Hacker News new | comments | ask | show | jobs | submit login
NSA's Backdoor Key from Lotus Notes (cypherspace.org)
442 points by EthanHeilman on June 8, 2013 | hide | past | web | favorite | 85 comments

Ray Ozzie here. Regarding "minitruth" - you've got to maintain a bit of a sense of humor when things get stressful.

It was such a long time ago, but one thing that clearly differentiates our efforts in those days vs. what's been reported in the news in the past few days is the issue of transparency.

The day we shipped the "differential workfactor" implementation in Notes, I keynoted the RSA Conference and gave a speech laying out what we did and why. Charlie Kaufman, a great cryptographer who worked for me, also distributed a paper he wrote with the technical details. You can find my speech and his paper buried in here if you're interested. (search for "lotus.notes")


And if you're really motivated to understand what it was like during the Crypto Wars, go read Steven Levy's book "Crypto".


Back to the present - it pains me to see such a lack of transparency in how our elected officials are running our government. Of course, the common man knows it's common sense that there's an inherent need for secrecy in conducting small scale covert operations. We do get it.

However, it's also common sense that it's inevitable that any complex large-scale long-term operation will ultimately come to light. And so it's just common sense that any such broad-based operations that might be perceived as impacting our constitutional rights should be the subject of broad public debate. No, not when they're being prototyped or tested or used in small scale settings - but definitely somewhere on the path from "tactical use" to "broad strategic dependence".

These are not small issues, nor need they be at all partisan. Wyden, Paul, and others are trying. Theses issues are fundamental to defining the relationship between us citizens and our government in the decades ahead.

In particular, in this world where "SaaS" and "software eats everything" and "cloud computing" and "big data" are inevitable and already pervasive, it pains me to see how 3rd Party Doctrine may now already be being leveraged to effectively gut the intent of U.S. citizens' Fourth Amendment rights. Don't we need a common-sense refresh to the wording of our laws and potentially our constitution as it pertains to how we now rely upon 3rd parties? It makes zero sense in a "services age" where granting third parties limited rights to our private information is so basic and fundamental to how we think, work, conduct and enjoy life.

For example, did you really intend to yield your 4th amendment rights when you granted a 3rd party access to your files as a part of Mac Software Update, Windows Update, Virus Scanners, etc., or when you started using a service-tethered smartphone?

Anyway, unlike 'web tracking' issues which seem to be broadly ignored because of our love for ad-supported services, I hope we all (especially the young readers of reddit, hackernews, etc) wake up to the fact that these privacy and transparency issues are REAL, and that they truly will impact you and the country you live in, and that even if you don't consider yourself an activist you really should get informed and form an opinion. Again, this is a non-partisan issue, and let's all work to ensure that it stays this way.

Two great organizations where you can learn are EPIC and EFF. (Disclosure: I am on the board of EPIC.) Take it in, and think. Your contributions are needed and would of course be quite welcome.



First, thanks for recommending Steven Levy's Crypto. It's a historical account that I think more hackers need to read.

I'm probably on the hairy edge of the "young readers" you've mentioned. I'm 27. My present view on the recent NSA leaks is a distinct lack of outrage, but watching this huge response I can't help but feel the whoosh as something big flies straight over my head.

I've agreed to use technology which by its very nature monitors my activity in all kinds of ways. As a software engineer who does a lot of web work and dabbles in cell-enabled embedded systems, I understand and I'm fully aware of most of the ways I'm being monitored. Maybe I'm naïve to think of the recent data sharing between corporations and government as a non-issue, but if this is such a big deal wasn't I just as naïve by allowing these corporations to collect this information in the first place?

This isn't the Clipper Chip or key escrow. This isn't the government grappling for an ear into conversations which nobody except Alice and Bob are intended to transceive. You could argue that were I Bob, Alice is the phone company, but I have no freaking clue who "the phone company" really is. To me it's just a faceless entity who I've allowed to collect data about me. I'm finding it hard to become angry over one faceless entity sharing said data with another faceless entity. And frankly, I have no clue if I've already agreed for this to happen because I don't really care. I expect them to share a ridiculous amount of information about me without abandon. I'd be far more upset if they were sharing content of actual conversations, but metadata feels firmly within the realm of what I expect to be slung around willy-nilly.

I agree that this reasoning is wholly a "death by a thousand cuts" brought on by more and more invasive technologies. As an anecdote, many Facebook early adopters will remember the outrage over the news feed when it was first launched. Now can you imagine the outrage that would ensue if Facebook were to take it away? We're pretty much begging for invasive technology in our lives. How do you propose to correct that? How do we get millions of people to "vote with their feet" against useful-but-invasive technologies?

It took thousands of years of human civilisation before we got relatively benign governments. Power structures are not inherently benign; they must constantly be pressured to prevent malignant people using them to leverage their actions.

A non-authoritarian government is an historical anomaly. It's a ball balanced on top of a hill, pushed there by the deaths of millions, and kept there by the vigilance of those who care.

Please start caring.

That is a beautiful metaphor. I mean that sincerely.

I care. If I didn't, I wouldn't have posted what I did.

But let me clarify. What I meant by the above is that by the recent leaks I feel like I've been photographed in a public place rather than in my bathroom. Further, I feel like I've given some degree of implied consent, or if I haven't, I would in order to keep using the technology that we all so enjoy. I offer these feelings as an anecdote to say that I think most people in my generation feel the same way.

As an aside, my feelings are similar but ultimately different from the "you don't have to worry if you have nothing to hide" argument. It's more "you don't have to worry about it if you've decided not to" with absolutely zero connotation as to what you as an individual should choose to do.

I do agree that this won't work for everybody. My grandmother probably doesn't know that cell base stations can, and do, log connections and RSSIs, making it easy for a cell phone company to know where you are whenever your phone's radio is reaching out in the most basic way. I don't think she has the information to make the kind of implied consent that I have. That definitely angers me.

You mention history. I don't think it's too much of a stretch to argue that government's ability to collect these data about us is actually preventing the kind of paranoia that brought about McCarthyism or Japanese internment. I'd imagine people in government today view these as horrible, crude, blunt instruments which mitigated tiny amounts of threat at huge irreparable cost. If we're going to have the paranoia, I'd rather they use surgeons tools and look before they leap.

That segues into my real concern. Paranoia. All of the activity discussed in these recent leaks stem from the same kind of paranoia that brought about the incredibly dark periods in our history which I mentioned above. How did we stop it those times? I think the answer is that we didn't. So how do we stop it now?

I care. I want to do something, but I love my country and I don't think paranoia can be battled with further paranoia or outrage. Sadly, I don't know the tools with which to fight.

You make what I believe is a fatal mistake of thinking that your individual efforts matter significantly one way or another. To suggest that any one person's level of care will impact the outcome of the US government is both disingenuous and frankly offensive to anyone who understands a modicum of statistics.

In other words, don't be so harsh on someone who doesn't think their individual vigilance is going to change the world. It is sufficient, morally speaking, to support a group who does your "caring" for you. Representative caring, you might call it.

If you want to suggest someone towards an activity, suggest the help a group that they believe in. But that draws the question, "What if there aren't any groups I believe in?" What do those truly in the minority do? Nothing is the answer to that question, because individuals mean nothing, and it leads to the following statement:

If you don't believe the same things a sufficiently large group of other people do, then your voice and your opinions don't effectively matter. How can you blame such a person for "not caring"?

If I could vote this up a thousand times, I would. Very nice metaphor.

If you're apathetic its because you don't know your history. For example, our government not that long ago locked up every Japanese-American they could find in prison camps. The government is entirely capable of doing terrible things. We should by principal only give them as much power/money/information as necessary and not an iota more. Being cynical and apathetic is a danger to you and your fellow Americans.

See my other comment in this thread.

I disagree very strongly that my position is apathetic. I'm conscious and alert to what's going on around me and my opinions are well-formed. Choosing not to be outraged isn't the same as apathy.

> I'm conscious and alert to what's going on around me and my opinions are well-formed.

Question that. The key to Andy Groves success.

Yeah, I probably was unwise to state that so conclusively. How about this?

"I try to have well-formed opinions and to be conscious and alert to what's going on around me."

I should have phrased that better, I think if you reexamine some history you will be more outraged

Like I said in my comment above, from my always-shrinking knowledge of history, battling institutionalized paranoia with individualized paranoia and outrage just escalates the problem. I'm not saying there's no problem here to fix; I believe quite the opposite. It's just that promoting anger and fear will get us nowhere.

I wonder if that would be possible today with people being so connected. You can't disappear Americans without people noticing.

The Japanese internment was not done in secret. Hell, the government advertised it: http://en.wikipedia.org/wiki/Propaganda_for_Japanese-America...

I doubt that having twitter would have helped. The public knew and there was significant support for it.

Interesting related aspect of that dark point in history: "The United States Census Bureau assisted the internment efforts by providing confidential neighborhood information on Japanese Americans. The Bureau's role was denied for decades, but was finally proven in 2007.[11][12]"

"Nothing to hide" indeed...

They weren't disappeared -- the American population was aware that it was happening, and there was a mix of support and opposition. The US Supreme Court in 1944 -- during the war -- voted 6 v 3 in Korematsu vs United States that it was a military necessity and, thus, Constitutional. Perhaps we would see stronger, more organized opposition today, but it wasn't hidden from the population.

You can't disappear Americans without people noticing.

Tell that to those 3 women in Cleveland who were kept against their will for years & years...

Oh, people noticed that they disappeared. There were all kinds of vigils in support of at least one of the women. (Apparently, the kidnapper was even at some of these. This in my mind was the most bizarre fact of the whole story.)

I'm a coder and one of the young redditors/HN readers you're talking about (18 years old). I've grown up in a post-9/11 world so it can be sometimes hard for me to understand that there was a time that it wasn't assumed the government wasn't conducting mass surveillance. How do you approach the problem of making this a real issue for most people my age? And as technologists, how can we help develop solutions to intrusive government policies like this?

Let me make it crazy for you. I remember a day when you didn't need ID to fly on an airplane, or a security badge to get into normal office buildings. And when the idea of having to insist on such was considered unamerican and a sign of a totalitarian state.

I'm 27. One of the few memories from my childhood that I cling most dearly to was when in 1994 I flew to the US from Austraila. The pilots invited my family and I up to the cockpit during the flight so I could see the controls of a 747.

This wasn't some uncommon special event either. It was part and parcel of doing an international flight as a kid.

That happend to a coworker of mine last summer where he got to take his kid into seeing the cockpit of the plane they were flying in.

Granted this plane wasn't bound for the US, but still I was very happy about that; the kid was happy.

People who grew up under relatively benign surveillance may not have the imagination or experience to see what happens when all that data is used maliciously. So you need to get people reading. Historical accounts. Recent experiences[1]. Fiction[2].

[1]: http://www.reddit.com/r/changemyview/comments/1fv4r6/i_belie... [2]: http://www.randomhouse.com.au/books/claire-carmichael/incogn...

Very much this (awesome reddit comment too). In OP's generation there seems to be an "I don't read" mentality among some. I don't know how pervasive it is, I only have anecdotal evidence, but if it's a thing, it's bad news.

People who don't read extensively are much more susceptible to accepting their current reality, no matter how bad it may have become in even a single generation, because they have no frame of reference that extends beyond their own limited observations.

A similar analogy is Paul Graham's "Blub Paradox" [1] - programmers who program with "Blub", at low end of the language power scale, can't recognize more powerful languages up the scale b/c they have no frame of reference for identifying and understanding the features that make them better.

In both cases, it's all about realizing how limited and narrow your default frame of reference is, and expanding it by broad learning - spanning long time periods, or spanning the programming language scale, as the case may be.

[1]: http://www.paulgraham.com/avg.html

Just to clarify: that wasn't me in the reddit comment.

The big deal is that honestly young people seem not to think twice about yielding up their personal information to the data maws (older, non-tech folks have the same issue, so let's not spin it as a purely generational problem!).

If you need to make it a "real issue", well, honestly, you lack a sufficiently cruel and malicious imagination--it should be self-evident that any sort of monitoring and data-mining (.gov or not) is very dangerous, and something which you should think very carefully about opting into.

We need to make this an issue for everyone, not merely millenials. Unfortunately, that doesn't seem like it's going to happen until there are more casualties in the privacy wars.

  | young people seem not to think twice about
  | yielding up their personal information
Young people don't think twice about a lot of stupid things. It's called being young and inexperienced.

Now now, let's not be too hard on the follies of youth--how do you think I learned C?

I never said it was a bad thing. Just a 'hallmark of youth.'

I don't know, I think twice about a lot of stuff I used to do more carelessly (I'm 21 now), but yielding my data isn't one of them. I just can't seem to bring myself to care if the NSA is reading my email. Perhaps part of that is that I can't recall any negative consequences of the government knowing who I'm calling, whereas I can remember negative consequences for, say, drinking too much.

> I just can't seem to bring myself to care if the NSA is reading my email

Most of us will skate through our entire lives and never need to care about this. The problem is, some small minority of us will need to care, indeed, it will be of life and death importance. Through your innocent lack of caring, you are enabling the persecution of the small subset of people who this will actually impact. Many of those people will be innocent, incidental bystanders who just happen to get caught up by the system. But some those people will be crucially important figures - the Assanges, the Nelson Mandela's, and so on. People who actually change history.

So my question to you is, how do we convince you, as a prototypical "young person", to care about something that has no immediate impact on you but might be crucially important to you or someone other than you many years from now? Do you have the capacity to do that at all? How do we invoke it?

Here's an example: Conspiracy to commit a crime is a crime. Sometimes the conspiracy alone, that is just talking about breaking the law without ever doing it, is considered a crime.*

So an email suggesting something illegal with a reply agreeing can get you prosecuted and jailed. We all know how hard it is to understand tone from emails so even if you were joking you would have a hard time proving that in court. And if you weren't joking in the email but just imagining what might happen that can still be a prosecutable crime.

(*) https://en.wikipedia.org/wiki/United_States_v._Shabani

Let's try. Something like:

Some future event causes a dramatically change in your email `float meta_traffic_index' to trip a conditional threshold branching onto to why236(). If why236() conditionals returns indices within patterns statistically outlying, upgrades the colored code, larger font size label, and bar code, on your now growing hardcopy docket. Utah 24/7, dwells on your next expectation and every other why236() ORANGE profiles.

I don't blame them though, if you are lured into buying something like a smartphone, and want the convenience of say, using your addressbook across devices - than what options do you have?

I'm slightly older and a little paranoid - to the point I'm scared of even activating something like a Windows account on Windows 8 - because I'm not even aware what data will be exported from my computer.

So to a lot of people they trade privacy for convenience. Everybody else is doing it, so why not me?

I am in my early 40s, grew up in SEAsia and Australia. Although I enjoy relatively lack of surveillance in those area, I lived in a time where the cold war was occurring between East and West and just after the infamous FBI [1] surveillances. So surveillance has always been there.

I truly believe that our population were always under surveillance (either covertly or overtly), it just that in todays' technological landscape, the folks doing the surveying are easier to be caught out.

[1] http://en.wikipedia.org/wiki/COINTELPRO

I'm sad that this comment was posted on a weekend, because I think this is one of the awesomest things I've seen on HN, and not a lot of people are reading HN on Saturday nights and they're going to miss it.

naw, something this big will still be big on Monday

Unfortunately, probably not with shiny new Apple products to talk about (https://developer.apple.com/wwdc/).

I'd like to think people maintained their vitriol through a distracting spate of new shiny toy releases, but unfortunately I've seen this happen over and over again.

By Monday people will probably be claiming that HN isn't the place for political discussion and we should all just click-off back to Reddit.


What is more frightening than the leaks themselves is the future of this administration and the administrations to comes, assuming that they will continue in a partisan manner. It's only a downward spiral from here.

What needs to be effected is not the abolishing of government agencies. What needs to be effected is an administration that is clear and transparent with its actions, not necessarily the implementation of said actions.

And yes, education is a must. The EFF and EPIC are both organizations working to change the apathy perpetuated by the mass media.

> However, it's also common sense that it's inevitable that any complex large-scale long-term operation will ultimately come to light.

Is it, though? Is it unlikely that some projects that a government undertakes could remain hidden indefinitely, or at least until after the collapse of said government?

If anything, it's even easier to leak the existence of evil government projects (in the U.S. at least) than in practically any time in the past. The U.S. even provides the majority of the funding to Tor that could help you do it too.

Back in the day you had to somehow take pictures of documents you wanted copied, do it in a way that didn't draw suspicion, you were limited to what you could physically examine (and carry), and pretty much everything was huge compared to miniturized technology of today.

And after all, think back to who provided the intel to Greenwald and the WaPo again? The vast majority of government employees, even in agencies like NSA and FBI, feel that they are acting in the public interest (or at least, not against the public interest).

It's not as if there's a University of Illuminati and Zionists for the government to hire conspirators out of.

So I think Ray Ozzie is right on point, with that part among his other points.

If I were a programmer that wanted to damage the reputation of my employer, I'd embed a key in its software that made it look like the software was sending all user data to the NSA. Any denial would meet "well, there's a secret law making you deny it". The perfect crime...

Somehow, I don't think the NSA would look kindly on that, and who knows how that might affect you. Not exactly the perfect crime.

What consequences do you envision?


Has any programmer ever disappeared after writing code that pokes fun / ire / controversy at the NSA? Has anyone in the US ever disappeared after something like this?

I guess we can imagine a new world where up is down and white is black, but in the current world, the government is just a bureaucracy filled with bureaucrats trying to get promoted for coming up with crazy ideas. Disappearing random people is not high on anyone's agenda, I don't think.

I donno, I lost contact with a lot of former people, they seem to have disappeared. I'm sure you too.

Also from these times:


An example of coverage, very similar to what we read now:


Read Schneier's take on it: http://www.schneier.com/crypto-gram-9909.html#NSAKeyinMicros...

It seems reasonable that NSAKEY wasn't an NSA backdoor meant allow them to secretly install compromised crypto libraries on your machine.

It was obviously made for NSA. Otherwise the name wouldn't mention NSA. Microsoft didn't need the backup key, they were able to back up the single Microsoft key. Nobody designs the crypto with two keys accidentally. How NSA used it we can only speculate, but it was there on purpose, the truthful wording of Microsoft was "it was there for us to obey the law."

The NSAKEY entry was actually recently posted here...

Interesting article, but slight quibble: differential cryptography is a cryptanalysis technique, ie a method that anybody can use to try to break a cipher.


This is differential work factor cryptography rather than differential cryptanalysis. Differential work factor cryptography is design crypto systems are easier for one party to attack.


Ahh interesting, I wasn't aware of this use of the term. Thank you for the clarification!

>This page has also been translated into Russian here

It is not in Russian. It's in Belarussian.

> and into Polish here

This is, at best, an odd machine translation.

The translation is a sneaky SEO technique. People offer to translate your page into other languages as long as you link to the translation on their page. By linking to them, you pass on PageRank. The website has of course nothing to do with your content.

Would they really put the NSA director's email in the PGP key? Something smells fishy about this.

They didn't. To quote: "(of course I made this user id up -- you can edit it to whatever you choose it's of course not self-signed)"

Why is this comment being downvoted? It was an honest, albeit rather silly mistake, not a misuse of HN.

It's an irrelevant remark from somebody who didn't read the article properly.


- reduces the prominence of low quality content

- encourages posters to avoid posting low quality content

quote from the article: "of course I made this user id up"

Given many companies running notes push forms out to their web site, I am curious, does now knowing this key increase the vulnerability of Lotus Notes servers everywhere as theoretically anyone can use it now?

That applies to versions of Notes and Domino prior to R5.0.4, since which there has only been one version (outside of France, at least, which didn't authorise import until October 2000 -- that's due to France's crypto import regulations at the time, not the USA's crypto export regs). This back door ceased to exist more than a dozen years ago, and the current international key length is more than 64 bits (4096 bits for users/servers, 8192 bits for certifier ids).

Nope. Those are called public for a reason.

And if you are working with online business, as i guess for you being here, i highly recommend you read at least some introduction on PGP.

I may be willing to believe the NSA are misguided, but nobody uses the bad guys' name for themselves on purpose. The NSA used Minitruth as the name of their backdoor? Gimme a break.

This isn't a rumor or some strange conspiracy this is just how crypto-export controls were done for a short while in the US.



>but nobody uses the bad guys' name for themselves on purpose.

Why not, I've heard of software teams naming themselves Cobra from GI Joe.

I assumed it was the work of the programmer tasked with installing the key for the NSA, not some self-deprecating humor.

>The NSA used Minitruth as the name of their backdoor? Gimme a break.

More like the guy charged with implementing it had a sense of hunour / clear perspective.

The folks at the Iris group were very much like that. Around the same period, the project that would become Lotus Quickplace and the iNotes web client was codenamed "Shimmer", after an old Saturday Night Live fake ad for a do-everything product that was both "a floor wax and a dessert topping".

You must not be familiar with 'palantir'. A seeing stone used for spying, communication, and manipulation by Sauron and Saruman in LOTR.

This is a joke on the implementation. I bet only the lotus devs ever read those names before.

I'd rather not be spied on at all, but if someone's reading my emails I sure hope they have a sense of humor.

I don't know, The darker side of me gets a kick out of it, really. It's interesting language to say the least.


Getting the private key is as easy as having a smart person inside the company that works for both the company and the gov.

Then you just have to sit on a router and read the traffic. Relatively simple for a gov agency.

There are 2 ways to be safe: 1) You do not use any technology. 2) You are honest in everything you do.

The second one is probably the easiest.

hmm, I was expecting to see that they'd factored the private key. It's been done before for 768bits RSA and presumably both NSA and RSA are picking good semiprimes but maybe not eh? That would be interesting to know.

Should I be worried about looking at this.

Nope. It's a public key, which by design, is able to be shown publicly.

It is a public key, but it is small by todays standards. You could factor it with a modest budget.

Yeah, but who fucking cares anymore.

Like, based on the events of the past week, I think we can all agree that whatever you're paranoid about right now, they've already far exceeded and overstepped your pedestrian low-ball estimates for what might be excessive, and in reality it already happened a decade ago, so you're just worrying about spilled milk.

Far more than a decade ago.

I mean Jesus, you kids act like the government has been slowly and monotonically eroding privacy rights since 1789. :)

Go read about the Church Committee

Go read about HUAC.

Go read about when we locked up the Nisei.

And I'm not saying any of this to justify anything that's happening today. What I am saying is that IT'S BEEN MUCH WORSE BEFORE, and we STILL FIXED IT ANYWAYS.

This isn't a ratchet-and-pawl fixture. Don't like something in the government? Go fix it! But stop acting like it's already been set in stone, or that everyone in government is the enemy of the people advancing some Illuminati conspiracy. By and large they're trying to do the right thing for the nation, who have interests far beyond what Greenwald or Michael Moore or Glenn Beck or Rush Limbaugh feels is important on any given day.

Still, the first step to fixing it is being upset about it.

And at the same time, you will never fix anything by being upset about everything.

Even Ray Ozzie mentioned in the other thread that there are actual reasons a small-scale covert project would need to be secret to be effective, try getting some of the other hacktivists here on HN to admit even that. They can't, because they are blinded by their rage. My thought is that having some modicum of historical background on actual oppression can help with controlling emotion and enabling logical thinking.

Its the difference between tactical secrecy and strategic secrecy. Operations that require strategic secrecy rarely work. The best example successful strategic secrecy being the "Ultra" secret which required secrecy for no more than a few years and the success of the "Ultra" secret is less a success of secrecy and more a failure of imagination by the German High Command.

Most secrets are tactical secrets like the plan to attack pearl harbor. They require short term secrecy and the utility of that secrecy declines quickly with time. The period of time is short enough that even if it is leaked the window of risk is small (US learned about Pearl Harbor but by the time Pearl Harbor got the news it was too late).

Tactical secrecy has a high utility and a low social cost because the secrets aren't keep long. Strategic secrecy has a low utility since most plans that require it are bad plans and it has a high social cost in terms of stifling debates about policy.

Almost no one complains about tactical secrecy, all these complaints are about strategic secrecy.

Welcome to China!

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact