Posts by Matthew Poole
Last ←Newer Page 1 2 3 4 5 Older→ First
-
Oh, the other thing which makes me think that "they" haven't managed to defeat public-key encryption completely: Snowden used GPG or similar to establish his initial contact and then send proof of bona fides. He explicitly said that the risk was uber-powerful brute force, and we already knew that that was possible (though I hadn't really thought of it in terms of "a trillion guesses per second"). If there was wholesale pwnage of public-key going on - and we've seen pretty good evidence that Snowden was able to see into any compartment - Snowden wouldn't have dared put anything more than a request for a face-to-face meeting into an email.
-
OnPoint: The Gift that Keeps on Making…, in reply to Matthew Poole,
it’s not normal for the compartment names to be classified.
Should have read "it's normal for the compartment names to be classified."
-
OnPoint: The Gift that Keeps on Making…, in reply to Rich of Observationz,
In the old days, in the UK at least, the level of a security clearance was a secret from the person holding that clearance.
Ain’t the case now. For one thing you have to be vetted, and sign forms, and the forms you have to sign are directly related to the level of vetting to which you are being subjected. If you’re subjected to a credit check – which you know about because you sign a form – then you’re being vetted for a Top Secret clearance. I actually don’t see how it would be possible to keep secret from someone their clearance level, because they have to know which levels they’re allowed to see.
Don’t mistake compartments for classification levels. TS Barfbutt and TS Crudclap, as Lucy so eloquently created, would be information compartments. They’re both classified Top Secret, but just holding a TS vetting doesn’t mean a person is entitled to access to those compartments - "need to know" still applies. An individual must also have been cleared for access to a particular compartment, and it’s not normal for the compartment names to be classified.
-
OnPoint: The Gift that Keeps on Making…, in reply to Rich of Observationz,
Matthew: you are assuming that what they publicise as ok for e.g. Top Secret is what they actually use.
Suite B is published so that private contractors can build products for use by the US government. I guess the NSA could conceivably buy up a bunch of hardware produced outside their community (but not use it) in order to maintain the cover for Suite B, but Suite B is not just published as a distraction technique.
-
OnPoint: Ich bin ein Cyberpunk, in reply to Stephen R,
The classic way of social engineering a worm into a secured environment is to drop an infected USB key or few in the parking lot of the target organisation. Infect a computer that's inside the border protections and then let the worm do its thing. Getting information out is a lot harder, particularly if it's a classified information environment which has been done properly (no flash drives, etc), but for a worm which is meant to be a one-way destructive infection it's very much easier.
And if you're truly paranoid about how you get information from one system to another you use write-once optical media because it enforces the air gap by never allowing uncontrolled writes back. You also disable auto-run, which shuts down most removable media infections. Optical media is also more obedient of things like not allowing auto-run, unlike flash drives.
-
OnPoint: Ich bin ein Cyberpunk, in reply to Rich of Observationz,
SELinux is open source. That means that many eyes outside the NSA will have inspected it to see if there are any holes.
Particularly since the NSA is not widely trusted by the Linux development community. That SELinux was an NSA project is just a guarantee that it has been vetted more thoroughly than most other parts of the kernel.
-
OnPoint: The Gift that Keeps on Making…, in reply to BenWilson,
Do you really think the first thing they’d do if they really cracked public key encryption would be to tell everyone?
They wouldn't, but the language in the BULLRUN briefing document is a little equivocal for such a massive breakthrough. There's also the matter of Suite B protocols (document last updated May this year) still being approved for use and implementation. If "they" had found a way to break public-key generally, Suite B would cease to be approved for at least Top Secret material in very short order. Because if "they" can do it, they're damned sure that the Russians and Chinese will figure it out before too long. The Five Eyes don't have a monopoly on theoretical mathematicians.
-
OnPoint: BTW, the NZ Police can use…, in reply to BenWilson,
the stupid problem of trying to hack the security of private individuals
And foreign governments, and criminals/terrorists. It's not about reading your and my email, though that's a handy bonus prize. Reading the signals of foreign governments is, by far, the biggest interest of the intelligence services, with those of nefarious intent a close second.
-
OnPoint: BTW, the NZ Police can use…, in reply to Martin Lindberg,
I’m assuming the GCSB is one of GCHQ’s 2nd Party partners:
From the BULLRUN Briefing Sheet From GCHQ
At TOP SECRET STRAP1 COMINT AUSCANZUKUS EYES
AUSCANZUKUS (pronounced Oz-Can-Zoo-Kus by those in the defence/intel communities) is shorthand for the Five Eyes partners so, yes, GCSB is one of those on the restricted distribution list.
That list of penetrated tech is pretty scary. It's basically every type of connection security commonly in use by the public. There are potentially some caveats, given that there are known-weak versions of those protocols, but the possibility that they are whole-scale broken to Five Eyes is nasty.
-
OnPoint: BTW, the NZ Police can use…, in reply to Rich of Observationz,
Maybe they take the view that even if the Russians know the location of every Trident sub, they probably won’t be starting a nuclear war anytime soon.
There's much more than just unit movement orders at stake, and many more outfits than just the Russian intelligence services who would be both interested and capable. That was the case even in 2006 when AES was being selected and confirmed, too.
Is it possible that the NSA decided to trade-off opening every US national security secret to the world in return for reading everyone else's traffic? Yes.
Is it plausible? Not so much.