Hacker News new | past | comments | ask | show | jobs | submit login
NSA’s top policy advisor: It’s time to start putting teeth in cyber deterrence (arstechnica.com)
117 points by deanalevitt 13 days ago | hide | past | web | favorite | 119 comments





How about the NSA and similar institutions in other countries don't hoard zerodays and instead actively work to improve security? Defending against hackers is a lot easier than defending against nuclear missiles. We don't need an active deterrence if the defenses are good.

While I agree and I hate the NSA's practice of hoarding zero days, they do this to keep software vulnerable on purpose. They've invested millions in uncovering zero days SPECIFICALLY so they could then spend millions more to be the only ones exploiting these vulnerabilities. If they share the zero day, the vendor will write a patch and it's game-over for their multi-million dollar exploit.

Don't get me wrong, it's entirely inappropriate for an American government agency to be subverting the security of American products made by American companies and used by the American public. We have a unique opportunity that no other country has to coordinate our secret intelligence work with the private sector to completely own the security industry, but we allow our government to take an adversarial approach to defense. It's insane and criminal, but that's how it is.

Imagine how effective an intelligence campaign would be against, say, Iran, if the NSA went to Microsoft, disclosed a vuln, and then told them to patch the vuln ONLY in specific markets. Roll out the patch to American companies first, but leave select targets still vulnerable. No other country could get Microsoft to do that except the United States... And we waste that opportunity by trying to lone-wolf everything.


> Imagine how effective an intelligence campaign would be against, say, Iran, if the NSA went to Microsoft, disclosed a vuln, and then told them to patch the vuln ONLY in specific markets.

While that approach might be effective, the long-term result could be increased distrust of American software companies by other countries, depending on how it's done.

I think the primary problems are structural: that (a) a single agency has to act as both red and blue teams, (b) the red team lacks enough oversight to ensure it respects rule of law and civilian civil rights, and (c) the blue team isn't authorized to disclose all its known vulnerabilities to software vendors.


> the long-term result could be increased distrust of American software companies by other countries, depending on how it's done

America isn't Australia. The NSA hoards bugs in software domestic and foreign alike.

One amendment to their charter which might make sense would be installing a public ombudsman. This ombudsman reviews the NSA's vulnerability hoard, takes into account the software's usage in the United States and then makes arguments to senior leadership for selectively releasing them.


It seems to me that the public ombudsman role you propose is already played by the other agencies and departments involved in the Vulnerabilities Equities Process https://www.whitehouse.gov/sites/whitehouse.gov/files/images...

I would specifically call out Treasury (high dependence of financial sector on publicly available products), OMB (high dependence of government systems on publicly available products), and Commerce (most direct purview of publicly available products) in playing that role.


I'm sorry, but this seems a little naive. 1) It assumes that the NSA would only want to exploit a vulnerability exactly once, 2) this behavior would be fairly obvious since hackers examine patch payloads, and 3) this behavior on the part of American tech would undermine their credibility globally. Wouldn't you reasonably be very skeptical of Microsoft if you were a foreign government if you knew they were actively working with the American government to pwn you?

The status quo of a semi-adversarial relationship between the NSA and tech companies for offensive cyber capabilities seems better to me for both parties. Of course it would be good if they were collaborating on defensive cyber security.


> I'm sorry, but this seems a little naive.

https://en.wikipedia.org/wiki/NSAKEY.

I thought everybody already knew that US corporations serve as an extension to the surveillance apparatus. Remember all the corporations fighting against the government's mandate at an artificially crippled maximum keysize of 40 bits, in order to allow continued surveillance in the 90s? Yeah, neither do I.


The claim is not "naive" as in "of course the NSA wouldn't want to exploit things, they're innocent angels", the claim is "naive" as in "they have better ways to exploit things."

Interpreting _NSAKEY as an NSA backdoor is similarly naive. First, it's named _NSAKEY. Surely they could name it something else. Second, its purpose was reverse-engineered, and it's capable of signing cryptography modules, same as the existing Microsoft key named _KEY. Anything that could be done through _NSAKEY could also be done through _KEY, so it would be easy for the NSA to just ask for a copy of _KEY such that nobody would notice. The conspiracy theory makes no sense - it's like saying "$politician is trying to take away our freedoms by pouring mind-control agents into the water" when $politician is just straight-up signing bills to take away your freedoms.


It was a debugging symbol that a Microsoft developer either negligently or heroically included in a public release... so that explains away the "nobody would be so stupid" argument. You are aware of how the Intel ME killswitch was located right? A commented xml file included with the flashing software helpfully informed anybody willing to look that a field was related to the NSA's High Assurance Platform program. This was after ten years of security researchers pointing at the fact that this was a backdoor. For whatever reason both Intel and the NSA were happy to let the public remain needlessly vulnerable all that time... But yeah, I'm just like one of those water fluoridation loons. The NSA wasn't at all hamfisted in the intentional weakening of elliptic curves and blatant RSA bribery, this isn't an obvious pattern emerging.

NSAKEY people have had over two decades to produce any evidence in support of their weird conspiracy theory, but strangely enough they’ve utterly failed to do so.

The demand for evidence in the wake of all the NSA leaks is laughable.[0] What does evidence of the NSAKEY being a backdoor look like to you, a provably malicious CSA shim, signed by the key, hand delivered by James Clapper?

I'll tell you what it looks like to me:

After the debug symbol is found, Microsoft gives a seemingly very stupid explanation for it[1]: "It is a backup key. Yeah, uhhhh... during the export control review - the NSA said that we had to have a backup key, so we named it after them..." After being challenged on the plausibility of their backup scheme they refuse to provide any further explanation.

Here is the funny part: Microsoft might be technically telling the truth about it being a "backup". Consider what else was going on around this period: ridiculous export controls on key-length, the clipper chip... and finally: government managed private-key escrow[2]. At that time the export regulations did not specify a backup requirement, and yet Microsoft claims otherwise. You know who else was talking a lot about backups? The Whitehouse, in its proposal for allowing the export of key-lengths above 56-bits - so long as applicants implement "key-recovery".[3] Somehow I don't think that we share the same definition of the word "backup".

Also, ECI Sentry Raven[4], have fun with that.

[0] https://assets.documentcloud.org/documents/784280/sigint-ena...

[1] https://cryptome.org/nsakey-ms-dc.htm

[2] https://web.archive.org/web/20000818204903/https://csrc.nist...

[3] https://epic.org/crypto/key_escrow/key_recovery.html

[4] https://archive.org/details/nsa-sentry-eagle-the-intercept-1...


Evidence of the NSAKEY being a backdoor includes some description of how the backdoor might work, backed up by a reference to the relevant Windows source code or its disassembly, both of which are easily available to researchers. What sort of backdoor is it? Does it provide remote access to Windows? Does it enable certain cryptographic modes that are disabled? Does it disable certain cryptograph modes that are enabled? Does it trigger key recovery, and if so, how?

Evidence of X does not include "X would have been done by Y, and Y did Z, and X and Z are both bad, so why wouldn't Y do X too." That is basically the definition of an ad hominem argument. Whatever else the NSA may have done, and however much it's reason to believe the NSA might have wanted to do this specific thing, it's not evidence of them doing this specific thing (and again I'm not sure what this specific thing is even supposed to be). And if anything, the lack of mention of NSAKEY in the leaks is a reason to believe that there wasn't anything there.

Evidence of X also does not include "Y refused to talk about X." That might be evidence that Y is suspicious and untrustworthy (or evidence that the person asking was a conspiracy theorist who wouldn't be satisfied by any explanation), but it's not evidence that Y actually did X.

So, that's my definition of evidence. I'll turn this around: what would evidence that NSAKEY was not a backdoor look like to you? Would anything convince you, or is your claim unfalsifiable?


> Evidence of the NSAKEY being a backdoor includes some description of how the backdoor might work...

It would only work one way with an API relying on a PKI with a single CA, zero transparency, and trusted keys named after spy agencies suddenly appearing out of nowhere. I'm gonna bail here, because I'm now not sure if you honestly don't know what the CAPI was in relation to the NSAKEY - or if you're trying to waste my time by getting me to explain the most basic principles of public key infrastructure.


Here is a basic principle of public key infrastructure: anything signed by one CA can be signed equally well by another, unless the code is designed to give one CA special permissions (like EV certs, in the HTTPS PKI).

You are wrong on the facts that there is a "single CA" - there is _KEY in addition to _NSAKEY.

So, this brings me back to the point I mentioned at the top of the thread: why didn't the NSA just demand a copy of the private key for _KEY instead of a separate key? A separate key always carried a risk, and also required a rebuild - handing over _KEY could have happened immediately. If _NSAKEY has special permissions, can you point me to where in disassembled CAPI code / leaked source these special permissions are implemented, and what they are?

Your conspiracy theory is "The NSA is evil and also stupid." This is a more complex and less likely, and less worrisome conspiracy theory than "The NSA is evil." If the only thing we have to worry about from the NSA is things bungled as badly as this alleged _NSAKEY backdoor and the actual Dual_EC_DRBG backdoor (which was noticed by cryptographers basically instantly), we have nothing to worry about. That doesn't seem like the rhetorical position you want to take.


It really feels like you’re trying to distract from the fact that you have no idea how the supposed NSAKEY backdoor works if it exists.

How would the signed payload to activate this backdoor be delivered? Where’s the code that receives it? Where’s the code that then processes that signed payload?

It’s not like this stuff is terribly hard to reverse, you’ll almost certainly be able to easily find all the symbols and probably even leaked source on various NT-related forums.


Yeah I don't think my comparison to fluoridated water is out of line. The entirety of the NSAKEY evidence is "it has NSA in the name." That's not even as strong as the evidence that fluoridated water has minimal health benefits and more risks than the government claims, which is weak evidence but at least it exists.

> The entirety of the NSAKEY evidence is "it has NSA in the name."

Your comparison is out of line because of ridiculous characterizations like this. Microsoft said that it was a backup key, which either means that they have the most poorly implemented scheme for backing up cryptographic materials ever devised, or they don't mean what most people think when they hear the word "backup". Microsoft then claimed that the backup was necessary for passing the export control review, which is a bold lie to tell since the Export Administration Regulations are available for review to everybody. One thing not included in the EAR that might influence Microsoft's conduct in trying to get permission from the USG to reach global customers: executive orders. The government had a hard limit at 56-bits and was proposing that anybody wanting to export crypto beyond that needed to participate in their push for private-key escrow, which they were calling "key-recovery". Recovery... sounds kind of like a backup plan...

I provided links in my response to the parent comment.


None of the links you provided are evidence. They're all signs that something, somewhere, is fishy, so why wouldn't this be fishy too. I can provide you higher-quality links about how we need to stop putting fluoride in the water.

At the very least, retract your claim about how people who don't want fluoride in the water are "loons," and then maybe we can have a good-faith conversation. But if you want to dismiss people with actual science backing their views as loons, I'll dismiss you as a loon, too.


> 3) this behavior on the part of American tech would undermine their credibility globally. Wouldn't you reasonably be very skeptical of Microsoft if you were a foreign government if you knew they were actively working with the American government to pwn you?

The fact that foreign governments aren't more skeptical of Microsoft really baffles me. The American government isn't dumb enough to buy security products from Kapersky after all, or devices from Huawei.


Maybe that was part of the motivation for Microsoft moving toward open-source. Showing their cards in a way that can be audited and verified to ease any potential foreign organization's concerns. Software is part of it, but hardware is the harder sell.

Afaik that's only for cloud. There the software runs on an opaque virtualization layer.

Windows is still closed source. Therefore there is a lot of speculation around the phone home capabilities.


I read a fantastic article on Stuxnet. I can't find it now, but this should cover it, if you don't know the details https://www.csoonline.com/article/3218104/what-is-stuxnet-wh...

To pull of what they did, they knew multiple zero-day vulernabilities in Windows. To any reasonable security-minded person, knowing that many vulnerabilities and having the ability to capitalize on them is likely only achievable a few different ways, one of those ways being having an arrangement with the company whose vulnerabilities you were exploiting.


> Wouldn't you reasonably be very skeptical of Microsoft if you were a foreign government if you knew they were actively working with the American government to pwn you?

I would. However, I'm in no position to deny that I need Microsoft's products. Assuming I'm Iran, I'm not going to convert my entire digital infrastructure away from the status quo. I literally won't be able too anyway.

Now if I'm America and we're talking about Huawei undermining my customers.... Yeah I don't have to put up with that and Huawei will lose. I don't care, I've got Samsung and Apple. So I see your point, but you're misrepresenting the scale.


>Roll out the patch to American companies first, but leave select targets still vulnerable.

I would pay for tickets to the hacker news thread if that ever actually went down


Don't you think it's also dangerous?

There were stories that US power plants could be made inoperable. Also how do you really monitor bad actors using those vulnerabilities to do other kinds of damages?

To me it doesn't seem cyber weapons are that easy to use, they're volatile, secret, can be fired very quickly without sound, and are very difficult to control.

So far one could say the security market was not big enough, and computers not widespread enough, so it was tolerable to let the 0day market open as long as the US has the upper hand, but as this market goes bigger, damages are going to show up more and more.

Having the upper hand in term of cyber warfare is one thing, but I have a problem with what the cyber warfare terminology. I'd rather live in a world where weapon trafficking is neutered, instead of a world where bandits can cause damages (small, but still damage).

I think the day is coming where higher security standards will be required by law, because the swiss cheese strategy won't work for long.

Also, I have doubts that the NSA can really keep the upper hand because they have more brainpower. The cyber warfare is not only the sum of the weapons, because anybody can be taught computer security and learn how to build weapons.


>While I agree and I hate the NSA's practice of hoarding zero days, they do this to keep software vulnerable on purpose. They've invested millions in uncovering zero days SPECIFICALLY so they could then spend millions more to be the only ones exploiting these vulnerabilities. If they share the zero day, the vendor will write a patch and it's game-over for their multi-million dollar exploit.

What happens when those zero days are leaked or stolen?[1]

The government couldn't even protect nuclear secrets.[2]

At least with nukes, it's difficult to obtain the fissile material. Even the poorest, smalled, most isolated countries can utilize stolen or leaked 0-days, and depending on how they're used they could kill more people than a nuclear bomb. (Eg: shut off the power to the Midwest during winter)

[1] https://en.wikipedia.org/wiki/The_Shadow_Brokers

[2]https://en.wikipedia.org/wiki/Atomic_spies#Notable_spies.


> Imagine how effective an intelligence campaign would be against, say, Iran, if the NSA went to Microsoft, disclosed a vuln, and then told them to patch the vuln ONLY in specific markets.

Not very. Do you think Iran doesn't have a Windows VM somewhere within the US and is also incapable of reverse-engineering patches?


I'd be surprised if they bother, at that point I'd just fork Linux and go from there...

You’re surely right about the incentives at play, and why no intelligence agency is going to spend millions doing x company’s validation work for them. But how in the world would selective patching work? How do you hide that?

"We are testing beta features on different customers based on regions."

Microsoft would quickly lose any trust they might have left in foreign markets. Plus, I think elevating the scope of NSA is a bad idea, since they already misused their power as evidenced by multiple leaks. It would be an overall terrible idea.

The cyber warfare scare is just a false reiteration to fortify arguments for further military and intelligence arming.

> It's insane and criminal, but that's how it is.

Just insane and criminal in my opinion because these institutions are not beyond reproach.


How would you hide these targeted updates from foes? I’m sure they can at least check the hashes of the updates, if not more. Presuming we’d be targeting their military industrial complexes who one might presume monitor for these kinds of things.

What stops non-USA companies from applying USA available patches?

Imagine how effective an intelligence campaign would be if the NSA went to Microsoft and let them place backdoors for specific targets.

Where would you draw the line?


This is one of those situations that makes me wonder at how obvious the right way to go is, and how unlikely that is to happen. Offense/defense costs are not even close to being symmetrical, it is insane that the USG would advance the state of the art in electronic warfare - while not even pretending to try and match the effort in defense. This is why we abandoned our biological weapons program, we were effectively developing the technology for incredibly cheap weapons of mass destruction that any banana republic could mimic... not unlike the rootkit leaks.

I think I'd argue the opposite. I wouldn't compare hackers to nuclear missiles, but defending against hackers doesn't seem to be realistically possible. Consider the state of the security world now, how many piles of money already get thrown at security, and how vulnerable everything still is. With that in mind, I find it hard to believe that even in the fantasy world of all of the "good guy" nations, whoever you think those are, working with vendors to fix every flaw they find instead of holding them for later exploitation against selected targets, that the security landscape would be meaningfully different. Somebody would still find and hold zerodays and use them in attacks. Whoever that is would have a huge advantage against whoever didn't.

I suppose in a perfect world, we'd all melt down all of our guns and turn them into wrenches or something instead and all live in harmony. But we don't live in that world. In the real world, if you melt down all of your guns, someone else will keep theirs, and use them to take your stuff, because you can't hurt them anymore. And similarly, if you disclose and patch all of your zerodays, someone else will still have their own, and will use them to hack your stuff and cause you damage, and you'll have no way to fight back, except to break out the guns and start a hot war with them.

We're still learning how things work in the cyber-war realm, but I feel doubtful that it'll ever be possible to have defenses so good that you can rely on the fact that nobody can touch you.


What NSA does to China is irrelevant. But they hurt their own American companies in the name of cyber security. I personally see this as British King using East India company to build colonies outside.

This will have ugly consequences.


I suspect there's a very real fear that their surveillance capabilities will completely go dark and they'll have just no way of going the extra mile on intel gathering when it's sorely needed.

I'm not a supporter of this but I do believe there is a genuine, good faith act here.


Their primary mission isn't the discovery and publication of critical zero-days but it doesn't make them good faith actors if they occasionally do when it's both convenient and strategically advantageous.

The NSA is working to actively improve security- for the US government. The NSA should not give security secrets to our enemies abroad...

The problem with this sentiment is that every other country is technically the enemy. The NSA has no qualms about stealing corporate secrets or influencing governments of allies who send their kids to die on your battlefields.

> is that every other country is technically the enemy

No, they aren't. The NSA shares many secrets with allies.


> Citing the WannaCry and NotPetya malware attacks

Wait, did he just use Wannacry as a reason for more NSA involvement in cyber defense? Wannacry exists because of the NSA. Its exploitation tools leaked (as it always happens, even to the NSA or the Chinese spy agencies) and then others used them to create the highly-effective Wannacry.

So...thanks, but no thanks NSA! You're done enough already. Not to mention the fact that the NSA is actively trying to this day to sabotage security efforts both in standards bodies and in private organizations (see recent Simon and Speck controversy, or how they asked Yahoo to put a backdoor in their email servers, Dual_EC scandal, etc).


From the beginning, the NSA should have held itself to having a primary purpose of cyber defense and deterrence. Even if it has some more aggressive programs running sub rosa, those defensive programs should be its central focus, and it'd be easier to sell as a patriotic career choice if cyber defense was what the NSA was known for.

Now we're left playing catch-up, and the NSA is mostly known for cyber espionage against global adversaries and domestic surveillance.


Cyber-espionage is a valid role, IMHO, but it should be separated from their defensive one. (Or the defensive role spun off into a different org altogether. I think there's just no other way way to manage the opposing incentives at work here.

"Valid role" is a meaningless term in the context of the NSA, which has broken the law for at least a decade with no consequences. The head of the NSA has lied to congress (which would put an ordinary man in prison). The NSA has spied and continues to spy on Americans in violation of several laws and court rulings. If the founding fathers were still alive, they'd be stacking bodies by now.

I mean that the conducting of signals intelligence against national adversaries is a useful/common mission for any country's intelligence agencies.

There seems to be little doubt - as you point out - that the NSA has also abused their mandate a bit by spying on Americans.


"a bit"? They have run major projects, spent tens of millions of taxpayer dollars, with the sole purpose of wholesale domestic espionage on the citizens of the USA. I'd post a reference, but jeez, I don't even need to, we all already know the details. It is currently one of their top 5 missions FFS. The only reason they exists is that we as citizens have to recourse channels, and not enough spine to physically remove those parasites.

>the NSA has also abused their mandate a bit by spying on Americans

The largest share of the data they collect is about Americans. This is done without legitimate, meaningful oversight or probable cause. Most of their measurable activity is illegal and violates the rights of Americans. The difference between data collection in the PRC and in the USA is that the USA hasn't extensively acted on this information against its own citizens so far.

This overall tone and emphasis is similar to hand-waving away mass police brutality and oppression by saying "buuuuut they keep us safe".


> The largest share of the data they collect is about Americans.

Could you provide a citation on this?

> Most of their measurable activity is illegal and violates the rights of Americans.

This is a useless metric: it's true of both healthy and unhealthy spy agencies; the former because we wouldn't hear about the useful and legal things they do, only the occasional whistleblowing, while the latter because of the point you're trying to make. (I also disagree it's true.)

However, without a solid metric on their total classified activity, there's no way to determine if it's unhealthy or healthy.


What's the healthy amount of unwarranted wiretapping?

Let's not pretend the NSA is fighting a war on terror. It's an economic espionage machine, and an assault on the freedoms guaranteed by the constitution. The same constitution many men died to protect and uphold.

If honor, country, and integrity mean anything to employees of the NSA, they should perform their civic duty and do as the patriot Edward Snowden has done.


> Let's not pretend the NSA is fighting a war on terror. It's an economic espionage machine, and an assault on the freedoms guaranteed by the constitution.

This seems to be completely unfounded, and out of line with my experience of the people who work there.

> they should perform their civic duty and do as the patriot Edward Snowden has done.

The truth is that you and I are part of a minority in the country: most people are actually vaguely okay with the idea of the government spy agency trawling through domestic networks looking for people trying to attack the US.

The NSA has owned the globe on a shoe string budget in response to a civic outcry about two decades back. They did their duty, as the people of the nation asked them to.

Now, you can argue that it was a poor national strategy -- that it's going to lead to a civic-society corrupting influence, and problems like parallel construction. But it's a bold allegation that people didn't do their duty because they struck a hard compromise that the majority approved of, but you personally don't.

> patriot

I wouldn't describe anyone who leaked legal spy programs or who took a laptop full of classified secrets to both China and Russia a patriot.

There were technical means by which Snowden could have better secured the materials, and there's the simple fact that he leaked a lot of perfectly legal military spy programs to the entire world, intentionally.

I'd certainly describe Snowden as an idealist, but he's not particularly a patriot.


> They did their duty, as the people of the nation asked them to.

As you may infer from current headlines - "The president told me to do it" is not exactly legal justification. We're a nation of checks and balances. If domestic spying is what the people wants then congress needs to act on that. For people intelligent enough to "own the globe" I don't see what's so confusing about this.

Bypassing the cornerstone of our democracy is not a heroic act. Spying on Americans by routing traffic through five-eyes is not clever or heroic. It's incredibly dangerous and represents an existential threat to our democracy. You can't even begin to imagine how blackmail will be used to silently and invisibly form the political landscape for the next 50 years.

Maybe Snowden isn't a patriot - but the NSA is a traitor to the American public.


> If domestic spying is what the people wants then congress needs to act on that.

And they have, repeatedly.

For all their bluster, the legislation that they've passed immunized the corporations who participated, left standing the punishment against Qwest (who didn't), and created new avenues to collect information in secret.

They held no one from either the Bush or Obama administrations, both of whom supported such programs, to account.

Congress did approve, modulo some theatrics, the actions of those administrations, because it's what people, that is, their constituents wanted.

> NSA is a traitor to the American public.

This kind of rhetoric when people didn't do what you personally wanted, but which much of the public did, isn't helpful and is a large portion of why the current politics are so toxic.

As far as anyone has been able to document, the NSA largely spends their time fighting terrorist organizations and hacking other nation-states -- doing things that legitimately keep safe Americans, in a world that isn't all that nice of a place.

It's trite to snipe at how the guards do their job, safe under their watch and without anything at risk -- particularly when you're also safely the minority, so don't run the risk of your opinions being put into action.

> can't even begin to imagine how blackmail will be used to silently and invisibly form the political landscape for the next 50 years

Good, I'm tired of lizard people.

Also, "Hoover-esque" comes to mind. Of course, the real danger for your conspiracy is the private consultancies and large corporations, which have considerably better access to information and substantially more sophisticated systems.

I'm personally considerably less worried about the NSA (or other government) archives and systems than the privateer ones, particularly in the age of rogue billionaires with aspirations of nation building -- to the point I'm willing to risk it to enable the nation to defend itself from, eg, another 2016-style PSYOP campaign.


Ah yes the famous 2016 psyops campaign, conducted by lizard people and not by disappointed voters.

So, the ends justify the means. Was the war in Iraq worth it? Should I be proud of the torture and extrajudicial renditions that occurred to "keep me safe"? Sounds like the mentality of a coward. But we'll just have to agree to disagree.

"The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."


1) Read the Snowden dump 2) Good job pointing out that those shady assholes keep their nasty actions as secret as possible. They do that so that we don't have solid metrics, so we have to go on the information available. See (1)

Please cite something specific -- as in, a specific document within the Snowden dump, a news article which reaches that conclusion based on multiple documents, etc.

Waving your hands and mouthing the word "Snowden" doesn't support just any defamatory statement you want to make about the government spy agencies -- and making up allegations cheapens the legitimate charges against them.


I would assume that you'd read the relevant documents prior to commenting.

Scroll down to "United States", click on the reference links next to each illegal domestic surveillance programs. If the link yields another wiki page, keep clicking on the reference links util you find the relevant documents.

https://en.m.wikipedia.org/wiki/List_of_government_mass_surv...


> If the link yields another wiki page, keep clicking on the reference links util you find the relevant documents.

Neither snark nor a Wiki labyrinth are a specific citation for what you said: "The largest share of the data they collect is about Americans."

Nothing on that Wikipedia page supports that claim, and certainly not with a citation from the Snowden documents.

You're just bullshitting, and you're bullshitting on a serious topic like national security. It's transparent you're doing so, because you're citing non-specific things like a general Wikipedia page on the topic, after alleging a very serious thing was supported by the Snowden documents.

If you were serious, and being honest, you'd have cited a specific document. Or set of documents. Or an analysis which supported your position.

But you're not.

(Nor is that Wiki page: several things listed as mass surveillance are nothing of the sort, and just regular ol spy work against foreign targets.)


I agree, provisionally. The NSA should play a variety of different roles (as it does!), and different parts of the organization should specialize in those roles. And some level of cyber-espionage is valid, though I think it's overemphasized.

But improving IT security is less sexy than destroying adversaries' nuclear capabilities, and its easier to sell the (decidedly mixed) value of the latter stories than e.g. improving capabilities to identify and monitor foreign attackers.


> Cyber-espionage is a valid role

Agreed, but the NSA doesn't seem to act like they care about defense, but wielding it only as a weapon.

If they care about defense, I'd be interested to see any meaningful examples.



> If they care about defense, I'd be interested to see any meaningful examples.

https://www.nsa.gov/News-Features/News-Stories/Article-View/...

They do do things that meaningfully improve defense. It's just not emphasized or funded nearly enough.


And really an emphasis on offense is downright /stupid/. There are several world leading sectors that the US depends on cybersecurity for (design, IT companies, and banking/finance for one). The priorities are exactly backwards - especially when GDP is national power.

> emphasis on offense

That was General Hayden's call. He dedicates a fair amount of space to that decision in his memoir. His basic calculus was that defense is 1000x harder than offense, so skip defense and punish your adversary through effective offense. I think the Air Force "Air Power" doctrine may have interfered with his thinking, but who am I?


I think that is excessive physicality based thinking paradigms. Rational but stupid ironically - based on past experience but not recognizing that it isn't applicable. With kinetics defense really is harder and you know who is attacking you more or less - the guys with the guns. Also it assumes a fundamental symmetry that doesn't even hold in conventional warfare.

But it really isn't that way with information on several levels. Bulletproof security is hard but scales better. One patch and everything is immune. Needless to say that hasn't happened with bullets.


NSA is a signals intelligence agency, so it makes sense that they would be known for cyber espionage.

Against their own people in violation of the Constitution?

You're trying to present a completely different argument but presented no justification.

The phone metadata program has been shut down, and the portion of that program that was unconstitutional was shut down years ago.

... so far as we know. I can't say that I trust the NSA to follow court orders. At worst, I would expect them to just spool up another, similar project with higher levels of secrecy.

Is this paranoid/conspiracy-theory-esque? Maybe a little, but I honestly think it's reasonable to consider this in-character for the NSA.


> ... so far as we know.

This is easy to verify by asking the phone companies.

> Is this paranoid/conspiracy-theory-esque?

Yes. It's absolutely conspiracy theory nonsense.


To be fair, you’re saying exactly what was claimed before Snowden proved that it wasn’t nonsense, but day to day reality. Good luck trying to unspill that milk.

No, the phone metadata program was known about long before Snowden. The Bush administration never denied it, only saying that their lawyers considered what they were doing legal and that the appropriate oversight committees had been read in. https://usatoday30.usatoday.com/news/washington/2006-05-10-n...

Except it's not - known bad actors should be treated as such. It isn't called being paranoid it is called not being dangerously naive - would you invest in a convicted scammer?

> This is easy to verify by asking the phone companies.

Yeah, because nobody at the NSA would know about NDAs.


Those are now required to be reported in transparency reports and have been for the past few years.

Putting away meth dealers supercedes strict adherence to the constitution, by far, IMO, even if the police have to break the law to put the bad guys away. (Parallel reconstruction etc)

The founding fathers didn’t have any conception for our information society. Extra judicial activity, With the corresponding regulatory body, is necessary to maintain parity with a morphing technological society


>Putting away meth dealers supercedes strict adherence to the constitution, by far, IMO, even if the police have to break the law to put the bad guys away. (Parallel reconstruction etc)

Ethically, I disagree with your argument. See: unlawful asset theft by police departments, which the supreme Court recently confirmed is illegal.

But from a legal standpoint your argument doesn't hold water. The Constitution is THE binding legal document of the USA, from which literally every aspect of the US government, and thus justice system, derives authority. There is nothing but strict adherence to the Constitution, trying to work outside it might work for a bit but will end up with someone standing before the supreme Court to answer for it.


I freely admitted that breaking the law is an appropriate means to an end in some cases. Again imo. Unchecked civil forfeiture was not part of my argument.

I disagree that common people should have perfectly secure comm technology.

I disagree with Snowden actions and politics.


Common people? So, only the aristocrats get secure comms? Also, how would you enforce that? Secure encryption tech is literally just math, math that's already been invented, math that exists on EVERY personal laptop, server, and smartphone made in the last 10 years, math that is downloadable from thousands of websites, is in textbooks, can be derived from things I learned in college, comes packaged with millions of applications, etc...

Intelligence officers not aristocrats although I do believe the current reality does reflect the characterization you have presented . There’s definitely a complex system of people with money power intelligence at war

The math problem is why it’s imperative to indoctrinate our best and brightest to fight for the greater good, and in regard to the power vacuum surrounding that unavoidable math reality

I also support our government going after people making secure communication devices intended to circumvent government controls, too much at stake

Sure you cannot stop evil person with textbook and initiative but you can do the best you can

related: Lack of Forfeiture mechanism is one instance of a deficiency with mainstream cryptocurrencies


I've worked with a few Intel officers, military and non, and I find it hard not to label their actions and attitudes as 'aristocratic'.

Your "best and brightest" paragraph makes no sense to me, but strongly reminds me of the BS spewing out of the mouth of James Comey while he tried to convince the members of Congress that you can have a crypto system that is both secure against hackers, but has a backdoor for government surveillance, which is a mathematical impossibility. Pretty sure he said "best and brightest" as well, as if silicon valley can magic away mathematical reality.

I also think that for nearly the entire history of mankind, barring the last few decades, governments have been unable to observe a vast majority of communication of their populace. Not sure what you mean by "too much at stake"... I've never heard of a major, nonmilitary attack that could have been prevented if only we'd had a backdoor into the communications; however I have heard of many, many crimes occuring because we THOUGHT we had secure crypto.


It’s conceivable to make a skeleton key system that doesn’t change the surface area of attack that much. Such a system can respect the right to privacy, while allowing for a way to police child predators.

Too bad you met some snooty NSA employees. You could report them if you think they aren’t trustworthy to do sigint.


> mathematical impossibility

I didn’t make that claim. Obviously there’s a small trade off that is practically irrelevant, you can optimize so that the trade off doesn’t make it practically much less secure, make up for it elsewhere

Replying to onlydeadhorses post with overtones of ad hominem:

Stop assuming what I do or don’t know or can do, have done etc. Have you identified me?

The issue of making crypto “less secure” isn’t anywhere near the deal that some academics are making it out to be.

I’m just a user, not going to implement crypto. Someone else can solve such problems. Make crypto that has a secure skeleton key system that respects privacy without reducing security. “Make up for it” by making it twice as slow maybe, just an idea

You’re plainly biased against my position and ventured towards an attack. Let’s not, please.

The stuff I was reading made it clear that current skeleton key systems don’t suffer from greatly reduced security by any stretch. but still have a chain of custody system / spof issues. I’m sure something much more clever that respects privacy and solves those issues is possible

Since I’m the one out of your league, can you and your colleagues work on it


Good old-fashioned troll. You got me for a few replies.

No need for that. Not sure why you hopped on me, but it wasn’t necessary.

Putting down people you perceive as beneath you intellectually isn’t good manners, and is usually counterproductive.


No you didn't, but the person you replied to did, and you managed to overlook it then and now. Please go and design your algorithm where you "make up for it elsewhere". I don't know why you are posting about this if you don't know anything about the matter.

This comment now has a reply button. Another comment about “good old fashioned troll” was made close by, but there isn’t a reply button:

No, you’re right. I’m not an expert and maybe I’m wrong. Just seems possible to build a better mouse trap here. I couldn’t build it, you’re right. Wish I had such skills. But I’ve looked into the topic and bit and noodled with crypto as a user and in principle it should be possible to build a skeleton key crypto system that isn’t much less secure. Just seems that way to me. Non expert guess.

I’m sure such tech could be evolved to solve the spof key issue (wouldn’t want your skeleton key leaking) for instance


http://globalpolicy.ieee.org/wp-content/uploads/2018/06/IEEE...

My response was in consideration of the points here.

Snowden, one of his goals, besides defecting to Russia, was to “start the conversation”. The rumor is that have been involved with shadow brokers btw

If your boss came to you and said, by law, we need to build crypto with an evolved key escrow system that overcomes the security problems noted by IEEE and others, could you do it? Would you do it? Easy to say “no way, it can’t be done” with or without some type of bias towards a desire for perfectly strong encryption, but again I suspect that it is possible to build such a thing, if it doesn’t exist already.

Do you think such a thing is possible?

Also may I ask your view on Ed Snowden’s actions?


Who gets to break the law? Based on what ethical framework? Who decides whether those actions were indeed justified?

Going forward, cops breaking the law will be an anachronism. Record keeping of human society will only perpetuate and render privacy obsolete.

You could grow the notion of comparmentalized information in such a society to create a kind of decentralized system of checks and balances. Eg you see footage with faces hidden and review the morals, vote etc

Could even crowd source such a thing. Surely, related AI efforts are in progress, for better or worse, e.g. FBIC (Facebook intelligence community) info gathering mechanisms

The law itself could eventually evolve to be more dynamic, decentralized


Are you in law in enforcement by any chance?

Please don't get personal in comments here.

Also, could you please stop creating accounts for every comment or two you post? This is in the site guidelines, and we ban accounts that do it.

https://news.ycombinator.com/newsguidelines.html.

HN is a community. Users needn't use their real name, but should have some identity for others to relate to. Otherwise we may as well have no usernames and no community, and that would be a different kind of forum. There are legit uses for throwaways, just not routinely.

Lots more explanation: https://hn.algolia.com/?query=by:dang%20community%20identity...


Sorry for that. I will be moving to a more permanent handle soon.

Appreciated!

Nah I’m an old college dropout

What an aweful thing to say. Today it's meth dealers, tomorrow it's Koran owners, then gun owners, people of a certain color, people with the nose of a certain length, etc... We stick to the Constitution because it protects us from crazy invasive government.

Cyber wasn't a thing when the NSA started. When its predecessors came about, the state of the art was intercepting telegrams (more or less).

The greatest trick the SIGINT Enterprise ever pulled was convincing the world that its capabilities were in danger of being outclassed by the Chinese, Russians, Iranians, Israelis, etc. Nice to see they're still at it.

> Joyce expressed the pride the NSA's workforce took in "delivering a midterm election that was free of malfeasance and interference" [...]

Oh, that's good. I was just imagining all the news out of Georgia, then.


I know this is tongue in cheek, but the NSA's mission has to do with foreign interference. They are far less authorized to do anything involving US citizens.

There's a bunch of relevant information but here's the one showing nation-state interest in Georgia. https://www.ajc.com/news/state--regional-govt--politics/russ...

North Carolina, too!

It's as if the narrative doesn't require any connection at all to reality...


I'm not a security expert, but even a layperson has to wonder if the NSA can actually be successful.

Apparently, he thinks the "defend forward to disrupt or halt malicious cyber activity" strategy was effective for mid-terms. Was it actually? Or, did "... the responses come, if ever, after the costs [of those attacks] are already realized."

If it was effective, how long will it take for the adversaries to work around it (which apparently he acknowledges in the last paragraph)?

Even if they somehow walled all traffic off from Russia and North Korea, wouldn't they just exploiting unwitting computers as 'hop points' to get around the limitations?

Maybe I'm missing something? Maybe there's some "teeth" that can provide cyber deterrence I don't know about?


As if the NSA wasn't part of the problem to begin with.

Since WW2 the difference between war and peace have been more and more blurred. Proxy wars, drones and "cyber warfare" have made open conflicts directly between superpowers almost non-existent.

Classic warfare, atomic, biological and chemical weapons all have rules and a loads of regulations. The "cyber" sector have a long process ahead to catch up. Unfortunately no one seems interested in being really serious about it it, but I certainly wish they will start work on it.

Hopefully we will never experience an all-out "cyber war". Probably a new kind scenario with massive damages to infra structure, lots of civilian casualties and almost no losses among military personal.


The best offense is a good defense, so the sooner they start patching software, the better. The sooner they get developers to use safer languages, the better. But that's not gonna happen, it's apparently too costly to develop safe and secure software, but the damage caused by poor cybersecurity is somehow an externalized cost which means it costs nothing in the current equation.

Foreign actors hacking some servers and systems and placing malware is one thing -- that's been going on for a long time, and it's not unexpected -- but having the insight and expertise to run a campaign that exerts more influence than the entire media and PR industry put together, well that's something else. That would require something above and beyond -- we're not that fragile.

Consider this...

NB: These are the same questions I posed in a thread a few days ago (https://news.ycombinator.com/item?id=19282809).

Do you know the size of the Russian economy? https://en.wikipedia.org/wiki/Economy_of_Russia

How many individual US states have an economy larger than Russia? https://en.wikipedia.org/wiki/Comparison_between_U.S._states...

And the size of the PR industry? https://www.statista.com/topics/3521/public-relations/

We invented the modern PR industry, AI, and social media. And the PR industry has been perfecting the design of campaigns for 100 years. That's our bailiwick.

You think Russia outclassed us at our own game, at home on our own platforms, on the biggest stage, in the highest stakes game of all?

And then to pull that off with no one noticing or countering it in the most measured world of all time?

That would be like the Russian basketball team [0] beating the US Dream Team [1] in all of our major sports combined, at the same time. Not gonna happen.

And to what extent would a feat like that even be possible for someone from the US? And if some super-genius person or group of US citizens with the combination of intimate understanding, sophistication and skill did exist, then why wouldn't they just work for the campaign? And if one in the US could pull that off, why think Russia could?

[0] Russian Basketball https://en.wikipedia.org/wiki/Russia_national_basketball_tea...

[1] US Dream Team https://en.wikipedia.org/wiki/1992_United_States_men%27s_Oly...


To win a U.S. election you don't need millions of votes. You need tens of thousands of votes in strategic locations. It was something like 50,000 votes in three states in 2016 that determined the outcome of the election. Clinton had roughly 3 million more votes but they weren't in the right places. An influence campaign doesn't have to "exerts more influence than the entire media and PR industry put together". It has to move a few tens of thousands of votes in the right places. Also, it's easier to win any game by cheating. U.S. actors are less free to cheat since they will be subject to U.S. law if they are caught. If scales are balanced with 200 metric tons in each pan, you can through off the balance by chucking a hammer in one pan of the scale.

Besides, it seems like the U.S. intelligence agencies are better positioned than random people on Hacker News to assess the extent and influence of the Russian influence campaign. What do they say?


Who's the random person in this scenario you or me?

And regarding my assessment and their response, that's why I asked the questions. I have a pretty good history of being on the mark [1], and every time I've talked to them, they've appreciated my perspective. Consider all things, that's the job -- that's what you want -- just like anyone else in strategic positions, they like hard questions.

[1] https://news.ycombinator.com/item?id=5897654


I think you have some very valid points :)

But, tech is not like basketball. If you automate an approach for exerting influence you can scale differently.

That said, I agree Western democracies are not that fragile :)

Honestly, I wonder why Russia dares poke the bear.. they are unlikely to exert significant influence -- but they are likely to be painted as villains and voters will remember that.


Have you run a simple marketing campaign or media campaign before? -- to make the idea less abstract let's add some specifics and paint a simple picture -- imagine you're going up against just one dominant US corporation -- let's say it's a mortgage bank, a financial company, or a national retail chain. Do you know hard it would be to move the needle just one bit, and how many billions are spent by equally large corporations competing against each other trying? Now imagine two of the biggest corporations in the world competing -- Microsoft vs Google or Walmart vs Amazon -- these companies are so massive they have virtually unlimited resources, more resources than most countries. Imagine going up against any one of them. Now imaging going up against all them, and then every other US corporation and intelligence agency combined. All the while essentially going undetected, and then winning the market against all of them at same time? To argue that feat would be possible or even plausible, that's essentially what you would be saying.

And here I was expecting a way to record keystroke noise via a tooth recorder.

Wake up, Kent.. it's me, Jesus

Could you please not post unsubstantively like this?

https://news.ycombinator.com/newsguidelines.html




Applications are open for YC Summer 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: