Henry Farrell catches something interesting today. In a show on Brazilian TV about NSA surveillance, the PowerPoint slide (above) appears on the screen. Among other things, it suggests that the NSA has targeted the SWIFT payment network for penetration. Now, it’s always a good idea to take PowerPoints with a grain of salt, and it’s worth noting that this one is even less clear than usual. It merely says that many targets use private networks, which doesn’t necessarily mean that the NSA has actually cracked these networks. At the very least, though, this slide certainly implies that NSA is trying to crack them.
Here’s why this is interesting. You may recall that shortly after 9/11, the Bush administration worked out a deal with SWIFT officials to turn over all or most of their database voluntarily on a monthly basis. The idea was to use the information to try and track the money flows of al-Qaeda and other terrorist networks. That lasted until 2006. Farrell picks up the story from there:
When EU decision makers became aware of this (thanks to a New York Times story which the Bush administration tried to get spiked), there was political uproar, resulting in the negotiation of a framework under which the US agreed to impose limits and safeguards in return for continued access.
….This is interesting for two reasons. First — the EU thought the US had signed onto a binding deal on access to SWIFT data. If, as appears likely at this point, the US was letting the EU see what it did when it came in through the front door, while retaining a backdoor key for the odd bit of opportunistic burglary, it will at the least be highly embarrassing. Second — there are people in the EU who never liked this deal in the first place, and have been looking for reasons to get rid of it….
If the US has demonstrably lied to the EU about the circumstances under which it has been getting access to SWIFT, it will be hard for the EU to continue with the arrangement (and, possibly, a similar arrangement about sharing airline passenger data) without badly losing face. Even though the people who dominate the agenda (officials in the Council and European Commission) probably don’t want to abandon the agreement, even after this, they’ll have a bloody hard time explaining why they want to keep it. The EU-US homeland security relationship, which had been looking pretty cosy a few months ago, is now likely to be anything but.
Of more interest to the Brazilian reporters, of course, is the fact that Petrobras, their national oil company, is an NSA target. And the French will certainly be interested in the fact that their Ministry of Foreign Affairs network is also a target. Stay tuned for further fireworks.
http://www.juancole.com/2013/09/employee-parliament-cooperate.html
NSA Spying: Indian Gov’t Bans Employee Google Use as Euro Parliament Weighs Law Fining Cooperative Firms
by Juan Cole, 08-Sep-2013
The rest of the world is much more appalled at the spying of the National Security Agency on telephone, email, web browsers and other personal information than is the US public. As new revelations come out almost daily about the cavalier way in which the NSA has spied on the world’s presidents, parliaments and ordinary citizens it is natural that the rest of the world should begin responding to what they see as a dire threat to government and personal privacy.
The Indian government is preparing to ban government employees from using Google mail (gmail) or Yahoo mail for official purposes.
India is also considering requiring that all Indian-to-Indian email be carried solely on Indian servers inside the country. At the moment, Indian email (like that of most countries) bounces around the world before being delivered to the recipient, and likely will pass through US servers, opening it to being spied on by the NSA. One of the likely outcomes of NSA overreaching is that the internet will become more fragmented and hence less useful to the rest of us.
Meanwhile, the European Parliament is considering legislation that would fine private telecom and internet firms operating in Europe that turn data over to the NSA or give it a back door into their systems.
RT has a video report:
http://www.washingtonpost.com/business/technology/google-encrypts-data-amid-backlash-against-nsa-spying/2013/09/06/9acc3c20-1722-11e3-a2ec-b47e45e6f8ef_story.html
Google encrypts data amid backlash against NSA spying
September 7, 2013
Google is racing to encrypt the torrents of information that flow among its data centers around the world in a bid to thwart snooping by the NSA and the intelligence agencies of foreign governments, company officials said Friday.
The move by Google is among the most concrete signs yet that recent revelations about the National Security Agency’s sweeping surveillance efforts have provoked significant backlash within an American technology industry that U.S. government officials long courted as a potential partner in spying programs. Google’s encryption initiative, initially approved last year, was accelerated in June as the tech giant struggled to guard its reputation as a reliable steward of user information amid controversy about the NSA’s PRISM program, first reported in The Washington Post and the Guardian that month. PRISM obtains data from American technology companies, including Google, under various legal authorities.
Encrypting information flowing among data centers will not make it impossible for intelligence agencies to snoop on individual users of Google services, nor will it have any effect on legal requirements that the company comply with court orders or valid national security requests for data. But company officials and independent security experts said that increasingly widespread use of encryption technology makes mass surveillance more difficult — whether conducted by governments or other sophisticated hackers. “It’s an arms race,” said Eric Grosse, vice president for security engineering at Google, based in Mountain View, Calif. “We see these government agencies as among the most skilled players in this game.”
Experts say that, aside from the U.S. government, sophisticated government hacking efforts emanate from China, Russia, Britain and Israel. The NSA seeks to defeat encryption through a variety of means, including by obtaining encryption “keys” to decode communications, by using super-computers to break codes, and by influencing encryption standards to make them more vulnerable to outside attack, according to reports Thursday by the New York Times, the Guardian and ProPublica, based on documents provided by former NSA contractor Edward Snowden.
But those reports made clear that encryption — essentially converting data into what appears to be gibberish when intercepted by outsiders — complicates government surveillance efforts, requiring that resources be devoted to decoding or otherwise defeating the systems. Among the most common tactics, experts say, is to hack into individual computers or other devices used by people targeted for surveillance, making what amounts to an end run around coded communications. Security experts say the time and energy required to defeat encryption forces surveillance efforts to be targeted more narrowly on the highest-priority targets — such as terrorism suspects — and limits the ability of governments to simply cast a net into the huge rivers of data flowing across the Internet.
“If the NSA wants to get into your system, they are going to get in . . . . Most of the people in my community are realistic about that,” said
Christopher Soghoian, a computer security expert at the American Civil Liberties Union. “This is all about making dragnet surveillance impossible.” The NSA declined to comment for this article. The Office of the Director of National Intelligence issued a statement Thursday saying: “Throughout history, nations have used encryption to protect their secrets, and today terrorists, cybercriminals, human traffickers and others also use code to hide their activities. Our intelligence community would not be doing its job if we did not try to counter that.”
The U.S. intelligence community has been reeling since news reports based on Snowden’s documents began revealing remarkable new detail about how the government collects, analyzes and disseminates information — including, in some circumstances, the e-mails, video chats and phone communications of American citizens. Many of the documents portray U.S. companies as pliant “Corporate Partners” or “Providers” of information. While telecommunications companies have generally declined to comment on their relationships with government surveillance, some technology companies have reacted with outrage at the depictions in the NSA documents released by Snowden.
They have joined civil liberties groups in demanding more transparency and insisting that information is turned over to the government only when required by law, often in the form of a court order. In June, Google and Microsoft asked the Foreign Intelligence Surveillance Court to allow them greater latitude in reporting how much information they must turn over to the government. On Friday, Yahooissued its first “government transparency report,” saying it had received 12,444 requests for data from the U.S. government this year, covering the accounts of 40,322 users.
Google has long been more aggressive than its peers within the U.S. technology industry in deploying encryption technology. It turned on encryption in its popular Gmail service in 2010, and since then has added similar protections for Google searches for most users. Yet even as it encrypted much of the data flowing between Google and its users, the information traveling between its data centers offered rare points of vulnerability to potential intruders, especially government surveillance agencies, security officials said. User information — including copies of e-mails, search queries, videos and Web browsing history — typically is stored in several data centers that transmit information to each other on high-speed fiber-optic lines.
Several other companies, including Microsoft, Apple and Facebook, increasingly have begun using encryption for some of their services, though the quality varies by company. Communications between services — when an e-mail, for example, is sent from a user of Gmail to a user of Microsoft’s Outlook mail — are not generally encrypted, appearing to surveillance systems as what experts call “clear text.” Google officials declined to provide details on the cost of its new encryption efforts, the numbers of data centers involved, or the exact technology used. Officials did say that it will be what experts call “end-to-end,” meaning that both the servers in the data centers and the information on the fiber-optic lines connecting them will be encrypted using “very strong” technology. The project is expected to be completed soon, months ahead of the original schedule.
Grosse echoed comments from other Google officials, saying that the company resists government surveillance and has never weakened its encryption systems to make snooping easier — as some companies reportedly have, according to the Snowden documents detailed by the Times and the Guardian on Thursday. “This is a just a point of personal honor,” Grosse said. “It will not happen here.” Security experts said news reports detailing the extent of NSA efforts to defeat encryption were startling. It was widely presumed that the agency was working to gain access to protected information, but the efforts were far more extensive than understood and reportedly contributed to the creation of vulnerabilities that other hackers, including foreign governments, could exploit.
Matthew Green, a Johns Hopkins cryptography expert, applauded Google’s move to harden its defenses against government surveillance, but said recent revelations make clear the many weaknesses of commonly used encryption technology, much of which dates back to the 1990s or earlier. He called for renewed efforts among companies and independent researchers to update systems — the hardware, the software and the algorithms. “The idea that humans can communicate safely is something we should fight for,” Green said. But he said he wasn’t sure that would happen: “A lot of people in the next week are going to say, this is too hard. Let’s forget about the NSA.”
http://edition.cnn.com/2013/09/06/us/nsa-surveillance-encryption/
NSA Campaign Against Encryption Reports: NSA has cracked much online encryption
CNN – September 6, 2013
The U.S. National Security Agency has secretly succeeded in breaking much of the encryption that keeps people’s personal data safe online, according to reports by The New York Times, The Guardian and ProPublica.
The reports, produced in partnership and published Thursday, are the latest to emerge based on documents leaked by former NSA contractor Edward Snowden to Britain’s Guardian newspaper. According to the reports, the NSA, alongside its UK equivalent, Government Communications Headquarters, better known as GCHQ, has been able to unscramble much of the encoding that protects everything from personal e-mails to banking systems, medical records and Internet chats.
The agencies’ methods include the use of supercomputers to crack codes, covert measures to introduce weaknesses into encryption standards and behind-doors collaboration with technology companies and Internet service providers themselves. “Through these covert partnerships, the agencies have inserted secret vulnerabilities — known as backdoors or trapdoors — into commercial encryption software,”
The Guardian says. The Guardian cites a 2010 GCHQ memo that it says describes a briefing on NSA accomplishments given to GCHQ employees. “For the past decade, NSA has lead (sic) an aggressive, multi-pronged effort to break widely used Internet encryption technologies,” the memo reportedly says. “Vast amounts of encrypted Internet data which have up till now been discarded are now exploitable.” A second memo is quoted as saying that when the British analysts, who often work alongside NSA officers, were first told about the program, “those not already briefed were gobsmacked.”
Another document states that GCHQ has been working to find ways into the encrypted data sent via four big Internet firms, Google, Yahoo, Facebook and Microsoft’s Hotmail, the reports claim. GCHQ told CNN it had no comment on The Guardian report. The reports claim that the NSA worked to develop more covert ways of unscrambling online data after losing a public battle in the 1990s to insert a government “back door” into all programming.
‘Foundation of web security’
Computer security expert Mikko Hypponen believes the revelation is the most important leak to date from Snowden. “It may not have gained as many headlines as some of his other stories, because most people don’t understand how crypto systems work. If indeed U.S intelligence does indeed have such a wide range of systems, then I’m surprised,” he told CNN. Crypto encryption is relevant to everyday applications that everyone uses, for example in communications and transactions, he said. “Now we learn that the foundation of web security has been compromised.”
Hypponen, the chief research officer for F-Secure, said he believes the NSA and GCHQ had probably cracked the encryption by placing moles in key companies at key locations. “Any major service provider must have sizable amounts of moles from intelligence agencies. Remember that the NSA has 35,000 people working for it,” he said. “The ordinary user should not be worried by these revelations — it’s obvious that intelligence agencies are not interested in hacking financial transactions — but they should be outraged.”
He suggested those outside the United States should be the most concerned. “How many U.S. politicians use French cloud-services? Almost none. But how many French politicians use U.S. cloud services? All of them,” he said. “Remember that 96% of the planet’s inhabitants are foreigners to the United States, so it’s wrong that the U.S. has a legal right to access foreign communications.”
Public concern
The scope of hidden U.S. surveillance programs has been brought to public light through leaks to media outlets by Snowden, who fled the United States and is now in Russia under temporary asylum. He faces espionage charges. The revelations have led many Americans, according to polls, to harbor skepticism about the NSA programs. They’ve also generated concern in Congress as well as from privacy groups and libertarians. Last month, President Barack Obama sought to allay people’s unease over the work of the intelligence agency in an interview with CNN “New Day” anchor Chris Cuomo.
Obama said he was confident no one at the NSA is “trying to abuse this program or listen in on people’s e-mail.” The president chalked much of the concern with domestic snooping on changes in technology. “I think there are legitimate concerns that people have that technology is moving so quick,” Obama said. “What I recognize is that we’re going to have to continue to improve the safeguards and as technology moves forward, that means that we may be able to build technologies that give people more assurance.”
New leak: NSA program taps all you do online
August 1, 2013 — Updated 1854 GMT (0254 HKT)
You’ve never heard of XKeyscore, but it definitely knows you. The National Security Agency’s top-secret program essentially makes available everything you’ve ever done on the Internet.
Don’t let U.S. government read your e-mail
August 18, 2013 — Updated 1304 GMT (2104 HKT)
You may have never heard of Lavabit and Silent Circle. That’s because they offered encrypted (secure) e-mail services, something most Americans have probably never thought about needing.
http://www.nytimes.com/interactive/2013/09/05/us/unlocking-private-communications.html?ref=us
Secret Documents Reveal N.S.A. Campaign Against Encryption
http://www.nytimes.com/interactive/2013/09/05/us/documents-reveal-nsa-campaign-against-encryption.html?ref=us
Documents show that the N.S.A. has been waging a war against encryption using a battery of methods that include working with industry to weaken encryption standards, making design changes to cryptographic software, and pushing international encryption standards it knows it can break. Related Article »
Excerpt from 2013 Intelligence Budget Request Bullrun Briefing Sheet
This excerpt from the N.S.A.’s 2013 budget request outlines the ways in which the agency circumvents the encryption protection of everyday Internet communications. The Sigint Enabling Project involves industry relationships, clandestine changes to commercial software to weaken encryption, and lobbying for encryption standards it can crack.
The N.S.A.’s Sigint Enabling Project is a $250 million-a-year program that works with Internet companies to weaken privacy by inserting back doors into encryption products. This excerpt from a 2013 budget proposal outlines some methods the agency uses to undermine encryption used by the public.
The agency works with companies to insert back doors into the commercial products. These back doors allow the agency, and in theory only the agency, to gain access to scrambled information that it would not be able to view otherwise.
Because the N.S.A. has long been considered the world’s top authority on encryption, it has dual, sometimes competing, roles. One responsibility of the agency is to safeguard United States communications by promoting encryption standards, and the other is to break codes protecting foreign communications. Part of the Sigint Enabling Project’s goal is to influence these standards — which are often used by American companies — and weaken them.
The agency defines capability as “the NSA/CSS ability to exploit a specific technology,” according to a 2010 document outlining the Bullrun program. Here, the agency is claiming that it can gain access to the text and audio of an Internet chat service. It is unclear from the documents that The New York Times and ProPublica have access to which service this document refers to.
Large Internet companies use dedicated hardware to scramble traffic before it is sent. In 2013, the agency planned to be able to decode traffic that was encoded by one of these two encryption chips, either by working with the manufacturers of the chips to insert back doors or by exploiting a security flaw in the chips’ design.
http://www.bbc.co.uk/news/world-us-canada-23981291
Snowden leaks: US and UK ‘crack online encryption’
6 September 2013
US and UK intelligence have reportedly cracked the encryption codes protecting the emails, banking and medical records of hundreds of millions of people.
Disclosures by leaker Edward Snowden allege the US National Security Agency (NSA) and the UK’s GCHQ successfully decoded key online security protocols. They suggest some internet companies provided the agencies backdoor access to their security systems. The NSA is said to spend $250m (£160m) a year on the top-secret operation. It is codenamed Bullrun, an American civil-war battle, according to the documents published by the Guardian in conjunction with the New York Times and ProPublica. The British counterpart scheme run by GCHQ is called Edgehill, after the first major engagement of the English civil war, say the documents.
‘Behind-the-scenes persuasion’
The reports say the UK and US intelligence agencies are focusing on the encryption used in 4G smartphones, email, online shopping and remote business communication networks. The encryption techniques are used by internet services such as Google, Facebook and Yahoo. Under Bullrun, it is said that the NSA has built powerful supercomputers to try to crack the technology that scrambles and encrypts personal information when internet users log on to access various services.
The NSA also collaborated with unnamed technology companies to build so-called back doors into their software – something that would give the government access to information before it is encrypted and sent over the internet, it is reported. As well as supercomputers, methods used include “technical trickery, court orders and behind-the-scenes persuasion to undermine the major tools protecting the privacy of everyday communications”, the New York Times reports. The US reportedly began investing billions of dollars in the operation in 2000 after its initial efforts to install a “back door” in all encryption systems were thwarted.
‘Gobsmacked’
During the next decade, it is said the NSA employed code-breaking computers and began collaborating with technology companies at home and abroad to build entry points into their products. The documents provided to the Guardian by Mr Snowden do not specify which companies participated. The NSA also hacked into computers to capture messages prior to encryption, and used broad influence to introduce weaknesses into encryption standards followed by software developers the world over, the New York Times reports. When British analysts were first told of the extent of the scheme they were “gobsmacked”, according to one memo among more than 50,000 documents shared by the Guardian.
NSA officials continue to defend the agency’s actions, claiming it will put the US at considerable risk if messages from terrorists and spies cannot be deciphered. But some experts argue that such efforts could actually undermine national security, noting that any back doors inserted into encryption programs can be exploited by those outside the government. It is the latest in a series of intelligence leaks by Mr Snowden, a former NSA contractor, who began providing caches of sensitive government documents to media outlets three months ago.
In June, the 30-year-old fled his home in Hawaii, where he worked at a small NSA installation, to Hong Kong, and subsequently to Russia after making revelations about a secret US data-gathering programme. A US federal court has since filed espionage charges against Mr Snowden and is seeking his extradition. Mr Snowden, however, remains in Russia where he has been granted temporary asylum.
Analysis
Mark Ward – Technology correspondent, BBC News
Encryption involves scrambling text to make it unreadable without the right key. Typically data encryption uses numbers hundreds of digits long as those keys. That renders data secure because it would take thousands of years to try all possible keys for a particular message. The NSA and GCHQ have apparently managed to get around this several different ways. They have used supercomputers to crank through potential keys very quickly, exploited known weaknesses in widely used web and mobile security protocols to read messages, and forced tech firms to install backdoors in software. In addition, the NSA is believed to have subverted a US federal program to create new encryption algorithms so it can more easily get at any messages or data they were supposed to protect. Critics say the NSA/GCHQ approaches are short-sighted because any backdoor could equally be used by spies and crooks and undermines the role the web plays in modern life.
http://www.latimes.com/opinion/opinion-la/la-ol-nsa-introduced-vulnerabilities-into-encryption-snowden-reveals-20130905,0,2218463.story
Latest Snowden revelation: NSA sabotaged electronic locks
September 5, 2013,
NSA HQ – This undated photo provided by the National Security Agency shows its headquarters in Ft. Meade, Md. (May 11, 2006)
The latest Edward Snowden-powered exposé published by the New York Times, ProPublica and the Guardian is, to me, the most frightening. It reveals that the National Security Agency has moved beyond its historic role as a code-breaker to become a saboteur of the encryption systems. Its work has allegedly weakened the scrambling not just of terrorists’ emails but also bank transactions, medical records and communications among coworkers.
Here’s the money graf:
“The NSA hacked into target computers to snare messages before they were encrypted. And the agency used its influence as the world’s most experienced code maker to covertly introduce weaknesses into the encryption standards followed by hardware and software developers around the world.” I’d be disappointed if the NSA hadn’t figured out how to do that hacking trick. But adding vulnerabilities to standard encryption techniques? That’s just making the job easier for hackers to make sense of the scrambled data they steal. The outrage is still pouring in from various advocacy groups. Here’s a succinct condemnation by the Center on Democracy and Technology, one of the more centrist of these organizations:
“These revelations demonstrate a fundamental attack on the way the Internet works,” senior staff technologist Joseph Lorenzo Hall wrote in a statement. “In an era in which businesses, as well as the average consumer, trust secure networks and technologies for sensitive transactions and private communications online, it’s incredibly destructive for the NSA to add flaws to such critical infrastructure. The NSA seems to be operating on the fantastically naïve assumption that any vulnerabilities it builds into core Internet technologies can only be exploited by itself and its global partners.”
Every form of encryption can theoretically be cracked, given enough time and processing power. But the mere use of encryption has encouraged data thieves to look elsewhere for targets, on the same principle that even weak bike locks are effective when there are unlocked bikes nearby. The easier it is to pick the electronic locks used online, the less of a deterrent they become. The NSA’s efforts appear to be the Plan B implemented after the Clinton administration failed to persuade the communications industry in the mid-1990s to usegovernment-developed encryption technologies for voice and data transmissions.
The decryption keys would have been held by the government, available to the NSA as necessary. But industry ultimately rejected the plan because of a fundamental vulnerability: a stolen or cracked “master key” could have unlocked every bit of scrambled data. The latest Snowden-leaked documents outline a multi-pronged assault by the NSA on the various forms of encryption used online. Its techniques included more traditional code-breaking as well as the aforementioned hacking and weakening efforts. Thursday’s stories didn’t identify the forms of encryption that the NSA undermined, saying more generally that the agency had targeted the secure version of HTTP, Secure Sockets Layer, virtual private networking technology and the encryption used on 4G smartphones.
In short, the implication of the mass of documents leaked thus far is that the NSA is not just monitoring seemingly every utterance on the planet, it is planting weaknesses in the security technology that protects legitimate online communications for the sake of decrypting illegitimate ones. I’m looking forward to hearing the NSA’s defenders explain why we should feel safer now.
http://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security
Revealed: how US and UK spy agencies defeat internet privacy and security
• NSA and GCHQ unlock encryption used to protect emails, banking and medical records
• $250m-a-year US program works covertly with tech companies to insert weaknesses into products
• Security experts say programs ‘undermine the fabric of the internet’
by Glenn Greenwald
Guardian Weekly, 6 September 2013
Jump to comments (3922)
This story has been reported in partnership between the New York Times, the Guardian and ProPublica based on documents obtained by the Guardian.
For the Guardian: James Ball, Julian Borger, Glenn Greenwald
For the New York Times: Nicole Perlroth, Scott Shane
For ProPublica: Jeff Larson
Through covert partnerships with tech companies, the spy agencies have inserted secret vulnerabilities into encryption software. Photograph: Reuters
US and British intelligence agencies have successfully cracked much of the online encryption relied upon by hundreds of millions of people to protect the privacy of their personal data, online transactions and emails, according to top-secret documents revealed by former contractor Edward Snowden. The files show that the National Security Agency and its UK counterpart GCHQ have broadly compromised the guarantees that internet companies have given consumers to reassure them that their communications, online banking and medical records would be indecipherable to criminals or governments.
The agencies, the documents reveal, have adopted a battery of methods in their systematic and ongoing assault on what they see as one of the biggest threats to their ability to access huge swathes of internet traffic – “the use of ubiquitous encryption across the internet”. Those methods include covert measures to ensure NSA control over setting of international encryption standards, the use of supercomputers to break encryption with “brute force”, and – the most closely guarded secret of all – collaboration with technology companies and internet service providers themselves. Through these covert partnerships, the agencies have inserted secret vulnerabilities – known as backdoors or trapdoors – into commercial encryption software.
The files, from both the NSA and GCHQ, were obtained by the Guardian, and the details are being published today in partnership with the New York Times and ProPublica. They reveal:
• A 10-year NSA program against encryption technologies made a breakthrough in 2010 which made “vast amounts” of data collected through internet cable taps newly “exploitable”.
• The NSA spends $250m a year on a program which, among other goals, works with technology companies to “covertly influence” their product designs.
• The secrecy of their capabilities against encryption is closely guarded, with analysts warned: “Do not ask about or speculate on sources or methods.”
• The NSA describes strong decryption programs as the “price of admission for the US to maintain unrestricted access to and use of cyberspace”.
• A GCHQ team has been working to develop ways into encrypted traffic on the “big four” service providers, named as Hotmail, Google, Yahoo and Facebook.
NSA diagram – This network diagram, from a GCHQ pilot program, shows how the agency proposed a system to identify encrypted traffic from its internet cable-tapping programs and decrypt what it could in near-real time. Photograph: Guardian
The agencies insist that the ability to defeat encryption is vital to their core missions of counter-terrorism and foreign intelligence gathering. But security experts accused them of attacking the internet itself and the privacy of all users. “Cryptography forms the basis for trust online,” said Bruce Schneier, an encryption specialist and fellow at Harvard’s Berkman Center for Internet and Society. “By deliberately undermining online security in a short-sighted effort to eavesdrop, the NSA is undermining the very fabric of the internet.” Classified briefings between the agencies celebrate their success at “defeating network security and privacy”.
“For the past decade, NSA has lead [sic] an aggressive, multi-pronged effort to break widely used internet encryption technologies,” stated a 2010 GCHQ document. “Vast amounts of encrypted internet data which have up till now been discarded are now exploitable.” An internal agency memo noted that among British analysts shown a presentation on the NSA’s progress: “Those not already briefed were gobsmacked!”
The breakthrough, which was not described in detail in the documents, meant the intelligence agencies were able to monitor “large amounts” of data flowing through the world’s fibre-optic cables and break its encryption, despite assurances from internet company executives that this data was beyond the reach of government. The key component of the NSA’s battle against encryption, its collaboration with technology companies, is detailed in the US intelligence community’s top-secret 2013 budget request under the heading “Sigint [signals intelligence] enabling”.
NSA Bullrun 1 – Classified briefings between the NSA and GCHQ celebrate their success at ‘defeating network security and privacy’. Photograph: Guardian
Funding for the program – $254.9m for this year – dwarfs that of the Prism program, which operates at a cost of $20m a year, according to previous NSA documents. Since 2011, the total spending on Sigint enabling has topped $800m. The program “actively engages US and foreign IT industries to covertly influence and/or overtly leverage their commercial products’ designs”, the document states. None of the companies involved in such partnerships are named; these details are guarded by still higher levels of classification. Among other things, the program is designed to “insert vulnerabilities into commercial encryption systems”. These would be known to the NSA, but to no one else, including ordinary customers, who are tellingly referred to in the document as “adversaries”.
“These design changes make the systems in question exploitable through Sigint collection … with foreknowledge of the modification. To the consumer and other adversaries, however, the systems’ security remains intact.” The document sets out in clear terms the program’s broad aims, including making commercial encryption software “more tractable” to NSA attacks by “shaping” the worldwide marketplace and continuing efforts to break into the encryption used by the next generation of 4G phones. Among the specific accomplishments for 2013, the NSA expects the program to obtain access to “data flowing through a hub for a major communications provider” and to a “major internet peer-to-peer voice and text communications system”.
Technology companies maintain that they work with the intelligence agencies only when legally compelled to do so. The Guardian has previously reported that Microsoft co-operated with the NSA to circumvent encryption on the Outlook.com email and chat services. The company insisted that it was obliged to comply with “existing or future lawful demands” when designing its products. The documents show that the agency has already achieved another of the goals laid out in the budget request: to influence the international standards upon which encryption systems rely.
Independent security experts have long suspected that the NSA has been introducing weaknesses into security standards, a fact confirmed for the first time by another secret document. It shows the agency worked covertly to get its own version of a draft security standard issued by the US National Institute of Standards and Technology approved for worldwide use in 2006. “Eventually, NSA became the sole editor,” the document states. The NSA’s codeword for its decryption program, Bullrun, is taken from a major battle of the American civil war. Its British counterpart, Edgehill, is named after the first major engagement of the English civil war, more than 200 years earlier. A classification guide for NSA employees and contractors on Bullrun outlines in broad terms its goals.
“Project Bullrun deals with NSA’s abilities to defeat the encryption used in specific network communication technologies. Bullrun involves multiple sources, all of which are extremely sensitive.” The document reveals that the agency has capabilities against widely used online protocols, such as HTTPS, voice-over-IP and Secure Sockets Layer (SSL), used to protect online shopping and banking. The document also shows that the NSA’s Commercial Solutions Center, ostensibly the body through which technology companies can have their security products assessed and presented to prospective government buyers, has another, more clandestine role.
It is used by the NSA to “to leverage sensitive, co-operative relationships with specific industry partners” to insert vulnerabilities into security products. Operatives were warned that this information must be kept top secret “at a minimum”. A more general NSA classification guide reveals more detail on the agency’s deep partnerships with industry, and its ability to modify products. It cautions analysts that two facts must remain top secret: that NSA makes modifications to commercial encryption software and devices “to make them exploitable”, and that NSA “obtains cryptographic details of commercial cryptographic information security systems through industry relationships”.
The agencies have not yet cracked all encryption technologies, however, the documents suggest. Snowden appeared to confirm this during a live Q&A with Guardian readers in June. “Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on,” he said before warning that NSA can frequently find ways around it as a result of weak security on the computers at either end of the communication. The documents are scattered with warnings over the importance of maintaining absolute secrecy around decryption capabilities.
NSA Bullrun 2 – A slide showing that the secrecy of the agencies’ capabilities against encryption is closely guarded. Photograph: Guardian
Strict guidelines were laid down at the GCHQ complex in Cheltenham, Gloucestershire, on how to discuss projects relating to decryption. Analysts were instructed: “Do not ask about or speculate on sources or methods underpinning Bullrun.” This informaton was so closely guarded, according to one document, that even those with access to aspects of the program were warned: “There will be no ‘need to know’.” The agencies were supposed to be “selective in which contractors are given exposure to this information”, but it was ultimately seen by Snowden, one of 850,000 people in the US with top-secret clearance.A 2009 GCHQ document spells out the significant potential consequences of any leaks, including “damage to industry relationships”.
“Loss of confidence in our ability to adhere to confidentiality agreements would lead to loss of access to proprietary information that can save time when developing new capability,” intelligence workers were told. Somewhat less important to GCHQ was the public’s trust which was marked as a moderate risk, the document stated. “Some exploitable products are used by the general public; some exploitable weaknesses are well known eg possibility of recovering poorly chosen passwords,” it said. “Knowledge that GCHQ exploits these products and the scale of our capability would raise public awareness generating unwelcome publicity for us and our political masters.”
The decryption effort is particularly important to GCHQ. Its strategic advantage from its Tempora program – direct taps on transatlantic fibre-optic cables of major telecommunications corporations – was in danger of eroding as more and more big internet companies encrypted their traffic, responding to customer demands for guaranteed privacy. Without attention, the 2010 GCHQ document warned, the UK’s “Sigint utility will degrade as information flows changes, new applications are developed (and deployed) at pace and widespread encryption becomes more commonplace.” Documents show that Edgehill’s initial aim was to decode the encrypted traffic certified by three major (unnamed) internet companies and 30 types of Virtual Private Network (VPN) – used by businesses to provide secure remote access to their systems.
By 2015, GCHQ hoped to have cracked the codes used by 15 major internet companies, and 300 VPNs. Another program, codenamed Cheesy Name, was aimed at singling out encryption keys, known as ‘certificates’, that might be vulnerable to being cracked by GCHQ supercomputers. Analysts on the Edgehill project were working on ways into the networks of major webmail providers as part of the decryption project. A quarterly update from 2012 notes the project’s team “continue to work on understanding” the big four communication providers, named in the document as Hotmail, Google, Yahoo and Facebook, adding “work has predominantly been focused this quarter on Google due to new access opportunities being developed”.
To help secure an insider advantage, GCHQ also established a Humint Operations Team (HOT). Humint, short for “human intelligence” refers to information gleaned directly from sources or undercover agents. This GCHQ team was, according to an internal document, “responsible for identifying, recruiting and running covert agents in the global telecommunications industry.” “This enables GCHQ to tackle some of its most challenging targets,” the report said. The efforts made by the NSA and GCHQ against encryption technologies may have negative consequences for all internet users, experts warn.
“Backdoors are fundamentally in conflict with good security,” said Christopher Soghoian, principal technologist and senior policy analyst at the American Civil Liberties Union. “Backdoors expose all users of a backdoored system, not just intelligence agency targets, to heightened risk of data compromise.” This is because the insertion of backdoors in a software product, particularly those that can be used to obtain unencrypted user communications or data, significantly increases the difficulty of designing a secure product.” This was a view echoed in a recent paper by Stephanie Pell, a former prosecutor at the US Department of Justice and non-resident fellow at the Center for Internet and Security at Stanford Law School.
“[An] encrypted communications system with a lawful interception back door is far more likely to result in the catastrophic loss of communications confidentiality than a system that never has access to the unencrypted communications of its users,” she states. Intelligence officials asked the Guardian, New York Times and ProPublica not to publish this article, saying that it might prompt foreign targets to switch to new forms of encryption or communications that would be harder to collect or read. The three organisations removed some specific facts but decided to publish the story because of the value of a public debate about government actions that weaken the most powerful tools for protecting the privacy of internet users in the US and worldwide.
http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html?hp&_r=0
N.S.A. Able to Foil Basic Safeguards of Privacy on Web
September 5, 2013
1466 Comments Readers shared their thoughts on this article
The National Security Agency is winning its long-running secret war on encryption, using supercomputers, technical trickery, court orders and behind-the-scenes persuasion to undermine the major tools protecting the privacy of everyday communications in the Internet age, according to newly disclosed documents.
The agency has circumvented or cracked much of the encryption, or digital scrambling, that guards global commerce and banking systems, protects sensitive data like trade secrets and medical records, and automatically secures the e-mails, Web searches, Internet chats and phone calls of Americans and others around the world, the documents show. Many users assume — or have been assured by Internet companies — that their data is safe from prying eyes, including those of the government, and the N.S.A. wants to keep it that way. The agency treats its recent successes in deciphering protected information as among its most closely guarded secrets, restricted to those cleared for a highly classified program code-named Bullrun, according to the documents, provided by Edward J. Snowden, the former N.S.A. contractor.
Beginning in 2000, as encryption tools were gradually blanketing the Web, the N.S.A. invested billions of dollars in a clandestine campaign to preserve its ability to eavesdrop. Having lost a public battle in the 1990s to insert its own “back door” in all encryption, it set out to accomplish the same goal by stealth. The agency, according to the documents and interviews with industry officials, deployed custom-built, superfast computers to break codes, and began collaborating with technology companies in the United States and abroad to build entry points into their products. The documents do not identify which companies have participated.
The N.S.A. hacked into target computers to snare messages before they were encrypted. In some cases, companies say they were coerced by the government into handing over their master encryption keys or building in a back door. And the agency used its influence as the world’s most experienced code maker to covertly introduce weaknesses into the encryption standards followed by hardware and software developers around the world. “For the past decade, N.S.A. has led an aggressive, multipronged effort to break widely used Internet encryption technologies,” said a 2010 memo describing a briefing about N.S.A. accomplishments for employees of its British counterpart, Government Communications Headquarters, or GCHQ. “Cryptanalytic capabilities are now coming online. Vast amounts of encrypted Internet data which have up till now been discarded are now exploitable.”
When the British analysts, who often work side by side with N.S.A. officers, were first told about the program, another memo said, “those not already briefed were gobsmacked!” An intelligence budget document makes clear that the effort is still going strong. “We are investing in groundbreaking cryptanalytic capabilities to defeat adversarial cryptography and exploit Internet traffic,” the director of national intelligence, James R. Clapper Jr., wrote in his budget request for the current year. In recent months, the documents disclosed by Mr. Snowden have described the N.S.A.’s reach in scooping up vast amounts of communications around the world. The encryption documents now show, in striking detail, how the agency works to ensure that it is actually able to read the information it collects.
The agency’s success in defeating many of the privacy protections offered by encryption does not change the rules that prohibit the deliberate targeting of Americans’ e-mails or phone calls without a warrant. But it shows that the agency, which was sharply rebuked by a federal judge in 2011 for violating the rules and misleading the Foreign Intelligence Surveillance Court, cannot necessarily be restrained by privacy technology. N.S.A. rules permit the agency to store any encrypted communication, domestic or foreign, for as long as the agency is trying to decrypt it or analyze its technical features. The N.S.A., which has specialized in code-breaking since its creation in 1952, sees that task as essential to its mission. If it cannot decipher the messages of terrorists, foreign spies and other adversaries, the United States will be at serious risk, agency officials say.
Just in recent weeks, the Obama administration has called on the intelligence agencies for details of communications by leaders of Al Qaeda about a terrorist plot and of Syrian officials’ messages about the chemical weapons attack outside Damascus. If such communications can be hidden by unbreakable encryption, N.S.A. officials say, the agency cannot do its work. But some experts say the N.S.A.’s campaign to bypass and weaken communications security may have serious unintended consequences. They say the agency is working at cross-purposes with its other major mission, apart from eavesdropping: ensuring the security of American communications.
Some of the agency’s most intensive efforts have focused on the encryption in universal use in the United States, including Secure Sockets Layer, or SSL; virtual private networks, or VPNs; and the protection used on fourth-generation, or 4G, smartphones. Many Americans, often without realizing it, rely on such protection every time they send an e-mail, buy something online, consult with colleagues via their company’s computer network, or use a phone or a tablet on a 4G network.
For at least three years, one document says, GCHQ, almost certainly in collaboration with the N.S.A., has been looking for ways into protected traffic of popular Internet companies: Google, Yahoo, Facebook and Microsoft’s Hotmail. By 2012, GCHQ had developed “new access opportunities” into Google’s systems, according to the document. (Google denied giving any government access and said it had no evidence its systems had been breached). “The risk is that when you build a back door into systems, you’re not the only one to exploit it,” said Matthew D. Green, a cryptography researcher at Johns Hopkins University. “Those back doors could work against U.S. communications, too.”
Paul Kocher, a leading cryptographer who helped design the SSL protocol, recalled how the N.S.A. lost the heated national debate in the 1990s about inserting into all encryption a government back door called the Clipper Chip. “And they went and did it anyway, without telling anyone,” Mr. Kocher said. He said he understood the agency’s mission but was concerned about the danger of allowing it unbridled access to private information. “The intelligence community has worried about ‘going dark’ forever, but today they are conducting instant, total invasion of privacy with limited effort,” he said. “This is the golden age of spying.”
A Vital Capability
The documents are among more than 50,000 shared by The Guardian with The New York Times and ProPublica, the nonprofit news organization. They focus on GCHQ but include thousands from or about the N.S.A. Intelligence officials asked The Times and ProPublica not to publish this article, saying it might prompt foreign targets to switch to new forms of encryption or communications that would be harder to collect or read. The news organizations removed some specific facts but decided to publish the article because of the value of a public debate about government actions that weaken the most powerful privacy tools. The files show that the agency is still stymied by some encryption, as Mr. Snowden suggested in a question-and-answer session on The Guardian’s Web site in June.
“Properly implemented strong crypto systems are one of the few things that you can rely on,” he said, though cautioning that the N.S.A. often bypasses the encryption altogether by targeting the computers at one end or the other and grabbing text before it is encrypted or after it is decrypted. The documents make clear that the N.S.A. considers its ability to decrypt information a vital capability, one in which it competes with China, Russia and other intelligence powers. “In the future, superpowers will be made or broken based on the strength of their cryptanalytic programs,” a 2007 document said. “It is the price of admission for the U.S. to maintain unrestricted access to and use of cyberspace.”
The full extent of the N.S.A.’s decoding capabilities is known only to a limited group of top analysts from the so-called Five Eyes: the N.S.A. and its counterparts in Britain, Canada, Australia and New Zealand. Only they are cleared for the Bullrun program, the successor to one called Manassas — both names of an American Civil War battle. A parallel GCHQ counter-encryption program is called Edgehill, named for the first battle of the English Civil War of the 17th century. Unlike some classified information that can be parceled out on a strict “need to know” basis, one document makes clear that with Bullrun, “there will be NO ‘need to know.’ ” Only a small cadre of trusted contractors were allowed to join Bullrun. It does not appear that Mr. Snowden was among them, but he nonetheless managed to obtain dozens of classified documents referring to the program’s capabilities, methods and sources.
Ties to Internet Companies
When the N.S.A. was founded, encryption was an obscure technology used mainly by diplomats and military officers. Over the last 20 years, it has become ubiquitous. Even novices can tell that their exchanges are being automatically encrypted when a tiny padlock appears next to a Web address. Because strong encryption can be so effective, classified N.S.A. documents make clear, the agency’s success depends on working with Internet companies — by getting their voluntary collaboration, forcing their cooperation with court orders or surreptitiously stealing their encryption keys or altering their software or hardware.
According to an intelligence budget document leaked by Mr. Snowden, the N.S.A. spends more than $250 million a year on its Sigint Enabling Project, which “actively engages the U.S. and foreign IT industries to covertly influence and/or overtly leverage their commercial products’ designs” to make them “exploitable.” Sigint is the acronym for signals intelligence, the technical term for electronic eavesdropping. By this year, the Sigint Enabling Project had found ways inside some of the encryption chips that scramble information for businesses and governments, either by working with chipmakers to insert back doors or by exploiting security flaws, according to the documents.
The agency also expected to gain full unencrypted access to an unnamed major Internet phone call and text service; to a Middle Eastern Internet service; and to the communications of three foreign governments. In one case, after the government learned that a foreign intelligence target had ordered new computer hardware, the American manufacturer agreed to insert a back door into the product before it was shipped, someone familiar with the request told The Times. The 2013 N.S.A. budget request highlights “partnerships with major telecommunications carriers to shape the global network to benefit other collection accesses” — that is, to allow more eavesdropping.
At Microsoft, as The Guardian has reported, the N.S.A. worked with company officials to get pre-encryption access to Microsoft’s most popular services, including MS Outlook e-mail, Skype Internet phone calls and chats, and SkyDrive, the company’s cloud storageservice. Microsoft asserted that it had merely complied with “lawful demands” of the government, and in some cases, the collaboration was clearly coerced. Some companies have been asked to hand the government the encryption keys to all customer communications, according to people familiar with the government’s requests. N.S.A. documents show that the agency maintains an internal database of encryption keys for specific commercial products, called a Key Provisioning Service, which can automatically decode many messages. If the necessary key is not in the collection, a request goes to the separate Key Recovery Service, which tries to obtain it.
How keys are acquired is shrouded in secrecy, but independent cryptographers say many are probably collected by hacking into companies’ computer servers, where they are stored. To keep such methods secret, the N.S.A. shares decrypted messages with other agencies only if the keys could have been acquired through legal means. “Approval to release to non-Sigint agencies,” a GCHQ document says, “will depend on there being a proven non-Sigint method of acquiring keys.” Simultaneously, the N.S.A. has been deliberately weakening the international encryption standards adopted by developers.
One goal in the agency’s 2013 budget request was to “influence policies, standards and specifications for commercial public key technologies,” the most common encryption method. Cryptographers have long suspected that the agency planted vulnerabilities in a standard adopted in 2006 by the National Institute of Standards and Technology and later by the International Organization for Standardization, which has 163 countries as members. Classified N.S.A. memos appear to confirm that the fatal weakness, discovered by two Microsoft cryptographers in 2007, was engineered by the agency. The N.S.A. wrote the standard and aggressively pushed it on the international group, privately calling the effort “a challenge in finesse.”
“Eventually, N.S.A. became the sole editor,” the memo says. Even agency programs ostensibly intended to guard American communications are sometimes used to weaken protections. The N.S.A.’s Commercial Solutions Center, for instance, invites the makers of encryption technologies to present their products to the agency with the goal of improving American cybersecurity. But a top-secret N.S.A. document suggests that the agency’s hacking division uses that same program to develop and “leverage sensitive, cooperative relationships with specific industry partners” to insert vulnerabilities into Internet security products.
By introducing such back doors, the N.S.A. has surreptitiously accomplished what it had failed to do in the open. Two decades ago, officials grew concerned about the spread of strong encryption software like Pretty Good Privacy, designed by a programmer named Phil Zimmermann. The Clinton administration fought back by proposing the Clipper Chip, which would have effectively neutered digital encryption by ensuring that the N.S.A. always had the key. That proposal met a backlash from an unlikely coalition that included political opposites like Senator John Ashcroft, the Missouri Republican, and Senator John Kerry, the Massachusetts Democrat, as well as the televangelist Pat Robertson, Silicon Valley executives and the American Civil Liberties Union. All argued that the Clipper would kill not only the Fourth Amendment, but also America’s global technology edge.
By 1996, the White House backed down. But soon the N.S.A. began trying to anticipate and thwart encryption tools before they became mainstream. Each novel encryption effort generated anxiety. When Mr. Zimmermann introduced the Zfone, an encrypted phone technology, N.S.A. analysts circulated the announcement in an e-mail titled “This can’t be good.”
But by 2006, an N.S.A. document notes, the agency had broken into communications for three foreign airlines, one travel reservation system, one foreign government’s nuclear department and another’s Internet service by cracking the virtual private networks that protected them. By 2010, the Edgehill program, the British counter-encryption effort, was unscrambling VPN traffic for 30 targets and had set a goal of an additional 300.
But the agencies’ goal was to move away from decrypting targets’ tools one by one and instead decode, in real time, all of the information flying over the world’s fiber optic cables and through its Internet hubs, only afterward searching the decrypted material for valuable intelligence. A 2010 document calls for “a new approach for opportunistic decryption, rather than targeted.” By that year, a Bullrun briefing document claims that the agency had developed “groundbreaking capabilities” against encrypted Web chats and phone calls. Its successes against Secure Sockets Layer and virtual private networks were gaining momentum.
But the agency was concerned that it could lose the advantage it had worked so long to gain, if the mere “fact of” decryption became widely known. “These capabilities are among the Sigint community’s most fragile, and the inadvertent disclosure of the simple ‘fact of’ could alert the adversary and result in immediate loss of the capability,” a GCHQ document warned. Since Mr. Snowden’s disclosures ignited criticism of overreach and privacy infringements by the N.S.A., American technology companies have faced scrutiny from customers and the public over what some see as too cozy a relationship with the government. In response, some companies have begun to push back against what they describe as government bullying.
Google, Yahoo, Microsoft and Facebook have pressed for permission to reveal more about the government’s requests for cooperation. One e-mail encryption company, Lavabit, closed rather than comply with the agency’s demands for customer information; another, Silent Circle, ended its e-mail service rather than face such demands. In effect, facing the N.S.A.’s relentless advance, the companies surrendered. Ladar Levison, the founder of Lavabit, wrote a public letter to his disappointed customers, offering an ominous warning. “Without Congressional action or a strong judicial precedent,” he wrote, “I would strongly recommend against anyone trusting their private data to a company with physical ties to the United States.”
This article has been reported in partnership among The New York Times, The Guardian and ProPublica based on documents obtained by The Guardian. For The Guardian: James Ball, Julian Borger, Glenn Greenwald. For The New York Times: Nicole Perlroth, Scott Shane. For ProPublica: Jeff Larson.
More:
Revealed: how US and UK spy agencies defeat internet privacy and security
Obama assembles fragile alliance blaming Assad for chemical attacks
NSA surveillance: A guide to staying secure
NSA decryption revelations ‘provide roadmap’ to adversaries, US warns