens?

Shahid Buttar: No question. Absolutely. An enormous contribution. The only quibble I would have is we still don't know the full extent and even the entire corpus of his disclosures would not itself about the latest revelations was the fact that the NSA describes American consumers as "adversaries" and has worked not only to rig the international encryption standards to suit its own ends and also collaborated in secret with the tech companies to engineer vulnerabilities into their own commercially available programs but also that they'd actually employed spies -- human intelligence operatives into the tech companies which is deeply disturbing. And the fact that all of this is happening in secret yet still available to contractors -- like Edward Snowden -- is especially disturbing. It's disturbing in a lot of different directions. The idea that we, the American people are paying our tax dollars to an agency that regards us as adversaries is certainly a problem in itself.

So the selfish (and criminal) actions of the NSA have put the entire internet at risk? Yes. James Ball, Julian Borger and Glenn Greenwald (Guardian) report:

"Backdoors are fundamentally in conflict with good security," said Christopher Soghoian, principal technologist and senior policy analyst at the American Civil Liberties Union. "Backdoors expose all users of a backdoored system, not just intelligence agency targets, to heightened risk of data compromise." This is because the insertion of backdoors in a software product, particularly those that can be used to obtain unencrypted user communications or data, significantly increases the difficulty of designing a secure product."
This was a view echoed in a recent paper by Stephanie Pell, a former prosecutor at the US Department of Justice and non-resident fellow at the Center for Internet and Security at Stanford Law School.
"[An] encrypted communications system with a lawful interception back door is far more likely to result in the catastrophic loss of communications confidentiality than a system that never has access to the unencrypted communications of its users," she states.

Cedric and Wally posted yesterday evening: